aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--testing/ejabberd/APKBUILD23
-rw-r--r--testing/ejabberd/gssapi-2.1.0.diff410
2 files changed, 5 insertions, 428 deletions
diff --git a/testing/ejabberd/APKBUILD b/testing/ejabberd/APKBUILD
index b6395c64ba..c3bd75a5c9 100644
--- a/testing/ejabberd/APKBUILD
+++ b/testing/ejabberd/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Francesco Colista <francesco.colista@gmail.com>
pkgname=ejabberd
pkgver=2.1.12
-pkgrel=1
+pkgrel=2
pkgdesc="An erlang jabber server"
url="http://www.ejabberd.im"
arch="all"
@@ -14,19 +14,9 @@ pkgusers="ejabberd"
pkggroups="ejabberd"
install="$pkgname.pre-install"
subpackages="$pkgname-dev $pkgname-doc"
-source="http://www.process-one.net/downloads/$pkgname/$pkgver/$pkgname-$pkgver.tgz
- gssapi-2.1.0.diff"
+source="http://www.process-one.net/downloads/$pkgname/$pkgver/$pkgname-$pkgver.tgz"
_builddir="$srcdir"/$pkgname-$pkgver
-prepare() {
- cd "$_builddir"
- for i in $source; do
- case $i in
- *.patch) msg $i; patch -p2 -i "$srcdir"/$i || return 1;;
- esac
- done
-}
-
build() {
cd "$_builddir"/src
./configure --prefix=/usr \
@@ -52,9 +42,6 @@ package() {
chgrp ejabberd "$pkgdir"/etc/ejabberd/ejabberd.cfg "$pkgdir"/etc/ejabberd/ejabberdctl.cfg "$pkgdir"/etc/ejabberd
}
-md5sums="7d49242cf04282f3c4cebfafa2cc2f46 ejabberd-2.1.12.tgz
-e68959e95b5bf8974d1eee03bd3397a7 gssapi-2.1.0.diff"
-sha256sums="38f0825346773c00c85a66b33586c75f2d191d1eb0ed8ae09fa17368d6ddfd19 ejabberd-2.1.12.tgz
-3cb3d3a8dcd7a5369a36c674fd26f3b60d976a76fc55ca3da329db851d3ff48d gssapi-2.1.0.diff"
-sha512sums="725ab9563a6c73e85b5115f66bac157cf9b1170913c1bfed7cf066408c6b3ac5b4bdba22c6c3ed1505391a7048a86ce3b59484f78264ab023612c539422278db ejabberd-2.1.12.tgz
-031f8ff688c947988ac6de56757f35b7d5d9dead3d5c8ed1b6fffada7b358616ce56ad92cfe65e004fd665908277c0609c5223cdcb0e366dd2965d19d25b944f gssapi-2.1.0.diff"
+md5sums="7d49242cf04282f3c4cebfafa2cc2f46 ejabberd-2.1.12.tgz"
+sha256sums="38f0825346773c00c85a66b33586c75f2d191d1eb0ed8ae09fa17368d6ddfd19 ejabberd-2.1.12.tgz"
+sha512sums="725ab9563a6c73e85b5115f66bac157cf9b1170913c1bfed7cf066408c6b3ac5b4bdba22c6c3ed1505391a7048a86ce3b59484f78264ab023612c539422278db ejabberd-2.1.12.tgz"
diff --git a/testing/ejabberd/gssapi-2.1.0.diff b/testing/ejabberd/gssapi-2.1.0.diff
deleted file mode 100644
index d3d5578773..0000000000
--- a/testing/ejabberd/gssapi-2.1.0.diff
+++ /dev/null
@@ -1,410 +0,0 @@
-commit e99cc20600e5668e4edb9a2671e0cb7a23663389
-Author: Badlop <badlop@process-one.net>
-Date: Tue Sep 29 15:10:15 2009 +0200
-
- Support to authenticate against SASL GSSAPI http://www.ejabberd.im/cyrsasl_gssapi
-
-diff --git a/src/cyrsasl.erl b/src/cyrsasl.erl
-index f993b99..e8bd275 100644
---- a/src/cyrsasl.erl
-+++ b/src/cyrsasl.erl
-@@ -30,19 +30,20 @@
- -export([start/0,
- register_mechanism/3,
- listmech/1,
-- server_new/7,
-+ server_new/8,
- server_start/3,
- server_step/2]).
-
- -record(sasl_mechanism, {mechanism, module, require_plain_password}).
---record(sasl_state, {service, myname, realm,
-- get_password, check_password, check_password_digest,
-- mech_mod, mech_state}).
-+-record(sasl_state, {service, myname,
-+ mech_mod, mech_state, ctx}).
-+
-+-include("ejabberd.hrl").
-
- -export([behaviour_info/1]).
-
- behaviour_info(callbacks) ->
-- [{mech_new, 4}, {mech_step, 2}];
-+ [{mech_new, 1}, {mech_step, 2}];
- behaviour_info(_Other) ->
- undefined.
-
-@@ -50,6 +51,7 @@ start() ->
- ets:new(sasl_mechanism, [named_table,
- public,
- {keypos, #sasl_mechanism.mechanism}]),
-+ cyrsasl_gssapi:start([]),
- cyrsasl_plain:start([]),
- cyrsasl_digest:start([]),
- cyrsasl_anonymous:start([]),
-@@ -113,24 +115,26 @@ listmech(Host) ->
- filter_anonymous(Host, Mechs).
-
- server_new(Service, ServerFQDN, UserRealm, _SecFlags,
-- GetPassword, CheckPassword, CheckPasswordDigest) ->
-+ GetPassword, CheckPassword, CheckPasswordDigest, FQDN) ->
-+ Ctx = #sasl_ctx{
-+ host = ServerFQDN,
-+ realm = UserRealm,
-+ get_password = GetPassword,
-+ check_password = CheckPassword,
-+ check_password_digest= CheckPasswordDigest,
-+ fqdn = FQDN
-+ },
-+
- #sasl_state{service = Service,
- myname = ServerFQDN,
-- realm = UserRealm,
-- get_password = GetPassword,
-- check_password = CheckPassword,
-- check_password_digest= CheckPasswordDigest}.
-+ ctx = Ctx}.
-
- server_start(State, Mech, ClientIn) ->
- case lists:member(Mech, listmech(State#sasl_state.myname)) of
- true ->
- case ets:lookup(sasl_mechanism, Mech) of
- [#sasl_mechanism{module = Module}] ->
-- {ok, MechState} = Module:mech_new(
-- State#sasl_state.myname,
-- State#sasl_state.get_password,
-- State#sasl_state.check_password,
-- State#sasl_state.check_password_digest),
-+ {ok, MechState} = Module:mech_new(State#sasl_state.ctx),
- server_step(State#sasl_state{mech_mod = Module,
- mech_state = MechState},
- ClientIn);
-diff --git a/src/cyrsasl_anonymous.erl b/src/cyrsasl_anonymous.erl
-index 19e65d6..af93207 100644
---- a/src/cyrsasl_anonymous.erl
-+++ b/src/cyrsasl_anonymous.erl
-@@ -27,12 +27,14 @@
-
- -module(cyrsasl_anonymous).
-
---export([start/1, stop/0, mech_new/4, mech_step/2]).
-+-export([start/1, stop/0, mech_new/1, mech_step/2]).
-
- -behaviour(cyrsasl).
-
- -record(state, {server}).
-
-+-include("ejabberd.hrl").
-+
- start(_Opts) ->
- cyrsasl:register_mechanism("ANONYMOUS", ?MODULE, false),
- ok.
-@@ -40,7 +42,7 @@ start(_Opts) ->
- stop() ->
- ok.
-
--mech_new(Host, _GetPassword, _CheckPassword, _CheckPasswordDigest) ->
-+mech_new(#sasl_ctx{host=Host}) ->
- {ok, #state{server = Host}}.
-
- mech_step(State, _ClientIn) ->
-diff --git a/src/cyrsasl_digest.erl b/src/cyrsasl_digest.erl
-index b3e80e0..d26fec1 100644
---- a/src/cyrsasl_digest.erl
-+++ b/src/cyrsasl_digest.erl
-@@ -29,7 +29,7 @@
-
- -export([start/1,
- stop/0,
-- mech_new/4,
-+ mech_new/1,
- mech_step/2]).
-
- -include("ejabberd.hrl").
-@@ -45,7 +45,7 @@ start(_Opts) ->
- stop() ->
- ok.
-
--mech_new(Host, GetPassword, _CheckPassword, CheckPasswordDigest) ->
-+mech_new(#sasl_ctx{host=Host, get_password=GetPassword, check_password = CheckPasswordDigest}) ->
- {ok, #state{step = 1,
- nonce = randoms:get_string(),
- host = Host,
-diff --git a/src/cyrsasl_gssapi.erl b/src/cyrsasl_gssapi.erl
-new file mode 100644
-index 0000000..d292565
---- /dev/null
-+++ b/src/cyrsasl_gssapi.erl
-@@ -0,0 +1,143 @@
-+%%%----------------------------------------------------------------------
-+%%% File : cyrsasl_gssapi.erl
-+%%% Author : Mikael Magnusson <mikma@users.sourceforge.net>
-+%%% Purpose : GSSAPI SASL mechanism
-+%%% Created : 1 June 2007 by Mikael Magnusson <mikma@users.sourceforge.net>
-+%%% Id : $Id: $
-+%%%----------------------------------------------------------------------
-+%%%
-+%%% Copyright (C) 2007 Mikael Magnusson <mikma@users.sourceforge.net>
-+%%%
-+%%% Permission is hereby granted, free of charge, to any person
-+%%% obtaining a copy of this software and associated documentation
-+%%% files (the "Software"), to deal in the Software without
-+%%% restriction, including without limitation the rights to use, copy,
-+%%% modify, merge, publish, distribute, sublicense, and/or sell copies
-+%%% of the Software, and to permit persons to whom the Software is
-+%%% furnished to do so, subject to the following conditions:
-+%%%
-+%%% The above copyright notice and this permission notice shall be
-+%%% included in all copies or substantial portions of the Software.
-+%%%
-+%%% THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-+%%% EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-+%%% MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
-+%%% NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
-+%%% BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
-+%%% ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
-+%%% CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-+%%% SOFTWARE.
-+%%%
-+
-+%%%
-+%%% configuration options:
-+%%% {sasl_realm, "<Kerberos realm>"}.
-+%%%
-+%%% environment variables:
-+%%% KRB5_KTNAME
-+%%%
-+
-+-module(cyrsasl_gssapi).
-+-author('mikma@users.sourceforge.net').
-+-vsn('$Revision: $ ').
-+
-+-include("ejabberd.hrl").
-+
-+-export([start/1,
-+ stop/0,
-+ mech_new/1,
-+ mech_step/2]).
-+
-+-behaviour(cyrsasl).
-+
-+-define(SERVER, cyrsasl_gssapi).
-+-define(MSG, ?DEBUG).
-+
-+-record(state, {sasl,
-+ needsmore=true,
-+ step=0,
-+ host,
-+ authid,
-+ authzid,
-+ authrealm}).
-+
-+start(_Opts) ->
-+ ChildSpec =
-+ {?SERVER,
-+ {esasl, start_link, [{local, ?SERVER}]},
-+ transient,
-+ 1000,
-+ worker,
-+ [esasl]},
-+
-+ {ok, _Pid} = supervisor:start_child(ejabberd_sup, ChildSpec),
-+
-+ cyrsasl:register_mechanism("GSSAPI", ?MODULE, false).
-+
-+stop() ->
-+ esasl:stop(?SERVER),
-+ supervisor:terminate_child(ejabberd_sup, ?SERVER),
-+ supervisor:delete_child(ejabberd_sup, ?SERVER).
-+
-+mech_new(#sasl_ctx{host=Host, fqdn=FQDN}) ->
-+ ?MSG("mech_new ~p ~p~n", [Host, FQDN]),
-+ {ok, Sasl} = esasl:server_start(?SERVER, "GSSAPI", "xmpp", FQDN),
-+ {ok, #state{sasl=Sasl,host=Host}}.
-+
-+mech_step(State, ClientIn) when is_list(ClientIn) ->
-+ catch do_step(State, ClientIn).
-+
-+do_step(#state{needsmore=false}=State, _) ->
-+ check_user(State);
-+do_step(#state{needsmore=true,sasl=Sasl,step=Step}=State, ClientIn) ->
-+ ?MSG("mech_step~n", []),
-+ case esasl:step(Sasl, list_to_binary(ClientIn)) of
-+ {ok, RspAuth} ->
-+ ?MSG("ok~n", []),
-+ {ok, Display_name} = esasl:property_get(Sasl, gssapi_display_name),
-+ {ok, Authzid} = esasl:property_get(Sasl, authzid),
-+ {Authid, [$@ | Auth_realm]} =
-+ lists:splitwith(fun(E)->E =/= $@ end, Display_name),
-+ State1 = State#state{authid=Authid,
-+ authzid=Authzid,
-+ authrealm=Auth_realm},
-+ handle_step_ok(State1, binary_to_list(RspAuth));
-+ {needsmore, RspAuth} ->
-+ ?MSG("needsmore~n", []),
-+ if (Step > 0) and (ClientIn =:= []) and (RspAuth =:= <<>>) ->
-+ {error, "not-authorized"};
-+ true ->
-+ {continue, binary_to_list(RspAuth),
-+ State#state{step=Step+1}}
-+ end;
-+ {error, _} ->
-+ {error, "not-authorized"}
-+ end.
-+
-+handle_step_ok(State, []) ->
-+ check_user(State);
-+handle_step_ok(#state{step=Step}=State, RspAuth) ->
-+ ?MSG("continue~n", []),
-+ {continue, RspAuth, State#state{needsmore=false,step=Step+1}}.
-+
-+check_user(#state{authid=Authid,authzid=Authzid,
-+ authrealm=Auth_realm,host=Host}) ->
-+ Realm = ejabberd_config:get_local_option({sasl_realm, Host}),
-+
-+ if Realm =/= Auth_realm ->
-+ ?MSG("bad realm ~p (expected ~p)~n",[Auth_realm, Realm]),
-+ throw({error, "not-authorized"});
-+ true ->
-+ ok
-+ end,
-+
-+ case ejabberd_auth:is_user_exists(Authid, Host) of
-+ false ->
-+ ?MSG("bad user ~p~n",[Authid]),
-+ throw({error, "not-authorized"});
-+ true ->
-+ ok
-+ end,
-+
-+ ?MSG("GSSAPI authenticated ~p ~p~n", [Authid, Authzid]),
-+ {ok, [{username, Authid}, {authzid, Authzid}]}.
-diff --git a/src/cyrsasl_plain.erl b/src/cyrsasl_plain.erl
-index 4e69b06..5187665 100644
---- a/src/cyrsasl_plain.erl
-+++ b/src/cyrsasl_plain.erl
-@@ -27,10 +27,11 @@
- -module(cyrsasl_plain).
- -author('alexey@process-one.net').
-
---export([start/1, stop/0, mech_new/4, mech_step/2, parse/1]).
-+-export([start/1, stop/0, mech_new/1, mech_step/2, parse/1]).
-
- -behaviour(cyrsasl).
-
-+-include("ejabberd.hrl").
- -record(state, {check_password}).
-
- start(_Opts) ->
-@@ -40,7 +41,7 @@ start(_Opts) ->
- stop() ->
- ok.
-
--mech_new(_Host, _GetPassword, CheckPassword, _CheckPasswordDigest) ->
-+mech_new(#sasl_ctx{check_password=CheckPassword}) ->
- {ok, #state{check_password = CheckPassword}}.
-
- mech_step(State, ClientIn) ->
-diff --git a/src/ejabberd.hrl b/src/ejabberd.hrl
-index 717496f..4d683bb 100644
---- a/src/ejabberd.hrl
-+++ b/src/ejabberd.hrl
-@@ -59,3 +59,10 @@
- -define(CRITICAL_MSG(Format, Args),
- ejabberd_logger:critical_msg(?MODULE,?LINE,Format, Args)).
-
-+-record(sasl_ctx, {
-+ host,
-+ realm,
-+ get_password,
-+ check_password,
-+ check_password_digest,
-+ fqdn}).
-diff --git a/src/ejabberd_c2s.erl b/src/ejabberd_c2s.erl
-index 8ca5f5c..aebd860 100644
---- a/src/ejabberd_c2s.erl
-+++ b/src/ejabberd_c2s.erl
-@@ -67,6 +67,7 @@
- -record(state, {socket,
- sockmod,
- socket_monitor,
-+ fqdn,
- xml_socket,
- streamid,
- sasl_state,
-@@ -204,9 +205,11 @@ init([{SockMod, Socket}, Opts]) ->
- Socket
- end,
- SocketMonitor = SockMod:monitor(Socket1),
-+ {ok, FQDN} = ejabberd_net:gethostname(Socket),
- {ok, wait_for_stream, #state{socket = Socket1,
- sockmod = SockMod,
- socket_monitor = SocketMonitor,
-+ fqdn = FQDN,
- xml_socket = XMLSocket,
- zlib = Zlib,
- tls = TLS,
-@@ -250,6 +253,8 @@ wait_for_stream({xmlstreamstart, _Name, Attrs}, StateData) ->
- send_header(StateData, Server, "1.0", DefaultLang),
- case StateData#state.authenticated of
- false ->
-+ FQDN = StateData#state.fqdn,
-+ ?INFO_MSG("FQDN: ~p~n", [FQDN]),
- SASLState =
- cyrsasl:server_new(
- "jabber", Server, "", [],
-@@ -264,7 +269,8 @@ wait_for_stream({xmlstreamstart, _Name, Attrs}, StateData) ->
- fun(U, P, D, DG) ->
- ejabberd_auth:check_password_with_authmodule(
- U, Server, P, D, DG)
-- end),
-+ end,
-+ FQDN),
- Mechs = lists:map(
- fun(S) ->
- {xmlelement, "mechanism", [],
-diff --git a/src/ejabberd_net.erl b/src/ejabberd_net.erl
-new file mode 100644
-index 0000000..e9ab70a
---- /dev/null
-+++ b/src/ejabberd_net.erl
-@@ -0,0 +1,39 @@
-+%%%----------------------------------------------------------------------
-+%%% File : ejabberd_net.erl
-+%%% Author : Mikael Magnusson <mikma@users.sourceforge.net>
-+%%% Purpose : Serve C2S connection
-+%%% Created : 6 June 2007 by Mikael Magnusson <mikma@users.sourceforge.net>
-+%%% Id : $Id: $
-+%%%----------------------------------------------------------------------
-+
-+-module(ejabberd_net).
-+-author('mikma@users.sourceforge.net').
-+%% -update_info({update, 0}).
-+
-+-export([gethostname/1]).
-+
-+-include("ejabberd.hrl").
-+-include_lib("kernel/include/inet.hrl").
-+
-+%% Copied from ejabberd_socket.erl of ejabberd 2.0.3
-+-record(socket_state, {sockmod, socket, receiver}).
-+
-+%%
-+%% gethostname(Socket)
-+%%
-+gethostname(Socket) ->
-+ ?INFO_MSG("gethostname ~p~n", [Socket]),
-+%% {ok, "skinner.hem.za.org"}.
-+
-+ case ejabberd_config:get_local_option({sasl_fqdn, ?MYNAME}) of
-+ undefined ->
-+ {ok, {Addr, _Port}} = inet:sockname(Socket#socket_state.socket),
-+ case inet:gethostbyaddr(Addr) of
-+ {ok, HostEnt} when is_record(HostEnt, hostent) ->
-+ {ok, HostEnt#hostent.h_name};
-+ {error, What} ->
-+ ?ERROR_MSG("Error in gethostname:~nSocket: ~p~nError: ~p", [What]),
-+ error
-+ end;
-+ F -> {ok, F}
-+ end.