diff options
author | Peter Volkov <pva@gentoo.org> | 2009-03-28 08:16:40 +0000 |
---|---|---|
committer | Peter Volkov <pva@gentoo.org> | 2009-03-28 08:16:40 +0000 |
commit | 1ed4fc6f56eab6480a26cec3fe2cf67afb9c8226 (patch) | |
tree | c0e3479071f33f81cb934ebf17a005a39395c2ce | |
parent | Version bump (diff) | |
download | gentoo-2-1ed4fc6f56eab6480a26cec3fe2cf67afb9c8226.tar.gz gentoo-2-1ed4fc6f56eab6480a26cec3fe2cf67afb9c8226.tar.bz2 gentoo-2-1ed4fc6f56eab6480a26cec3fe2cf67afb9c8226.zip |
Fixed EJAB-890 (subscription request produces many authorization requests with some clients and transports), bug #263950, thank Vadim Efimov for report and fix.
(Portage version: 2.2_rc26/cvs/Linux i686)
-rw-r--r-- | net-im/ejabberd/ChangeLog | 10 | ||||
-rw-r--r-- | net-im/ejabberd/ejabberd-2.0.4-r1.ebuild | 159 | ||||
-rw-r--r-- | net-im/ejabberd/files/ejabberd-2.0.4-fix-EJAB-890.patch | 167 |
3 files changed, 335 insertions, 1 deletions
diff --git a/net-im/ejabberd/ChangeLog b/net-im/ejabberd/ChangeLog index 7e8bdc9006f8..6dc7b7ca7e85 100644 --- a/net-im/ejabberd/ChangeLog +++ b/net-im/ejabberd/ChangeLog @@ -1,6 +1,14 @@ # ChangeLog for net-im/ejabberd # Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-im/ejabberd/ChangeLog,v 1.53 2009/03/27 19:40:57 hanno Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-im/ejabberd/ChangeLog,v 1.54 2009/03/28 08:16:39 pva Exp $ + +*ejabberd-2.0.4-r1 (28 Mar 2009) + + 28 Mar 2009; Peter Volkov <pva@gentoo.org> + +files/ejabberd-2.0.4-fix-EJAB-890.patch, +ejabberd-2.0.4-r1.ebuild: + Fixed EJAB-890 (subscription request produces many authorization requests + with some clients and transports), bug #263950, thank Vadim Efimov for + report and fix. 27 Mar 2009; Hanno Boeck <hanno@gentoo.org> files/ejabberd-2.0.1.initd, files/ejabberd-2.0.2.initd, files/ejabberd-2.0.4.initd: diff --git a/net-im/ejabberd/ejabberd-2.0.4-r1.ebuild b/net-im/ejabberd/ejabberd-2.0.4-r1.ebuild new file mode 100644 index 000000000000..3a918707fbf1 --- /dev/null +++ b/net-im/ejabberd/ejabberd-2.0.4-r1.ebuild @@ -0,0 +1,159 @@ +# Copyright 1999-2009 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-im/ejabberd/ejabberd-2.0.4-r1.ebuild,v 1.1 2009/03/28 08:16:39 pva Exp $ + +inherit eutils multilib + +JABBER_ETC="/etc/jabber" +JABBER_RUN="/var/run/jabber" +JABBER_SPOOL="/var/spool/jabber" +JABBER_LOG="/var/log/jabber" + +MY_PV=${PV} +MY_P=${PN}-${MY_PV} + +DESCRIPTION="The Erlang Jabber Daemon" +HOMEPAGE="http://www.ejabberd.im/" +SRC_URI="http://www.process-one.net/downloads/ejabberd/${PV}/${MY_P}.tar.gz" +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~ppc ~x86" +IUSE="debug mod_irc mod_muc mod_pubsub ldap odbc pam ssl web zlib" + +DEPEND=">=net-im/jabber-base-0.01 + >=dev-libs/expat-1.95 + >=dev-lang/erlang-11.2.5 + odbc? ( dev-db/unixODBC ) + ldap? ( =net-nds/openldap-2* ) + ssl? ( >=dev-libs/openssl-0.9.8e ) + zlib? ( sys-libs/zlib )" +RDEPEND="${DEPEND}" + +PROVIDE="virtual/jabber-server" + +S=${WORKDIR}/${MY_P}/src + +src_unpack() { + unpack ${A} + cd "${S}" + + # Bug #171427 + epatch "${FILESDIR}/2.0.0-missing-declaration.patch" + epatch "${FILESDIR}/${PN}-2.0.4-fix-EJAB-890.patch" #263950 + + # get rid of the prefix + sed -i -e "s/\\@prefix\\@//" "${S}/Makefile.in" \ + || die "cannot sed Makefile.in" + # we want ejabberdctl in /usr/sbin not /sbin !!! + sed -i -e "s/\\/sbin/\\/usr\\/sbin/" "${S}/Makefile.in" \ + || die "cannot sed Makefile.in" +} + +src_compile() { + econf --prefix=/ \ + $(use_enable mod_irc) \ + $(use_enable ldap eldap) \ + $(use_enable mod_muc) \ + $(use_enable mod_pubsub) \ + $(use_enable ssl tls) \ + $(use_enable web) \ + $(use_enable odbc) \ + $(use_enable zlib ejabberd_zlib) \ + $(use_enable pam) \ + || die "econf failed" + + if useq debug; then + emake ejabberd_debug=true || die "compiling ejabberd core failed" + else + emake || die "compiling ejabberd core failed" + fi +} + +src_install() { + make \ + DESTDIR="${D}" \ + EJABBERDDIR="${D}/usr/$(get_libdir)/erlang/lib/${P}" \ + ETCDIR="${D}${JABBER_ETC}" \ + LOGDIR="${D}${JABBER_LOG}" \ + install || die "install failed" + + # remove the default ejabberdctl as we use our own + rm "${D}/sbin/ejabberdctl" + + insinto ${JABBER_ETC} + + chown -R jabber:jabber "${D}${JABBER_ETC}" + chown -R jabber:jabber "${D}${JABBER_LOG}" + chown -R jabber:jabber "${D}/usr/$(get_libdir)/erlang/lib/${P}" + + if useq ssl ; then + doins "${FILESDIR}/ssl.cnf" + newins "${FILESDIR}/self-cert-v2.sh" self-cert.sh + fi + + # Pam helper module permissions + # http://www.process-one.net/docs/ejabberd/guide_en.html + if useq pam; then + chown root:jabber "${D}"/usr/lib/erlang/lib/${P}/priv/bin/epam + chmod 4750 "${D}"/usr/lib/erlang/lib/${P}/priv/bin/epam + fi + + cd "${WORKDIR}/${MY_P}/doc" + dodoc "release_notes_${MY_PV}.txt" + dohtml *.{html,png} + + # set up /usr/sbin/ejabberd wrapper + cat "${FILESDIR}/ejabberd-wrapper-${MY_PV}.template" \ + | sed -e "s/\@libdir\@/$(get_libdir)/g" -e "s/\@version\@/${PV}/g" \ + > "${T}/ejabberd" + exeinto /usr/sbin + doexe "${T}/ejabberd" + + # set up /usr/sbin/ejabberdctl wrapper + cat "${FILESDIR}/ejabberdctl-wrapper-${MY_PV}.template" \ + | sed -e "s/\@libdir\@/$(get_libdir)/g" -e "s/\@version\@/${PV}/g" \ + > "${T}/ejabberdctl" + doexe "${T}/ejabberdctl" + + dodir /var/lib/ejabberd + newinitd "${FILESDIR}/${MY_P}.initd" ${PN} + newconfd "${FILESDIR}/${MY_P}.confd" ${PN} + + # fix up the ssl cert paths in /etc/jabber/ejabberd.cfg to use the cert + # that would be generated by /etc/jabber/self-cert.sh + sed -i -e "s/\/path\/to\/ssl.pem/\/etc\/jabber\/ssl.pem/g" \ + "${D}${JABBER_ETC}/ejabberd.cfg" || die "Cannot sed ejabberd.cfg" + + # if mod_irc is not enabled, comment out the mod_irc in the default + # ejabberd.cfg + if ! use mod_irc; then + sed -i -e "s/{mod_irc,/%{mod_irc,/" \ + "${D}${JABBER_ETC}/ejabberd.cfg" || die "Cannot sed ejabberd.cfg" + fi +} + +pkg_postinst() { + elog "For configuration instructions, please see" + elog "/usr/share/doc/${PF}/html/guide.html, or the online version at" + elog "http://www.process-one.net/en/projects/ejabberd/docs/guide_en.html" + if useq ssl ; then + if [ ! -e /etc/jabber/ssl.pem ]; then + elog "Please edit ${JABBER_ETC}/ssl.cnf and run ${JABBER_ETC}/self-cert.sh" + elog "Ejabberd may refuse to start without an SSL certificate" + fi + fi + if ! useq web ; then + elog "The web USE flag is off, this has disabled the web admin interface." + fi + elog "====================================================================" + elog 'Quick Start Guide:' + elog '1) Add output of `hostname -f` to /etc/jabber/ejabberd.cfg line 89' + elog ' {hosts, ["localhost", "thehost"]}.' + elog '2) Add an admin user to /etc/jabber/ejabberd.cfg line 324' + elog ' {acl, admin, {user, "theadmin", "thehost"}}.' + elog '3) Start the server' + elog ' # /etc/init.d/ejabberd start' + elog '4) Register the admin user' + elog ' # /usr/sbin/ejabberdctl register theadmin thehost thepassword' + elog '5) Log in with your favourite jabber client or using the web admin' +} diff --git a/net-im/ejabberd/files/ejabberd-2.0.4-fix-EJAB-890.patch b/net-im/ejabberd/files/ejabberd-2.0.4-fix-EJAB-890.patch new file mode 100644 index 000000000000..3da58ce6b83d --- /dev/null +++ b/net-im/ejabberd/files/ejabberd-2.0.4-fix-EJAB-890.patch @@ -0,0 +1,167 @@ +diff --git a/src/ejabberd_c2s.erl b/src/ejabberd_c2s.erl +index 9bd5ba5..40cba2a 100644 +--- ejabberd_c2s.erl ++++ ejabberd_c2s.erl +@@ -1091,21 +1091,16 @@ handle_info({route, From, To, Packet}, StateName, StateData) -> + Attrs1 = lists:keydelete("type", 1, Attrs), + {true, [{"type", "unavailable"} | Attrs1], StateData}; + "subscribe" -> +- Reason = xml:get_path_s(Packet,[{elem,"status"},cdata]), +- SRes = check_privacy_subs(in, subscribe, From, To, +- Packet, Reason, StateData), ++ SRes = is_privacy_allow(From, To, Packet, StateData#state.privacy_list), + {SRes, Attrs, StateData}; + "subscribed" -> +- SRes = check_privacy_subs(in, subscribed, From, To, +- Packet, "", StateData), ++ SRes = is_privacy_allow(From, To, Packet, StateData#state.privacy_list), + {SRes, Attrs, StateData}; + "unsubscribe" -> +- SRes = check_privacy_subs(in, unsubscribe, From, To, +- Packet, "", StateData), ++ SRes = is_privacy_allow(From, To, Packet, StateData#state.privacy_list), + {SRes, Attrs, StateData}; + "unsubscribed" -> +- SRes = check_privacy_subs(in, unsubscribed, From, To, +- Packet, "", StateData), ++ SRes = is_privacy_allow(From, To, Packet, StateData#state.privacy_list), + {SRes, Attrs, StateData}; + _ -> + case ejabberd_hooks:run_fold( +@@ -1628,35 +1623,18 @@ presence_track(From, To, Packet, StateData) -> + pres_a = A} + end. + +-%% Check privacy rules for subscription requests and call the roster storage +-check_privacy_subs(Dir, Type, From, To, Packet, Reason, StateData) -> +- case is_privacy_allow(From, To, Dir, Packet, StateData) of +- true -> +- ejabberd_hooks:run_fold( +- roster_in_subscription, +- To#jid.lserver, +- false, +- [To#jid.user, To#jid.server, From, Type, Reason]), +- true; +- false -> +- false +- end. +- +-%% Check if privacy rules allow this delivery, then push to roster +-is_privacy_allow(From, To, Dir, Packet, StateData) -> +- case ejabberd_hooks:run_fold( +- privacy_check_packet, StateData#state.server, +- allow, +- [StateData#state.user, +- StateData#state.server, +- StateData#state.privacy_list, +- {From, To, Packet}, +- Dir]) of +- deny -> +- false; +- allow -> +- true +- end. ++%% Check if privacy rules allow this delivery ++is_privacy_allow(From, To, Packet, PrivacyList) -> ++ User = To#jid.user, ++ Server = To#jid.server, ++ allow == ejabberd_hooks:run_fold( ++ privacy_check_packet, Server, ++ allow, ++ [User, ++ Server, ++ PrivacyList, ++ {From, To, Packet}, ++ in]). + + presence_broadcast(StateData, From, JIDSet, Packet) -> + lists:foreach(fun(JID) -> +diff --git a/src/ejabberd_sm.erl b/src/ejabberd_sm.erl +index 9a56e5f..148ef5a 100644 +--- ejabberd_sm.erl ++++ ejabberd_sm.erl +@@ -59,6 +59,7 @@ + -include("ejabberd.hrl"). + -include("jlib.hrl"). + -include("ejabberd_ctl.hrl"). ++-include("mod_privacy.hrl"). + + -record(session, {sid, usr, us, priority, info}). + -record(state, {}). +@@ -381,13 +382,40 @@ do_route(From, To, Packet) -> + {Pass, _Subsc} = + case xml:get_attr_s("type", Attrs) of + "subscribe" -> +- {true, true}; ++ Reason = xml:get_path_s( ++ Packet, ++ [{elem, "status"}, cdata]), ++ {is_privacy_allow(From, To, Packet) andalso ++ ejabberd_hooks:run_fold( ++ roster_in_subscription, ++ LServer, ++ false, ++ [User, Server, From, subscribe, Reason]), ++ true}; + "subscribed" -> +- {true, true}; ++ {is_privacy_allow(From, To, Packet) andalso ++ ejabberd_hooks:run_fold( ++ roster_in_subscription, ++ LServer, ++ false, ++ [User, Server, From, subscribed, ""]), ++ true}; + "unsubscribe" -> +- {true, true}; ++ {is_privacy_allow(From, To, Packet) andalso ++ ejabberd_hooks:run_fold( ++ roster_in_subscription, ++ LServer, ++ false, ++ [User, Server, From, unsubscribe, ""]), ++ true}; + "unsubscribed" -> +- {true, true}; ++ {is_privacy_allow(From, To, Packet) andalso ++ ejabberd_hooks:run_fold( ++ roster_in_subscription, ++ LServer, ++ false, ++ [User, Server, From, unsubscribed, ""]), ++ true}; + _ -> + {true, false} + end, +@@ -446,6 +474,31 @@ do_route(From, To, Packet) -> + end + end. + ++%% The default list applies to the user as a whole, ++%% and is processed if there is no active list set ++%% for the target session/resource to which a stanza is addressed, ++%% or if there are no current sessions for the user. ++is_privacy_allow(From, To, Packet) -> ++ User = To#jid.user, ++ Server = To#jid.server, ++ PrivacyList = ejabberd_hooks:run_fold(privacy_get_user_list, Server, ++ #userlist{}, [User, Server]), ++ is_privacy_allow(From, To, Packet, PrivacyList). ++ ++%% Check if privacy rules allow this delivery ++%% Function copied from ejabberd_c2s.erl ++is_privacy_allow(From, To, Packet, PrivacyList) -> ++ User = To#jid.user, ++ Server = To#jid.server, ++ allow == ejabberd_hooks:run_fold( ++ privacy_check_packet, Server, ++ allow, ++ [User, ++ Server, ++ PrivacyList, ++ {From, To, Packet}, ++ in]). ++ + route_message(From, To, Packet) -> + LUser = To#jid.luser, + LServer = To#jid.lserver, |