summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPeter Volkov <pva@gentoo.org>2009-03-28 08:16:40 +0000
committerPeter Volkov <pva@gentoo.org>2009-03-28 08:16:40 +0000
commit1ed4fc6f56eab6480a26cec3fe2cf67afb9c8226 (patch)
treec0e3479071f33f81cb934ebf17a005a39395c2ce
parentVersion bump (diff)
downloadgentoo-2-1ed4fc6f56eab6480a26cec3fe2cf67afb9c8226.tar.gz
gentoo-2-1ed4fc6f56eab6480a26cec3fe2cf67afb9c8226.tar.bz2
gentoo-2-1ed4fc6f56eab6480a26cec3fe2cf67afb9c8226.zip
Fixed EJAB-890 (subscription request produces many authorization requests with some clients and transports), bug #263950, thank Vadim Efimov for report and fix.
(Portage version: 2.2_rc26/cvs/Linux i686)
-rw-r--r--net-im/ejabberd/ChangeLog10
-rw-r--r--net-im/ejabberd/ejabberd-2.0.4-r1.ebuild159
-rw-r--r--net-im/ejabberd/files/ejabberd-2.0.4-fix-EJAB-890.patch167
3 files changed, 335 insertions, 1 deletions
diff --git a/net-im/ejabberd/ChangeLog b/net-im/ejabberd/ChangeLog
index 7e8bdc9006f8..6dc7b7ca7e85 100644
--- a/net-im/ejabberd/ChangeLog
+++ b/net-im/ejabberd/ChangeLog
@@ -1,6 +1,14 @@
# ChangeLog for net-im/ejabberd
# Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-im/ejabberd/ChangeLog,v 1.53 2009/03/27 19:40:57 hanno Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-im/ejabberd/ChangeLog,v 1.54 2009/03/28 08:16:39 pva Exp $
+
+*ejabberd-2.0.4-r1 (28 Mar 2009)
+
+ 28 Mar 2009; Peter Volkov <pva@gentoo.org>
+ +files/ejabberd-2.0.4-fix-EJAB-890.patch, +ejabberd-2.0.4-r1.ebuild:
+ Fixed EJAB-890 (subscription request produces many authorization requests
+ with some clients and transports), bug #263950, thank Vadim Efimov for
+ report and fix.
27 Mar 2009; Hanno Boeck <hanno@gentoo.org> files/ejabberd-2.0.1.initd,
files/ejabberd-2.0.2.initd, files/ejabberd-2.0.4.initd:
diff --git a/net-im/ejabberd/ejabberd-2.0.4-r1.ebuild b/net-im/ejabberd/ejabberd-2.0.4-r1.ebuild
new file mode 100644
index 000000000000..3a918707fbf1
--- /dev/null
+++ b/net-im/ejabberd/ejabberd-2.0.4-r1.ebuild
@@ -0,0 +1,159 @@
+# Copyright 1999-2009 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-im/ejabberd/ejabberd-2.0.4-r1.ebuild,v 1.1 2009/03/28 08:16:39 pva Exp $
+
+inherit eutils multilib
+
+JABBER_ETC="/etc/jabber"
+JABBER_RUN="/var/run/jabber"
+JABBER_SPOOL="/var/spool/jabber"
+JABBER_LOG="/var/log/jabber"
+
+MY_PV=${PV}
+MY_P=${PN}-${MY_PV}
+
+DESCRIPTION="The Erlang Jabber Daemon"
+HOMEPAGE="http://www.ejabberd.im/"
+SRC_URI="http://www.process-one.net/downloads/ejabberd/${PV}/${MY_P}.tar.gz"
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~ppc ~x86"
+IUSE="debug mod_irc mod_muc mod_pubsub ldap odbc pam ssl web zlib"
+
+DEPEND=">=net-im/jabber-base-0.01
+ >=dev-libs/expat-1.95
+ >=dev-lang/erlang-11.2.5
+ odbc? ( dev-db/unixODBC )
+ ldap? ( =net-nds/openldap-2* )
+ ssl? ( >=dev-libs/openssl-0.9.8e )
+ zlib? ( sys-libs/zlib )"
+RDEPEND="${DEPEND}"
+
+PROVIDE="virtual/jabber-server"
+
+S=${WORKDIR}/${MY_P}/src
+
+src_unpack() {
+ unpack ${A}
+ cd "${S}"
+
+ # Bug #171427
+ epatch "${FILESDIR}/2.0.0-missing-declaration.patch"
+ epatch "${FILESDIR}/${PN}-2.0.4-fix-EJAB-890.patch" #263950
+
+ # get rid of the prefix
+ sed -i -e "s/\\@prefix\\@//" "${S}/Makefile.in" \
+ || die "cannot sed Makefile.in"
+ # we want ejabberdctl in /usr/sbin not /sbin !!!
+ sed -i -e "s/\\/sbin/\\/usr\\/sbin/" "${S}/Makefile.in" \
+ || die "cannot sed Makefile.in"
+}
+
+src_compile() {
+ econf --prefix=/ \
+ $(use_enable mod_irc) \
+ $(use_enable ldap eldap) \
+ $(use_enable mod_muc) \
+ $(use_enable mod_pubsub) \
+ $(use_enable ssl tls) \
+ $(use_enable web) \
+ $(use_enable odbc) \
+ $(use_enable zlib ejabberd_zlib) \
+ $(use_enable pam) \
+ || die "econf failed"
+
+ if useq debug; then
+ emake ejabberd_debug=true || die "compiling ejabberd core failed"
+ else
+ emake || die "compiling ejabberd core failed"
+ fi
+}
+
+src_install() {
+ make \
+ DESTDIR="${D}" \
+ EJABBERDDIR="${D}/usr/$(get_libdir)/erlang/lib/${P}" \
+ ETCDIR="${D}${JABBER_ETC}" \
+ LOGDIR="${D}${JABBER_LOG}" \
+ install || die "install failed"
+
+ # remove the default ejabberdctl as we use our own
+ rm "${D}/sbin/ejabberdctl"
+
+ insinto ${JABBER_ETC}
+
+ chown -R jabber:jabber "${D}${JABBER_ETC}"
+ chown -R jabber:jabber "${D}${JABBER_LOG}"
+ chown -R jabber:jabber "${D}/usr/$(get_libdir)/erlang/lib/${P}"
+
+ if useq ssl ; then
+ doins "${FILESDIR}/ssl.cnf"
+ newins "${FILESDIR}/self-cert-v2.sh" self-cert.sh
+ fi
+
+ # Pam helper module permissions
+ # http://www.process-one.net/docs/ejabberd/guide_en.html
+ if useq pam; then
+ chown root:jabber "${D}"/usr/lib/erlang/lib/${P}/priv/bin/epam
+ chmod 4750 "${D}"/usr/lib/erlang/lib/${P}/priv/bin/epam
+ fi
+
+ cd "${WORKDIR}/${MY_P}/doc"
+ dodoc "release_notes_${MY_PV}.txt"
+ dohtml *.{html,png}
+
+ # set up /usr/sbin/ejabberd wrapper
+ cat "${FILESDIR}/ejabberd-wrapper-${MY_PV}.template" \
+ | sed -e "s/\@libdir\@/$(get_libdir)/g" -e "s/\@version\@/${PV}/g" \
+ > "${T}/ejabberd"
+ exeinto /usr/sbin
+ doexe "${T}/ejabberd"
+
+ # set up /usr/sbin/ejabberdctl wrapper
+ cat "${FILESDIR}/ejabberdctl-wrapper-${MY_PV}.template" \
+ | sed -e "s/\@libdir\@/$(get_libdir)/g" -e "s/\@version\@/${PV}/g" \
+ > "${T}/ejabberdctl"
+ doexe "${T}/ejabberdctl"
+
+ dodir /var/lib/ejabberd
+ newinitd "${FILESDIR}/${MY_P}.initd" ${PN}
+ newconfd "${FILESDIR}/${MY_P}.confd" ${PN}
+
+ # fix up the ssl cert paths in /etc/jabber/ejabberd.cfg to use the cert
+ # that would be generated by /etc/jabber/self-cert.sh
+ sed -i -e "s/\/path\/to\/ssl.pem/\/etc\/jabber\/ssl.pem/g" \
+ "${D}${JABBER_ETC}/ejabberd.cfg" || die "Cannot sed ejabberd.cfg"
+
+ # if mod_irc is not enabled, comment out the mod_irc in the default
+ # ejabberd.cfg
+ if ! use mod_irc; then
+ sed -i -e "s/{mod_irc,/%{mod_irc,/" \
+ "${D}${JABBER_ETC}/ejabberd.cfg" || die "Cannot sed ejabberd.cfg"
+ fi
+}
+
+pkg_postinst() {
+ elog "For configuration instructions, please see"
+ elog "/usr/share/doc/${PF}/html/guide.html, or the online version at"
+ elog "http://www.process-one.net/en/projects/ejabberd/docs/guide_en.html"
+ if useq ssl ; then
+ if [ ! -e /etc/jabber/ssl.pem ]; then
+ elog "Please edit ${JABBER_ETC}/ssl.cnf and run ${JABBER_ETC}/self-cert.sh"
+ elog "Ejabberd may refuse to start without an SSL certificate"
+ fi
+ fi
+ if ! useq web ; then
+ elog "The web USE flag is off, this has disabled the web admin interface."
+ fi
+ elog "===================================================================="
+ elog 'Quick Start Guide:'
+ elog '1) Add output of `hostname -f` to /etc/jabber/ejabberd.cfg line 89'
+ elog ' {hosts, ["localhost", "thehost"]}.'
+ elog '2) Add an admin user to /etc/jabber/ejabberd.cfg line 324'
+ elog ' {acl, admin, {user, "theadmin", "thehost"}}.'
+ elog '3) Start the server'
+ elog ' # /etc/init.d/ejabberd start'
+ elog '4) Register the admin user'
+ elog ' # /usr/sbin/ejabberdctl register theadmin thehost thepassword'
+ elog '5) Log in with your favourite jabber client or using the web admin'
+}
diff --git a/net-im/ejabberd/files/ejabberd-2.0.4-fix-EJAB-890.patch b/net-im/ejabberd/files/ejabberd-2.0.4-fix-EJAB-890.patch
new file mode 100644
index 000000000000..3da58ce6b83d
--- /dev/null
+++ b/net-im/ejabberd/files/ejabberd-2.0.4-fix-EJAB-890.patch
@@ -0,0 +1,167 @@
+diff --git a/src/ejabberd_c2s.erl b/src/ejabberd_c2s.erl
+index 9bd5ba5..40cba2a 100644
+--- ejabberd_c2s.erl
++++ ejabberd_c2s.erl
+@@ -1091,21 +1091,16 @@ handle_info({route, From, To, Packet}, StateName, StateData) ->
+ Attrs1 = lists:keydelete("type", 1, Attrs),
+ {true, [{"type", "unavailable"} | Attrs1], StateData};
+ "subscribe" ->
+- Reason = xml:get_path_s(Packet,[{elem,"status"},cdata]),
+- SRes = check_privacy_subs(in, subscribe, From, To,
+- Packet, Reason, StateData),
++ SRes = is_privacy_allow(From, To, Packet, StateData#state.privacy_list),
+ {SRes, Attrs, StateData};
+ "subscribed" ->
+- SRes = check_privacy_subs(in, subscribed, From, To,
+- Packet, "", StateData),
++ SRes = is_privacy_allow(From, To, Packet, StateData#state.privacy_list),
+ {SRes, Attrs, StateData};
+ "unsubscribe" ->
+- SRes = check_privacy_subs(in, unsubscribe, From, To,
+- Packet, "", StateData),
++ SRes = is_privacy_allow(From, To, Packet, StateData#state.privacy_list),
+ {SRes, Attrs, StateData};
+ "unsubscribed" ->
+- SRes = check_privacy_subs(in, unsubscribed, From, To,
+- Packet, "", StateData),
++ SRes = is_privacy_allow(From, To, Packet, StateData#state.privacy_list),
+ {SRes, Attrs, StateData};
+ _ ->
+ case ejabberd_hooks:run_fold(
+@@ -1628,35 +1623,18 @@ presence_track(From, To, Packet, StateData) ->
+ pres_a = A}
+ end.
+
+-%% Check privacy rules for subscription requests and call the roster storage
+-check_privacy_subs(Dir, Type, From, To, Packet, Reason, StateData) ->
+- case is_privacy_allow(From, To, Dir, Packet, StateData) of
+- true ->
+- ejabberd_hooks:run_fold(
+- roster_in_subscription,
+- To#jid.lserver,
+- false,
+- [To#jid.user, To#jid.server, From, Type, Reason]),
+- true;
+- false ->
+- false
+- end.
+-
+-%% Check if privacy rules allow this delivery, then push to roster
+-is_privacy_allow(From, To, Dir, Packet, StateData) ->
+- case ejabberd_hooks:run_fold(
+- privacy_check_packet, StateData#state.server,
+- allow,
+- [StateData#state.user,
+- StateData#state.server,
+- StateData#state.privacy_list,
+- {From, To, Packet},
+- Dir]) of
+- deny ->
+- false;
+- allow ->
+- true
+- end.
++%% Check if privacy rules allow this delivery
++is_privacy_allow(From, To, Packet, PrivacyList) ->
++ User = To#jid.user,
++ Server = To#jid.server,
++ allow == ejabberd_hooks:run_fold(
++ privacy_check_packet, Server,
++ allow,
++ [User,
++ Server,
++ PrivacyList,
++ {From, To, Packet},
++ in]).
+
+ presence_broadcast(StateData, From, JIDSet, Packet) ->
+ lists:foreach(fun(JID) ->
+diff --git a/src/ejabberd_sm.erl b/src/ejabberd_sm.erl
+index 9a56e5f..148ef5a 100644
+--- ejabberd_sm.erl
++++ ejabberd_sm.erl
+@@ -59,6 +59,7 @@
+ -include("ejabberd.hrl").
+ -include("jlib.hrl").
+ -include("ejabberd_ctl.hrl").
++-include("mod_privacy.hrl").
+
+ -record(session, {sid, usr, us, priority, info}).
+ -record(state, {}).
+@@ -381,13 +382,40 @@ do_route(From, To, Packet) ->
+ {Pass, _Subsc} =
+ case xml:get_attr_s("type", Attrs) of
+ "subscribe" ->
+- {true, true};
++ Reason = xml:get_path_s(
++ Packet,
++ [{elem, "status"}, cdata]),
++ {is_privacy_allow(From, To, Packet) andalso
++ ejabberd_hooks:run_fold(
++ roster_in_subscription,
++ LServer,
++ false,
++ [User, Server, From, subscribe, Reason]),
++ true};
+ "subscribed" ->
+- {true, true};
++ {is_privacy_allow(From, To, Packet) andalso
++ ejabberd_hooks:run_fold(
++ roster_in_subscription,
++ LServer,
++ false,
++ [User, Server, From, subscribed, ""]),
++ true};
+ "unsubscribe" ->
+- {true, true};
++ {is_privacy_allow(From, To, Packet) andalso
++ ejabberd_hooks:run_fold(
++ roster_in_subscription,
++ LServer,
++ false,
++ [User, Server, From, unsubscribe, ""]),
++ true};
+ "unsubscribed" ->
+- {true, true};
++ {is_privacy_allow(From, To, Packet) andalso
++ ejabberd_hooks:run_fold(
++ roster_in_subscription,
++ LServer,
++ false,
++ [User, Server, From, unsubscribed, ""]),
++ true};
+ _ ->
+ {true, false}
+ end,
+@@ -446,6 +474,31 @@ do_route(From, To, Packet) ->
+ end
+ end.
+
++%% The default list applies to the user as a whole,
++%% and is processed if there is no active list set
++%% for the target session/resource to which a stanza is addressed,
++%% or if there are no current sessions for the user.
++is_privacy_allow(From, To, Packet) ->
++ User = To#jid.user,
++ Server = To#jid.server,
++ PrivacyList = ejabberd_hooks:run_fold(privacy_get_user_list, Server,
++ #userlist{}, [User, Server]),
++ is_privacy_allow(From, To, Packet, PrivacyList).
++
++%% Check if privacy rules allow this delivery
++%% Function copied from ejabberd_c2s.erl
++is_privacy_allow(From, To, Packet, PrivacyList) ->
++ User = To#jid.user,
++ Server = To#jid.server,
++ allow == ejabberd_hooks:run_fold(
++ privacy_check_packet, Server,
++ allow,
++ [User,
++ Server,
++ PrivacyList,
++ {From, To, Packet},
++ in]).
++
+ route_message(From, To, Packet) ->
+ LUser = To#jid.luser,
+ LServer = To#jid.lserver,