improve readability of links on github page

Add timestamps to stanzas resent from stream management queue

.gitignore

@@ -7,6 +7,7 @@
 /Makefile
 /config.log
 /config.status
+/configure
 /aclocal.m4
 /contrib/extract_translations/extract_translations.beam
 /*.cache
@@ -24,9 +25,11 @@
 /doc/*.toc
 /doc/contributed_modules.tex
 /doc/version.tex
-/ebin/*.beam
-/ebin/ejabberd.app
+/ebin/
+/ejabberd.init
+/ejabberdctl.example
 /include/XmppAddr.hrl
+/rel/ejabberd/
 /src/XmppAddr.asn1db
 /src/XmppAddr.erl
 /src/ejabberd.app.src

.travis.yml

@@ -0,0 +1,38 @@
+language: erlang
+
+otp_release:
+  - R16B03
+  - R15B01
+
+services:
+  - riak
+
+before_install:
+  - sudo apt-get -qq update
+
+install:
+  - sudo apt-get -qq install libexpat1-dev libyaml-dev libpam0g-dev
+
+before_script:
+  - mysql -u root -e "CREATE USER 'ejabberd_test'@'localhost' IDENTIFIED BY 'ejabberd_test';"
+  - mysql -u root -e "CREATE DATABASE ejabberd_test;"
+  - mysql -u root -e "GRANT ALL ON ejabberd_test.* TO 'ejabberd_test'@'localhost';"
+  - psql -U postgres -c "CREATE USER ejabberd_test WITH PASSWORD 'ejabberd_test';"
+  - psql -U postgres -c "CREATE DATABASE ejabberd_test;"
+  - psql -U postgres -c "GRANT ALL PRIVILEGES ON DATABASE ejabberd_test TO ejabberd_test;"
+
+script:
+  - ./autogen.sh
+  - ./configure --enable-all --disable-odbc
+  - make xref
+  - ERL_LIBS=$PWD make test
+  - grep -q 'TEST COMPLETE, \([[:digit:]]*\) ok, .* of \1 ' logs/raw.log
+
+after_script:
+  - find logs -name suite.log -exec cat '{}' ';'
+
+after_failure:
+  - find logs -name ejabberd.log -exec cat '{}' ';'
+
+notifications:
+  email: false

COPYING

@@ -4,8 +4,8 @@ with the OpenSSL library and distribute the resulting binary.
 		    GNU GENERAL PUBLIC LICENSE
 		       Version 2, June 1991
 
- Copyright (C) 1989, 1991 Free Software Foundation, Inc.
-     59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
  Everyone is permitted to copy and distribute verbatim copies
  of this license document, but changing it is not allowed.
 
@@ -306,9 +306,9 @@ the "copyright" line and a pointer to where the full notice is found.
     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
     GNU General Public License for more details.
 
-    You should have received a copy of the GNU General Public License
-    along with this program; if not, write to the Free Software
-    Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+    You should have received a copy of the GNU General Public License along
+    with this program; if not, write to the Free Software Foundation, Inc.,
+    51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 
 
 Also add information on how to contact you by electronic and paper mail.

Makefile.in

@@ -77,7 +77,7 @@ deps/.got:
 	rm -rf deps/.built
 	$(REBAR) get-deps && :> deps/.got
 
-deps/.built:
+deps/.built: deps/.got
 	$(REBAR) compile && :> deps/.built
 
 src: deps/.built
@@ -88,6 +88,10 @@ update:
 	rm -rf deps/.built
 	$(REBAR) update-deps && :> deps/.got
 
+xref: all
+	$(REBAR) skip_deps=true xref
+
+
 translations:
 	contrib/extract_translations/prepare-translation.sh -updateall
 
@@ -109,9 +113,9 @@ install: all
 	#
 	# Configuration files
 	$(INSTALL) -d -m 750 $(G_USER) $(ETCDIR)
-	[ -f $(ETCDIR)/ejabberd.cfg ] \
-		&& $(INSTALL) -b -m 640 $(G_USER) ejabberd.cfg.example $(ETCDIR)/ejabberd.cfg-new \
-		|| $(INSTALL) -b -m 640 $(G_USER) ejabberd.cfg.example $(ETCDIR)/ejabberd.cfg
+	[ -f $(ETCDIR)/ejabberd.yml ] \
+		&& $(INSTALL) -b -m 640 $(G_USER) ejabberd.yml.example $(ETCDIR)/ejabberd.yml-new \
+		|| $(INSTALL) -b -m 640 $(G_USER) ejabberd.yml.example $(ETCDIR)/ejabberd.yml
 	$(SED) -e "s*{{rootdir}}*@prefix@*" \
 		-e "s*{{installuser}}*@INSTALLUSER@*" \
 		-e "s*{{libdir}}*@libdir@*" \
@@ -151,10 +155,13 @@ install: all
 	# Binary C programs
 	$(INSTALL) -d $(PBINDIR)
 	$(INSTALL) -m 750 $(O_USER) tools/captcha.sh $(PBINDIR)
+	-[ -f deps/p1_pam/priv/bin/epam ] \
+		&& $(INSTALL) -m 750 $(O_USER) deps/p1_pam/priv/bin/epam $(PBINDIR)
 	#
 	# Binary system libraries
 	$(INSTALL) -d $(SODIR)
 	$(INSTALL) -m 644 $(DLLs) $(SODIR)
+	-[ -f $(SODIR)/jiffy.so ] && (cd $(PRIVDIR); ln -s lib/jiffy.so; true)
 	#
 	# Translated strings
 	$(INSTALL) -d $(MSGSDIR)
@@ -178,13 +185,16 @@ install: all
 	#
 	# Documentation
 	$(INSTALL) -d $(DOCDIR)
-	$(INSTALL) -m 644 doc/dev.html $(DOCDIR)
-	$(INSTALL) -m 644 doc/guide.html $(DOCDIR)
-	$(INSTALL) -m 644 doc/*.png $(DOCDIR)
-	$(INSTALL) -m 644 doc/*.txt $(DOCDIR)
+	[ -f doc/dev.html ] \
+		&& $(INSTALL) -m 644 doc/dev.html $(DOCDIR) \
+		|| echo "No doc/dev.html was built"
+	[ -f doc/guide.html ] \
+		&& $(INSTALL) -m 644 doc/guide.html $(DOCDIR) \
+		|| echo "No doc/guide.html was built"
 	[ -f doc/guide.pdf ] \
 		&& $(INSTALL) -m 644 doc/guide.pdf $(DOCDIR) \
 		|| echo "No doc/guide.pdf was built"
+	$(INSTALL) -m 644 doc/*.png $(DOCDIR)
 	$(INSTALL) -m 644 COPYING $(DOCDIR)
 
 uninstall: uninstall-binary
@@ -215,6 +225,7 @@ uninstall-all: uninstall-binary
 clean:
 	rm -rf deps/.got
 	rm -rf deps/.built
+	rm -rf test/*.beam
 	$(REBAR) clean
 
 clean-rel:

README

@@ -1,14 +1,103 @@
-ejabberd - High-Performance Enterprise Instant Messaging Server 
+Ejabberd Community Edition, by ProcessOne
+-----------------------------------------
 
-Quickstart guide
+
+ejabberd is a distributed, fault-tolerant technology that allows the creation
+of large-scale instant messaging applications.
+The server can reliably support thousands of simultaneous users on a single
+node and has been designed to provide exceptional standards of fault
+tolerance.
+As an open source technology, based on industry-standards, ejabberd can be
+used to build bespoke solutions very cost effectively.
+
+
+Key Features:
+=============
+
+
+-   Cross-platform: ejabberd runs under Microsoft Windows and Unix derived
+systems such as Linux, FreeBSD and NetBSD.
+-   Distributed: You can run ejabberd on a cluster of machines and all of them
+will serve the same Jabber domain(s). When you need more capacity you can
+simply add a new cheap node to your cluster. Accordingly, you do not need to
+buy an expensive high-end machine to support tens of thousands concurrent
+users.
+-   Fault-tolerant: You can deploy an ejabberd cluster so that all the
+information required for a properly working service will be replicated
+permanently on all nodes. This means that if one of the nodes crashes, the
+others will continue working without disruption. In addition, nodes also can
+be added or replaced ‘on the fly’.
+-   Administrator Friendly: ejabberd is built on top of the Open Source
+Erlang. As a result you do not need to install an external database, an
+external web server, amongst others because everything is already included,
+and ready to run out of the box. Other administrator benefits include: 
+        Comprehensive documentation.
+        Straightforward installers for Linux, Mac OS X.
+        Web Administration.
+        Shared Roster Groups.
+        Command line administration tool.
+        Can integrate with existing authentication mechanisms.
+        Capability to send announce messages._
+-   Internationalized: ejabberd leads in internationalization. Hence it is
+very well suited in a globalized world. Related features are:
+        Translated to 25 languages.
+        Support for IDNA._
+-   Open Standards: ejabberd is the first Open Source Jabber server claiming
+to fully comply to the XMPP standard.
+        Fully XMPP compliant.
+        XML-based protocol.
+        Many protocols supported._
+
+
+Additional Features:
+====================
+
+
+Moreover, ejabberd comes with a wide range of other state-of-the-art features:
+
+-   Modular
+        Load only the modules you want.
+        Extend ejabberd with your own custom modules. 
+-   Security
+        SASL and STARTTLS for c2s and s2s connections.
+        STARTTLS and Dialback s2s connections.
+        Web Admin accessible via HTTPS secure access. 
+-   Databases
+        Internal database for fast deployment (Mnesia).
+        Native MySQL support.
+        Native PostgreSQL support.
+        ODBC data storage support.
+        Microsoft SQL Server support. 
+-   Authentication
+        Internal Authentication.
+        PAM, LDAP and ODBC.
+        External Authentication script. 
+-   Others
+        Support for virtual hosting. 
+        Compressing XML streams with Stream Compression (XEP-0138).
+        Statistics via Statistics Gathering (XEP-0039).
+        IPv6 support both for c2s and s2s connections.
+        Multi-User Chat module with support for clustering and HTML logging.
+        Users Directory based on users vCards.
+        Publish-Subscribe component with support for Personal Eventing.
+        Support for web clients: HTTP Polling and HTTP Binding (BOSH).
+        IRC transport.
+        Component support: interface with networks such as AIM, ICQ and MSN
+
+
+Quickstart guide:
+=================
 
 
 0. Requirements
+---------------
 
 To compile ejabberd you need:
+
  - GNU Make
  - GCC
  - Libexpat 1.95 or higher
+ - Libyaml 0.1.4 or higher
  - Erlang/OTP R15B or higher.
  - OpenSSL 0.9.8 or higher, for STARTTLS, SASL and SSL encryption.
  - Zlib 1.2.3 or higher, for Stream Compression support
@@ -17,35 +106,50 @@ To compile ejabberd you need:
  - GNU Iconv 1.8 or higher, for the IRC Transport
    (mod_irc). Optional. Not needed on systems with GNU Libc.
  - ImageMagick's Convert program. Optional. For CAPTCHA challenges.
- - exmpp 0.9.6 or higher. Optional. For import/export XEP-0227 files. 
 
 
 1. Compile and install on *nix systems
+--------------------------------------
 
 To compile ejabberd execute the commands:
-  ./configure
-  make
+
+    ./configure
+    make
 
 To install ejabberd, run this command with system administrator rights
 (root user):
 
-  sudo make install
+    sudo make install
 
 These commands will:
- - Install the configuration files in /etc/ejabberd/
- - Install ejabberd binary, header and runtime files in /lib/ejabberd/
- - Install the administration script: /sbin/ejabberdctl
- - Install ejabberd documentation in /share/doc/ejabberd/
- - Create a spool directory: /var/lib/ejabberd/
- - Create a directory for log files: /var/log/ejabberd/
+
+ - Install the configuration files in `/etc/ejabberd/`
+ - Install ejabberd binary, header and runtime files in `/lib/ejabberd/`
+ - Install the administration script: `/sbin/ejabberdctl`
+ - Install ejabberd documentation in `/share/doc/ejabberd/`
+ - Create a spool directory: `/var/lib/ejabberd/`
+ - Create a directory for log files: `/var/log/ejabberd/`
 
 
 2. Start ejabberd
+-----------------
 
-You can use the ejabberdctl command line administration script to
+You can use the `ejabberdctl` command line administration script to
 start and stop ejabberd. For example:
-  ejabberdctl start
+
+    ejabberdctl start
 
 
-For detailed information please refer to the
-ejabberd Installation and Operation Guide
+For detailed information please refer to the ejabberd Installation and
+Operation Guide available online and in the doc directory of sources tarball.
+
+
+Links:
+======
+
+
+ - Guide: http://www.process-one.net/docs/ejabberd/guide_en.html
+ - Official site: https://www.process-one.net/en/ejabberd
+ - Community site: http://www.ejabberd.im
+ - Forum: http://www.process-one.net/en/forum
+

README.md

@@ -0,0 +1 @@
+README

autogen.sh

@@ -1,3 +1,3 @@
 # generate a new autoconf
 aclocal -I m4
-autoconf
+autoconf -f

configure.ac

@@ -2,7 +2,7 @@
 # Process this file with autoconf to produce a configure script.
 
 AC_PREREQ(2.53)
-AC_INIT(ejabberd, community, [ejabberd@process-one.net], [ejabberd])
+AC_INIT(ejabberd, m4_esyscmd([echo `git describe --tags 2>/dev/null || echo 0.0` | sed 's/-g.*//;s/-/./' | tr -d '\012']), [ejabberd@process-one.net], [ejabberd])
 REQUIRE_ERLANG_MIN="5.9.1 (Erlang/OTP R15B01)"
 REQUIRE_ERLANG_MAX="9.0.0 (No Max)"
 
@@ -35,7 +35,7 @@ AC_ERLANG_NEED_ERLC
 AC_ARG_ENABLE(erlang-version-check,
 [AC_HELP_STRING([--enable-erlang-version-check],
 	[Check Erlang/OTP version @<:@default=yes@:>@])])
-	case "$enable_erlang_version_check" in
+case "$enable_erlang_version_check" in
 	yes|'')
 		ERLANG_VERSION_CHECK([$REQUIRE_ERLANG_MIN],[$REQUIRE_ERLANG_MAX])
 		;;
@@ -105,21 +105,21 @@ AC_ARG_ENABLE(mssql,
   *) AC_MSG_ERROR(bad value ${enableval} for --enable-mssql) ;;
 esac],[db_type=generic])
 
+AC_ARG_ENABLE(all,
+[AC_HELP_STRING([--enable-all], [same as --enable-nif --enable-odbc --enable-mysql --enable-pgsql --enable-pam --enable-zlib --enable-riak --enable-json --enable-iconv --enable-debug --enable-lager --enable-tools (useful for Dialyzer checks, default: no)])],
+[case "${enableval}" in
+  yes) nif=true odbc=true mysql=true pgsql=true pam=true zlib=true riak=true json=true iconv=true debug=true lager=true tools=true ;;
+  no) nif=false odbc=false mysql=false pgsql=false pam=false zlib=false riak=false json=false iconv=false debug=false lager=false tools=false ;;
+  *) AC_MSG_ERROR(bad value ${enableval} for --enable-all) ;;
+esac],[])
+
 AC_ARG_ENABLE(tools,
-[AC_HELP_STRING([--enable-tools], [build development tools (currently the ejabberd profiler only, default: no)])],
+[AC_HELP_STRING([--enable-tools], [build development tools (default: no)])],
 [case "${enableval}" in
   yes) tools=true ;;
   no)  tools=false ;;
   *) AC_MSG_ERROR(bad value ${enableval} for --enable-tools) ;;
-esac],[tools=false])
-
-AC_ARG_ENABLE(all,
-[AC_HELP_STRING([--enable-all], [same as --enable-nif --enable-odbc --enable-mysql --enable-pgsql --enable-pam --enable-zlib --enable-stun --enable-json --enable-iconv --enable-debug --enable-http (useful for Dialyzer checks, default: no)])],
-[case "${enableval}" in
-  yes) nif=true odbc=true mysql=true pgsql=true pam=true zlib=true stun=true json=true iconv=true debug=true http=true ;;
-  no) nif=false odbc=false mysql=false pgsql=false pam=false zlib=false stun=false json=false iconv=false debug=false http=false ;;
-  *) AC_MSG_ERROR(bad value ${enableval} for --enable-all) ;;
-esac],[])
+esac],[if test "x$tools" = "x"; then tools=false; fi])
 
 AC_ARG_ENABLE(nif,
 [AC_HELP_STRING([--enable-nif], [replace some functions with C equivalents. Requires Erlang R13B04 or higher (default: no)])],
@@ -169,13 +169,13 @@ AC_ARG_ENABLE(zlib,
   *) AC_MSG_ERROR(bad value ${enableval} for --enable-zlib) ;;
 esac],[if test "x$zlib" = "x"; then zlib=true; fi])
 
-AC_ARG_ENABLE(stun,
-[AC_HELP_STRING([--enable-stun], [enable STUN support (default: no)])],
+AC_ARG_ENABLE(riak,
+[AC_HELP_STRING([--enable-riak], [enable Riak support (default: no)])],
 [case "${enableval}" in
-  yes) stun=true ;;
-  no)  stun=false ;;
-  *) AC_MSG_ERROR(bad value ${enableval} for --enable-stun) ;;
-esac],[if test "x$stun" = "x"; then stun=false; fi])
+  yes) riak=true ;;
+  no)  riak=false ;;
+  *) AC_MSG_ERROR(bad value ${enableval} for --enable-riak) ;;
+esac],[if test "x$riak" = "x"; then riak=false; fi])
 
 AC_ARG_ENABLE(json,
 [AC_HELP_STRING([--enable-json], [enable JSON support for mod_bosh (default: no)])],
@@ -201,21 +201,13 @@ AC_ARG_ENABLE(debug,
   *) AC_MSG_ERROR(bad value ${enableval} for --enable-debug) ;;
 esac],[if test "x$debug" = "x"; then debug=true; fi])
 
-AC_ARG_ENABLE(http,
-[AC_HELP_STRING([--enable-http], [build external HTTP libraries ('ibrowse' and 'lhttpc', default: no)])],
-[case "${enableval}" in
-  yes) http=true ;;
-  no)  http=false ;;
-  *) AC_MSG_ERROR(bad value ${enableval} for --enable-http) ;;
-esac],[if test "x$http" = "x"; then http=false; fi])
-
 AC_ARG_ENABLE(lager,
-[AC_HELP_STRING([--enable-lager], [enable lager support (default: no)])],
+[AC_HELP_STRING([--enable-lager], [enable lager support (default: yes)])],
 [case "${enableval}" in
   yes) lager=true ;;
   no)  lager=false ;;
   *) AC_MSG_ERROR(bad value ${enableval} for --enable-lager) ;;
-esac],[if test "x$lager" = "x"; then lager=false; fi])
+esac],[if test "x$lager" = "x"; then lager=true; fi])
 
 AC_CONFIG_FILES([Makefile
 		 vars.config
@@ -235,31 +227,6 @@ if test "$ENABLEUSER" != ""; then
   AC_SUBST([INSTALLUSER], [$ENABLEUSER])
 fi
 
-AC_ERLANG_CHECK_LIB([sasl], [],
-    [AC_MSG_ERROR([Erlang application 'sasl' was not found])])
-AC_ERLANG_CHECK_LIB([crypto], [],
-    [AC_MSG_ERROR([Erlang application 'crypto' was not found])])
-AC_ERLANG_CHECK_LIB([public_key], [],
-    [AC_MSG_ERROR([Erlang application 'public_key' was not found])])
-AC_ERLANG_CHECK_LIB([ssl], [],
-    [AC_MSG_ERROR([Erlang application 'ssl' was not found])])
-AC_ERLANG_CHECK_LIB([mnesia], [],
-    [AC_MSG_ERROR([Erlang application 'mnesia' was not found])])
-AC_ERLANG_CHECK_LIB([inets], [],
-    [AC_MSG_ERROR([Erlang application 'inets' was not found])])
-AC_ERLANG_CHECK_LIB([compiler], [],
-    [AC_MSG_ERROR([Erlang application 'compiler' was not found])])
-if test "x$odbc" = "xtrue"; then
-   AC_ERLANG_CHECK_LIB([odbc], [],
-      [AC_MSG_ERROR([Erlang application 'odbc' was not found])])
-fi
-if test "x$tools" = "xtrue"; then
-   AC_ERLANG_CHECK_LIB([tools], [],
-      [AC_MSG_ERROR([Erlang application 'tools' was not found])])
-   AC_ERLANG_CHECK_LIB([runtime_tools], [],
-      [AC_MSG_ERROR([Erlang application 'runtime_tools' was not found])])
-fi
-
 AC_SUBST(hipe)
 AC_SUBST(roster_gateway_workaround)
 AC_SUBST(transient_supervisors)
@@ -271,11 +238,10 @@ AC_SUBST(mysql)
 AC_SUBST(pgsql)
 AC_SUBST(pam)
 AC_SUBST(zlib)
-AC_SUBST(stun)
+AC_SUBST(riak)
 AC_SUBST(json)
 AC_SUBST(iconv)
 AC_SUBST(debug)
-AC_SUBST(http)
 AC_SUBST(lager)
 AC_SUBST(tools)
 

contrib/extract_translations/prepare-translation.sh

@@ -230,7 +230,8 @@ extract_lang_po2msg ()
 	msgattrib $PO_PATH --translated --no-fuzzy --no-obsolete --no-location --no-wrap | grep "^msg" | tail --lines=+3 >$MS_PATH
 	grep "^msgid" $PO_PATH.ms | sed 's/^msgid //g' >$MSGID_PATH
 	grep "^msgstr" $PO_PATH.ms | sed 's/^msgstr //g' >$MSGSTR_PATH
-	paste $MSGID_PATH $MSGSTR_PATH --delimiter=, | awk '{print "{" $0 "}."}' | sort -g >$MSGS_PATH
+	echo "%% -*- coding: latin-1 -*-" >$MSGS_PATH
+	paste $MSGID_PATH $MSGSTR_PATH --delimiter=, | awk '{print "{" $0 "}."}' | sort -g >>$MSGS_PATH
 
 	rm $MS_PATH
 	rm $MSGID_PATH

doc/Makefile

@@ -1,6 +1,6 @@
 # $Id$
 
-SHELL = /bin/bash
+SHELL = /bin/sh
 
 CONTRIBUTED_MODULES = ""
 #ifeq ($(shell ls mod_http_bind.tex),mod_http_bind.tex)
@@ -11,16 +11,16 @@ CONTRIBUTED_MODULES = ""
 all:	release pdf html
 
 release:
-	@echo "Notes for the releaser:"
-	@echo "* Do not forget to add a link to the release notes in guide.tex"
-	@echo "* Do not forget to update the version number in src/ejabberd.app!"
-	@echo "* Do not forget to update the features in introduction.tex (including \new{} and \improved{} tags)."
-	@echo "Press any key to continue"
+	@printf '%s\n' "Notes for the releaser:"
+	@printf '%s\n' "* Do not forget to add a link to the release notes in guide.tex"
+	@printf '%s\n' "* Do not forget to update the version number in ebin/ejabberd.app!"
+	@printf '%s\n' "* Do not forget to update the features in introduction.tex (including \new{} and \improved{} tags)."
+	@printf '%s\n' "Press any key to continue"
 	##@read foo
-	@echo "% ejabberd version (automatically generated)." > version.tex
-	@echo "\newcommand{\version}{"`sed '/vsn/!d;s/\(.*\)"\(.*\)"\(.*\)/\2/' ../src/ejabberd.app`"}" >> version.tex
-	@echo -n "% Contributed modules (automatically generated)."  > contributed_modules.tex
-	@echo -e "$(CONTRIBUTED_MODULES)" >> contributed_modules.tex
+	@printf '%s\n' "% ejabberd version (automatically generated)." > version.tex
+	@printf '%s\n' "\newcommand{\version}{"`sed '/vsn/!d;s/\(.*\)"\(.*\)"\(.*\)/\2/' ../ebin/ejabberd.app`"}" >> version.tex
+	@printf '%s'   "% Contributed modules (automatically generated)." > contributed_modules.tex
+	@printf '%b\n' "$(CONTRIBUTED_MODULES)" >> contributed_modules.tex
 
 html:	guide.html dev.html features.html
 

doc/dev.html

@@ -1,40 +1,45 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"
-            "http://www.w3.org/TR/REC-html40/loose.dtd">
-<HTML>
-<HEAD>
-<TITLE>Ejabberd 2.1.12 Developers Guide
-</TITLE>
-
-<META http-equiv="Content-Type" content="text/html; charset=US-ASCII">
-<META name="GENERATOR" content="hevea 1.10">
-<STYLE type="text/css">
+<!DOCTYPE html>
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=US-ASCII">
+<meta name="generator" content="hevea 2.09">
+<style type="text/css">
 .li-itemize{margin:1ex 0ex;}
 .li-enumerate{margin:1ex 0ex;}
 .dd-description{margin:0ex 0ex 1ex 4ex;}
 .dt-description{margin:0ex;}
 .toc{list-style:none;}
+.footnotetext{margin:0ex; padding:0ex;}
+div.footnotetext P{margin:0px; text-indent:1em;}
 .thefootnotes{text-align:left;margin:0ex;}
 .dt-thefootnotes{margin:0em;}
 .dd-thefootnotes{margin:0em 0em 0em 2em;}
 .footnoterule{margin:1em auto 1em 0px;width:50%;}
 .caption{padding-left:2ex; padding-right:2ex; margin-left:auto; margin-right:auto}
 .title{margin:2ex auto;text-align:center}
+.titlemain{margin:1ex 2ex 2ex 1ex;}
+.titlerest{margin:0ex 2ex;}
 .center{text-align:center;margin-left:auto;margin-right:auto;}
 .flushleft{text-align:left;margin-left:0ex;margin-right:auto;}
 .flushright{text-align:right;margin-left:auto;margin-right:0ex;}
-DIV TABLE{margin-left:inherit;margin-right:inherit;}
-PRE{text-align:left;margin-left:0ex;margin-right:auto;}
-BLOCKQUOTE{margin-left:4ex;margin-right:4ex;text-align:left;}
-TD P{margin:0px;}
+div table{margin-left:inherit;margin-right:inherit;margin-bottom:2px;margin-top:2px}
+td table{margin:auto;}
+table{border-collapse:collapse;}
+td{padding:0;}
+.cellpadding0 tr td{padding:0;}
+.cellpadding1 tr td{padding:1px;}
+pre{text-align:left;margin-left:0ex;margin-right:auto;}
+blockquote{margin-left:4ex;margin-right:4ex;text-align:left;}
+td p{margin:0px;}
 .boxed{border:1px solid black}
 .textboxed{border:1px solid black}
 .vbar{border:none;width:2px;background-color:black;}
 .hbar{border:none;height:2px;width:100%;background-color:black;}
 .hfill{border:none;height:1px;width:200%;background-color:black;}
 .vdisplay{border-collapse:separate;border-spacing:2px;width:auto; empty-cells:show; border:2px solid red;}
-.vdcell{white-space:nowrap;padding:0px;width:auto; border:2px solid green;}
+.vdcell{white-space:nowrap;padding:0px; border:2px solid green;}
 .display{border-collapse:separate;border-spacing:2px;width:auto; border:none;}
-.dcell{white-space:nowrap;padding:0px;width:auto; border:none;}
+.dcell{white-space:nowrap;padding:0px; border:none;}
 .dcenter{margin:0ex auto;}
 .vdcenter{border:solid #FF8000 2px; margin:0ex auto;}
 .minipage{text-align:left; margin-left:0em; margin-right:auto;}
@@ -43,169 +48,182 @@ TD P{margin:0px;}
 .marginparright{float:right; margin-left:1ex; margin-right:0ex;}
 .theorem{text-align:left;margin:1ex auto 1ex 0ex;}
 .part{margin:2ex auto;text-align:center}
-</STYLE>
-</HEAD>
-<BODY >
+</style>
+<title>Ejabberd community 14.05-120-gedfb5fc Developers Guide
+</title>
+</head>
+<body >
 <!--HEVEA command line is: /usr/bin/hevea -fix -pedantic dev.tex -->
-<!--CUT DEF section 1 --><P><A NAME="titlepage"></A>
+<!--CUT STYLE article--><!--CUT DEF section 1 --><p><a id="titlepage"></a>
 
-</P><TABLE CLASS="title"><TR><TD><H1 CLASS="titlemain">Ejabberd 2.1.12 Developers Guide</H1><H3 CLASS="titlerest">Alexey Shchepin<BR>
- <A HREF="mailto:alexey@sevcom.net"><TT>mailto:alexey@sevcom.net</TT></A><BR>
- <A HREF="xmpp:aleksey@jabber.ru"><TT>xmpp:aleksey@jabber.ru</TT></A></H3></TD></TR>
-</TABLE><DIV CLASS="center">
+</p><table class="title"><tr><td style="padding:1ex"><h1 class="titlemain">Ejabberd community 14.05-120-gedfb5fc Developers Guide</h1><h3 class="titlerest">Alexey Shchepin <br>
+ <a href="mailto:alexey@sevcom.net"><span style="font-family:monospace">mailto:alexey@sevcom.net</span></a> <br>
+ <a href="xmpp:aleksey@jabber.ru"><span style="font-family:monospace">xmpp:aleksey@jabber.ru</span></a></h3></td></tr>
+</table><div class="center">
 
-<IMG SRC="logo.png" ALT="logo.png">
+<img src="logo.png" alt="logo.png">
 
 
-</DIV><BLOCKQUOTE CLASS="quotation"><I>I can thoroughly recommend ejabberd for ease of setup &#X2013;
-Kevin Smith, Current maintainer of the Psi project</I></BLOCKQUOTE><!--TOC section Contents-->
-<H2 CLASS="section"><!--SEC ANCHOR -->Contents</H2><!--SEC END --><UL CLASS="toc"><LI CLASS="li-toc">
-<A HREF="#htoc1">1&#XA0;&#XA0;Key Features</A>
-</LI><LI CLASS="li-toc"><A HREF="#htoc2">2&#XA0;&#XA0;Additional Features</A>
-</LI><LI CLASS="li-toc"><A HREF="#htoc3">3&#XA0;&#XA0;How it Works</A>
-<UL CLASS="toc"><LI CLASS="li-toc">
-<A HREF="#htoc4">3.1&#XA0;&#XA0;Router</A>
-</LI><LI CLASS="li-toc"><A HREF="#htoc5">3.2&#XA0;&#XA0;Local Router</A>
-</LI><LI CLASS="li-toc"><A HREF="#htoc6">3.3&#XA0;&#XA0;Session Manager</A>
-</LI><LI CLASS="li-toc"><A HREF="#htoc7">3.4&#XA0;&#XA0;S2S Manager</A>
-</LI></UL>
-</LI><LI CLASS="li-toc"><A HREF="#htoc8">4&#XA0;&#XA0;Authentication</A>
-<UL CLASS="toc">
-<UL CLASS="toc"><LI CLASS="li-toc">
-<A HREF="#htoc9">4.0.1&#XA0;&#XA0;External</A>
-</LI></UL>
-</UL>
-</LI><LI CLASS="li-toc"><A HREF="#htoc10">5&#XA0;&#XA0;XML Representation</A>
-</LI><LI CLASS="li-toc"><A HREF="#htoc11">6&#XA0;&#XA0;Module <TT>xml</TT></A>
-</LI><LI CLASS="li-toc"><A HREF="#htoc12">7&#XA0;&#XA0;Module <TT>xml_stream</TT></A>
-</LI><LI CLASS="li-toc"><A HREF="#htoc13">8&#XA0;&#XA0;Modules</A>
-<UL CLASS="toc"><LI CLASS="li-toc">
-<A HREF="#htoc14">8.1&#XA0;&#XA0;Module gen_iq_handler</A>
-</LI><LI CLASS="li-toc"><A HREF="#htoc15">8.2&#XA0;&#XA0;Services</A>
-</LI></UL>
-</LI></UL><P>Introduction
-<A NAME="intro"></A></P><P><TT>ejabberd</TT> is a free and open source instant messaging server written in <A HREF="http://www.erlang.org/">Erlang/OTP</A>.</P><P><TT>ejabberd</TT> is cross-platform, distributed, fault-tolerant, and based on open standards to achieve real-time communication.</P><P><TT>ejabberd</TT> is designed to be a rock-solid and feature rich XMPP server.</P><P><TT>ejabberd</TT> is suitable for small deployments, whether they need to be scalable or not, as well as extremely big deployments.</P><!--TOC section Key Features-->
-<H2 CLASS="section"><!--SEC ANCHOR --><A NAME="htoc1">1</A>&#XA0;&#XA0;Key Features</H2><!--SEC END --><P>
-<A NAME="keyfeatures"></A>
-</P><P><TT>ejabberd</TT> is:
-</P><UL CLASS="itemize"><LI CLASS="li-itemize">
-Cross-platform: <TT>ejabberd</TT> runs under Microsoft Windows and Unix derived systems such as Linux, FreeBSD and NetBSD.</LI><LI CLASS="li-itemize">Distributed: You can run <TT>ejabberd</TT> on a cluster of machines and all of them will serve the same Jabber domain(s). When you need more capacity you can simply add a new cheap node to your cluster. Accordingly, you do not need to buy an expensive high-end machine to support tens of thousands concurrent users.</LI><LI CLASS="li-itemize">Fault-tolerant: You can deploy an <TT>ejabberd</TT> cluster so that all the information required for a properly working service will be replicated permanently on all nodes. This means that if one of the nodes crashes, the others will continue working without disruption. In addition, nodes also can be added or replaced &#X2018;on the fly&#X2019;.</LI><LI CLASS="li-itemize">Administrator Friendly: <TT>ejabberd</TT> is built on top of the Open Source Erlang. As a result you do not need to install an external database, an external web server, amongst others because everything is already included, and ready to run out of the box. Other administrator benefits include:
-<UL CLASS="itemize"><LI CLASS="li-itemize">
+</div><blockquote class="quotation"><span style="font-style:italic">I can thoroughly recommend ejabberd for ease of setup &#X2013;
+Kevin Smith, Current maintainer of the Psi project</span></blockquote><!--TOC section id="intro" Contents-->
+<h2 id="intro" class="section">Contents</h2><!--SEC END --><ul class="toc"><li class="li-toc">
+<a href="#sec2">1&#XA0;&#XA0;Key Features</a>
+</li><li class="li-toc"><a href="#sec3">2&#XA0;&#XA0;Additional Features</a>
+</li><li class="li-toc"><a href="#sec4">3&#XA0;&#XA0;How it Works</a>
+<ul class="toc"><li class="li-toc">
+<a href="#sec5">3.1&#XA0;&#XA0;Router</a>
+</li><li class="li-toc"><a href="#sec6">3.2&#XA0;&#XA0;Local Router</a>
+</li><li class="li-toc"><a href="#sec7">3.3&#XA0;&#XA0;Session Manager</a>
+</li><li class="li-toc"><a href="#sec8">3.4&#XA0;&#XA0;S2S Manager</a>
+</li></ul>
+</li><li class="li-toc"><a href="#sec9">4&#XA0;&#XA0;Authentication</a>
+<ul class="toc">
+<ul class="toc"><li class="li-toc">
+<a href="#sec10">4.0.1&#XA0;&#XA0;External</a>
+</li></ul>
+</ul>
+</li><li class="li-toc"><a href="#sec11">5&#XA0;&#XA0;XML Representation</a>
+</li><li class="li-toc"><a href="#sec12">6&#XA0;&#XA0;Module <span style="font-family:monospace">xml</span></a>
+</li><li class="li-toc"><a href="#sec13">7&#XA0;&#XA0;Module <span style="font-family:monospace">xml_stream</span></a>
+</li><li class="li-toc"><a href="#sec14">8&#XA0;&#XA0;Modules</a>
+<ul class="toc"><li class="li-toc">
+<a href="#sec15">8.1&#XA0;&#XA0;Module gen_iq_handler</a>
+</li><li class="li-toc"><a href="#sec16">8.2&#XA0;&#XA0;Services</a>
+</li></ul>
+</li></ul><p>Introduction
+</p><p><span style="font-family:monospace">ejabberd</span> is a free and open source instant messaging server written in <a href="http://www.erlang.org/">Erlang/OTP</a>.</p><p><span style="font-family:monospace">ejabberd</span> is cross-platform, distributed, fault-tolerant, and based on open standards to achieve real-time communication.</p><p><span style="font-family:monospace">ejabberd</span> is designed to be a rock-solid and feature rich XMPP server.</p><p><span style="font-family:monospace">ejabberd</span> is suitable for small deployments, whether they need to be scalable or not, as well as extremely big deployments.</p>
+<!--TOC section id="sec2" Key Features-->
+<h2 id="sec2" class="section">1&#XA0;&#XA0;Key Features</h2><!--SEC END --><p>
+<a id="keyfeatures"></a>
+</p><p><span style="font-family:monospace">ejabberd</span> is:
+</p><ul class="itemize"><li class="li-itemize">
+Cross-platform: <span style="font-family:monospace">ejabberd</span> runs under Microsoft Windows and Unix derived systems such as Linux, FreeBSD and NetBSD.</li><li class="li-itemize">Distributed: You can run <span style="font-family:monospace">ejabberd</span> on a cluster of machines and all of them will serve the same Jabber domain(s). When you need more capacity you can simply add a new cheap node to your cluster. Accordingly, you do not need to buy an expensive high-end machine to support tens of thousands concurrent users.</li><li class="li-itemize">Fault-tolerant: You can deploy an <span style="font-family:monospace">ejabberd</span> cluster so that all the information required for a properly working service will be replicated permanently on all nodes. This means that if one of the nodes crashes, the others will continue working without disruption. In addition, nodes also can be added or replaced &#X2018;on the fly&#X2019;.</li><li class="li-itemize">Administrator Friendly: <span style="font-family:monospace">ejabberd</span> is built on top of the Open Source Erlang. As a result you do not need to install an external database, an external web server, amongst others because everything is already included, and ready to run out of the box. Other administrator benefits include:
+<ul class="itemize"><li class="li-itemize">
 Comprehensive documentation.
-</LI><LI CLASS="li-itemize">Straightforward installers for Linux, Mac OS X, and Windows. </LI><LI CLASS="li-itemize">Web Administration.
-</LI><LI CLASS="li-itemize">Shared Roster Groups.
-</LI><LI CLASS="li-itemize">Command line administration tool. </LI><LI CLASS="li-itemize">Can integrate with existing authentication mechanisms.
-</LI><LI CLASS="li-itemize">Capability to send announce messages.
-</LI></UL></LI><LI CLASS="li-itemize">Internationalized: <TT>ejabberd</TT> leads in internationalization. Hence it is very well suited in a globalized world. Related features are:
-<UL CLASS="itemize"><LI CLASS="li-itemize">
-Translated to 25 languages. </LI><LI CLASS="li-itemize">Support for <A HREF="http://www.ietf.org/rfc/rfc3490.txt">IDNA</A>.
-</LI></UL></LI><LI CLASS="li-itemize">Open Standards: <TT>ejabberd</TT> is the first Open Source Jabber server claiming to fully comply to the XMPP standard.
-<UL CLASS="itemize"><LI CLASS="li-itemize">
+</li><li class="li-itemize">Straightforward installers for Linux, Mac OS X, and Windows. </li><li class="li-itemize">Web Administration.
+</li><li class="li-itemize">Shared Roster Groups.
+</li><li class="li-itemize">Command line administration tool. </li><li class="li-itemize">Can integrate with existing authentication mechanisms.
+</li><li class="li-itemize">Capability to send announce messages.
+</li></ul></li><li class="li-itemize">Internationalized: <span style="font-family:monospace">ejabberd</span> leads in internationalization. Hence it is very well suited in a globalized world. Related features are:
+<ul class="itemize"><li class="li-itemize">
+Translated to 25 languages. </li><li class="li-itemize">Support for <a href="http://www.ietf.org/rfc/rfc3490.txt">IDNA</a>.
+</li></ul></li><li class="li-itemize">Open Standards: <span style="font-family:monospace">ejabberd</span> is the first Open Source Jabber server claiming to fully comply to the XMPP standard.
+<ul class="itemize"><li class="li-itemize">
 Fully XMPP compliant.
-</LI><LI CLASS="li-itemize">XML-based protocol.
-</LI><LI CLASS="li-itemize"><A HREF="http://www.ejabberd.im/protocols">Many protocols supported</A>.
-</LI></UL></LI></UL><!--TOC section Additional Features-->
-<H2 CLASS="section"><!--SEC ANCHOR --><A NAME="htoc2">2</A>&#XA0;&#XA0;Additional Features</H2><!--SEC END --><P>
-<A NAME="addfeatures"></A>
-</P><P>Moreover, <TT>ejabberd</TT> comes with a wide range of other state-of-the-art features:
-</P><UL CLASS="itemize"><LI CLASS="li-itemize">
+</li><li class="li-itemize">XML-based protocol.
+</li><li class="li-itemize"><a href="http://www.ejabberd.im/protocols">Many protocols supported</a>.
+</li></ul></li></ul>
+<!--TOC section id="sec3" Additional Features-->
+<h2 id="sec3" class="section">2&#XA0;&#XA0;Additional Features</h2><!--SEC END --><p>
+<a id="addfeatures"></a>
+</p><p>Moreover, <span style="font-family:monospace">ejabberd</span> comes with a wide range of other state-of-the-art features:
+</p><ul class="itemize"><li class="li-itemize">
 Modular
-<UL CLASS="itemize"><LI CLASS="li-itemize">
+<ul class="itemize"><li class="li-itemize">
 Load only the modules you want.
-</LI><LI CLASS="li-itemize">Extend <TT>ejabberd</TT> with your own custom modules.
-</LI></UL>
-</LI><LI CLASS="li-itemize">Security
-<UL CLASS="itemize"><LI CLASS="li-itemize">
+</li><li class="li-itemize">Extend <span style="font-family:monospace">ejabberd</span> with your own custom modules.
+</li></ul>
+</li><li class="li-itemize">Security
+<ul class="itemize"><li class="li-itemize">
 SASL and STARTTLS for c2s and s2s connections.
-</LI><LI CLASS="li-itemize">STARTTLS and Dialback s2s connections.
-</LI><LI CLASS="li-itemize">Web Admin accessible via HTTPS secure access.
-</LI></UL>
-</LI><LI CLASS="li-itemize">Databases
-<UL CLASS="itemize"><LI CLASS="li-itemize">
+</li><li class="li-itemize">STARTTLS and Dialback s2s connections.
+</li><li class="li-itemize">Web Admin accessible via HTTPS secure access.
+</li></ul>
+</li><li class="li-itemize">Databases
+<ul class="itemize"><li class="li-itemize">
 Internal database for fast deployment (Mnesia).
-</LI><LI CLASS="li-itemize">Native MySQL support.
-</LI><LI CLASS="li-itemize">Native PostgreSQL support.
-</LI><LI CLASS="li-itemize">ODBC data storage support.
-</LI><LI CLASS="li-itemize">Microsoft SQL Server support. </LI></UL>
-</LI><LI CLASS="li-itemize">Authentication
-<UL CLASS="itemize"><LI CLASS="li-itemize">
+</li><li class="li-itemize">Native MySQL support.
+</li><li class="li-itemize">Native PostgreSQL support.
+</li><li class="li-itemize">ODBC data storage support.
+</li><li class="li-itemize">Microsoft SQL Server support. </li><li class="li-itemize">Riak NoSQL database support.
+</li></ul>
+</li><li class="li-itemize">Authentication
+<ul class="itemize"><li class="li-itemize">
 Internal Authentication.
-</LI><LI CLASS="li-itemize">PAM, LDAP and ODBC. </LI><LI CLASS="li-itemize">External Authentication script.
-</LI></UL>
-</LI><LI CLASS="li-itemize">Others
-<UL CLASS="itemize"><LI CLASS="li-itemize">
+</li><li class="li-itemize">PAM, LDAP, ODBC and Riak. </li><li class="li-itemize">External Authentication script.
+</li></ul>
+</li><li class="li-itemize">Others
+<ul class="itemize"><li class="li-itemize">
 Support for virtual hosting.
-</LI><LI CLASS="li-itemize">Compressing XML streams with Stream Compression (<A HREF="http://www.xmpp.org/extensions/xep-0138.html">XEP-0138</A>).
-</LI><LI CLASS="li-itemize">Statistics via Statistics Gathering (<A HREF="http://www.xmpp.org/extensions/xep-0039.html">XEP-0039</A>).
-</LI><LI CLASS="li-itemize">IPv6 support both for c2s and s2s connections.
-</LI><LI CLASS="li-itemize"><A HREF="http://www.xmpp.org/extensions/xep-0045.html">Multi-User Chat</A> module with support for clustering and HTML logging. </LI><LI CLASS="li-itemize">Users Directory based on users vCards.
-</LI><LI CLASS="li-itemize"><A HREF="http://www.xmpp.org/extensions/xep-0060.html">Publish-Subscribe</A> component with support for <A HREF="http://www.xmpp.org/extensions/xep-0163.html">Personal Eventing via Pubsub</A>.
-</LI><LI CLASS="li-itemize">Support for web clients: <A HREF="http://www.xmpp.org/extensions/xep-0025.html">HTTP Polling</A> and <A HREF="http://www.xmpp.org/extensions/xep-0206.html">HTTP Binding (BOSH)</A> services.
-</LI><LI CLASS="li-itemize">IRC transport.
-</LI><LI CLASS="li-itemize">Component support: interface with networks such as AIM, ICQ and MSN installing special tranports.
-</LI></UL>
-</LI></UL><!--TOC section How it Works-->
-<H2 CLASS="section"><!--SEC ANCHOR --><A NAME="htoc3">3</A>&#XA0;&#XA0;How it Works</H2><!--SEC END --><P>
-<A NAME="howitworks"></A></P><P>A XMPP domain is served by one or more <TT>ejabberd</TT> nodes. These nodes can
+</li><li class="li-itemize">Compressing XML streams with Stream Compression (<a href="http://www.xmpp.org/extensions/xep-0138.html">XEP-0138</a>).
+</li><li class="li-itemize">Statistics via Statistics Gathering (<a href="http://www.xmpp.org/extensions/xep-0039.html">XEP-0039</a>).
+</li><li class="li-itemize">IPv6 support both for c2s and s2s connections.
+</li><li class="li-itemize"><a href="http://www.xmpp.org/extensions/xep-0045.html">Multi-User Chat</a> module with support for clustering and HTML logging. </li><li class="li-itemize">Users Directory based on users vCards.
+</li><li class="li-itemize"><a href="http://www.xmpp.org/extensions/xep-0060.html">Publish-Subscribe</a> component with support for <a href="http://www.xmpp.org/extensions/xep-0163.html">Personal Eventing via Pubsub</a>.
+</li><li class="li-itemize">Support for web clients: <a href="http://www.xmpp.org/extensions/xep-0025.html">HTTP Polling</a> and <a href="http://www.xmpp.org/extensions/xep-0206.html">HTTP Binding (BOSH)</a> services.
+</li><li class="li-itemize">IRC transport.
+</li><li class="li-itemize">SIP support.
+</li><li class="li-itemize">Component support: interface with networks such as AIM, ICQ and MSN installing special tranports.
+</li></ul>
+</li></ul>
+<!--TOC section id="sec4" How it Works-->
+<h2 id="sec4" class="section">3&#XA0;&#XA0;How it Works</h2><!--SEC END --><p>
+<a id="howitworks"></a></p><p>A XMPP domain is served by one or more <span style="font-family:monospace">ejabberd</span> nodes. These nodes can
 be run on different machines that are connected via a network. They all must
 have the ability to connect to port 4369 of all another nodes, and must have
 the same magic cookie (see Erlang/OTP documentation, in other words the file
-<TT>~ejabberd/.erlang.cookie</TT> must be the same on all nodes). This is
+<span style="font-family:monospace">~ejabberd/.erlang.cookie</span> must be the same on all nodes). This is
 needed because all nodes exchange information about connected users, S2S
-connections, registered services, etc&#X2026;</P><P>Each <TT>ejabberd</TT> node have following modules:
-</P><UL CLASS="itemize"><LI CLASS="li-itemize">
+connections, registered services, etc&#X2026;</p><p>Each <span style="font-family:monospace">ejabberd</span> node have following modules:
+</p><ul class="itemize"><li class="li-itemize">
 router;
-</LI><LI CLASS="li-itemize">local router.
-</LI><LI CLASS="li-itemize">session manager;
-</LI><LI CLASS="li-itemize">S2S manager;
-</LI></UL><!--TOC subsection Router-->
-<H3 CLASS="subsection"><!--SEC ANCHOR --><A NAME="htoc4">3.1</A>&#XA0;&#XA0;Router</H3><!--SEC END --><P>This module is the main router of XMPP packets on each node. It routes
+</li><li class="li-itemize">local router.
+</li><li class="li-itemize">session manager;
+</li><li class="li-itemize">S2S manager;
+</li></ul>
+<!--TOC subsection id="sec5" Router-->
+<h3 id="sec5" class="subsection">3.1&#XA0;&#XA0;Router</h3><!--SEC END --><p>This module is the main router of XMPP packets on each node. It routes
 them based on their destinations domains. It has two tables: local and global
 routes. First, domain of packet destination searched in local table, and if it
 found, then the packet is routed to appropriate process. If no, then it
-searches in global table, and is routed to the appropriate <TT>ejabberd</TT> node or
+searches in global table, and is routed to the appropriate <span style="font-family:monospace">ejabberd</span> node or
 process. If it does not exists in either tables, then it sent to the S2S
-manager.</P><!--TOC subsection Local Router-->
-<H3 CLASS="subsection"><!--SEC ANCHOR --><A NAME="htoc5">3.2</A>&#XA0;&#XA0;Local Router</H3><!--SEC END --><P>This module routes packets which have a destination domain equal to this server
+manager.</p>
+<!--TOC subsection id="sec6" Local Router-->
+<h3 id="sec6" class="subsection">3.2&#XA0;&#XA0;Local Router</h3><!--SEC END --><p>This module routes packets which have a destination domain equal to this server
 name. If destination JID has a non-empty user part, then it routed to the
-session manager, else it is processed depending on it&#X2019;s content.</P><!--TOC subsection Session Manager-->
-<H3 CLASS="subsection"><!--SEC ANCHOR --><A NAME="htoc6">3.3</A>&#XA0;&#XA0;Session Manager</H3><!--SEC END --><P>This module routes packets to local users. It searches for what user resource
+session manager, else it is processed depending on it&#X2019;s content.</p>
+<!--TOC subsection id="sec7" Session Manager-->
+<h3 id="sec7" class="subsection">3.3&#XA0;&#XA0;Session Manager</h3><!--SEC END --><p>This module routes packets to local users. It searches for what user resource
 packet must be sent via presence table. If this resource is connected to
 this node, it is routed to C2S process, if it connected via another node, then
-the packet is sent to session manager on that node.</P><!--TOC subsection S2S Manager-->
-<H3 CLASS="subsection"><!--SEC ANCHOR --><A NAME="htoc7">3.4</A>&#XA0;&#XA0;S2S Manager</H3><!--SEC END --><P>This module routes packets to other XMPP servers. First, it checks if an
+the packet is sent to session manager on that node.</p>
+<!--TOC subsection id="sec8" S2S Manager-->
+<h3 id="sec8" class="subsection">3.4&#XA0;&#XA0;S2S Manager</h3><!--SEC END --><p>This module routes packets to other XMPP servers. First, it checks if an
 open S2S connection from the domain of the packet source to the domain of
 packet destination already exists. If it is open on another node, then it
 routes the packet to S2S manager on that node, if it is open on this node, then
 it is routed to the process that serves this connection, and if a connection
-does not exist, then it is opened and registered.</P><!--TOC section Authentication-->
-<H2 CLASS="section"><!--SEC ANCHOR --><A NAME="htoc8">4</A>&#XA0;&#XA0;Authentication</H2><!--SEC END --><!--TOC subsubsection External-->
-<H4 CLASS="subsubsection"><!--SEC ANCHOR --><A NAME="htoc9">4.0.1</A>&#XA0;&#XA0;External</H4><!--SEC END --><P>
-<A NAME="externalauth"></A>
-</P><P>The external authentication script follows
-<A HREF="http://www.erlang.org/doc/tutorial/c_portdriver.html">the erlang port driver API</A>.</P><P>That script is supposed to do theses actions, in an infinite loop:
-</P><UL CLASS="itemize"><LI CLASS="li-itemize">
+does not exist, then it is opened and registered.</p>
+<!--TOC section id="sec9" Authentication-->
+<h2 id="sec9" class="section">4&#XA0;&#XA0;Authentication</h2><!--SEC END -->
+<!--TOC subsubsection id="sec10" External-->
+<h4 id="sec10" class="subsubsection">4.0.1&#XA0;&#XA0;External</h4><!--SEC END --><p>
+<a id="externalauth"></a>
+</p><p>The external authentication script follows
+<a href="http://www.erlang.org/doc/tutorial/c_portdriver.html">the erlang port driver API</a>.</p><p>That script is supposed to do theses actions, in an infinite loop:
+</p><ul class="itemize"><li class="li-itemize">
 read from stdin: AABBBBBBBBB.....
-<UL CLASS="itemize"><LI CLASS="li-itemize">
+<ul class="itemize"><li class="li-itemize">
 A: 2 bytes of length data (a short in network byte order)
-</LI><LI CLASS="li-itemize">B: a string of length found in A that contains operation in plain text
+</li><li class="li-itemize">B: a string of length found in A that contains operation in plain text
 operation are as follows:
-<UL CLASS="itemize"><LI CLASS="li-itemize">
+<ul class="itemize"><li class="li-itemize">
 auth:User:Server:Password (check if a username/password pair is correct)
-</LI><LI CLASS="li-itemize">isuser:User:Server (check if it&#X2019;s a valid user)
-</LI><LI CLASS="li-itemize">setpass:User:Server:Password (set user&#X2019;s password)
-</LI><LI CLASS="li-itemize">tryregister:User:Server:Password (try to register an account)
-</LI><LI CLASS="li-itemize">removeuser:User:Server (remove this account)
-</LI><LI CLASS="li-itemize">removeuser3:User:Server:Password (remove this account if the password is correct)
-</LI></UL>
-</LI></UL>
-</LI><LI CLASS="li-itemize">write to stdout: AABB
-<UL CLASS="itemize"><LI CLASS="li-itemize">
+</li><li class="li-itemize">isuser:User:Server (check if it&#X2019;s a valid user)
+</li><li class="li-itemize">setpass:User:Server:Password (set user&#X2019;s password)
+</li><li class="li-itemize">tryregister:User:Server:Password (try to register an account)
+</li><li class="li-itemize">removeuser:User:Server (remove this account)
+</li><li class="li-itemize">removeuser3:User:Server:Password (remove this account if the password is correct)
+</li></ul>
+</li></ul>
+</li><li class="li-itemize">write to stdout: AABB
+<ul class="itemize"><li class="li-itemize">
 A: the number 2 (coded as a short, which is bytes length of following result)
-</LI><LI CLASS="li-itemize">B: the result code (coded as a short), should be 1 for success/valid, or 0 for failure/invalid
-</LI></UL>
-</LI></UL><P>Example python script
-</P><PRE CLASS="verbatim">#!/usr/bin/python
+</li><li class="li-itemize">B: the result code (coded as a short), should be 1 for success/valid, or 0 for failure/invalid
+</li></ul>
+</li></ul><p>Example python script
+</p><pre class="verbatim">#!/usr/bin/python
 
 import sys
 from struct import *
@@ -242,10 +260,11 @@ while True:
     elif data[0] == "setpass":
         success = setpass(data[1], data[2], data[3])
     to_ejabberd(success)
-</PRE><!--TOC section XML Representation-->
-<H2 CLASS="section"><!--SEC ANCHOR --><A NAME="htoc10">5</A>&#XA0;&#XA0;XML Representation</H2><!--SEC END --><P>
-<A NAME="xmlrepr"></A></P><P>Each XML stanza is represented as the following tuple:
-</P><PRE CLASS="verbatim">XMLElement = {xmlelement, Name, Attrs, [ElementOrCDATA]}
+</pre>
+<!--TOC section id="sec11" XML Representation-->
+<h2 id="sec11" class="section">5&#XA0;&#XA0;XML Representation</h2><!--SEC END --><p>
+<a id="xmlrepr"></a></p><p>Each XML stanza is represented as the following tuple:
+</p><pre class="verbatim">XMLElement = {xmlelement, Name, Attrs, [ElementOrCDATA]}
         Name = string()
         Attrs = [Attr]
         Attr = {Key, Val}
@@ -253,30 +272,31 @@ while True:
         Val = string()
         ElementOrCDATA = XMLElement | CDATA
         CDATA = {xmlcdata, string()}
-</PRE><P>E.&#XA0;g. this stanza:
-</P><PRE CLASS="verbatim">&lt;message to='test@conference.example.org' type='groupchat'&gt;
+</pre><p>E.&#XA0;g. this stanza:
+</p><pre class="verbatim">&lt;message to='test@conference.example.org' type='groupchat'&gt;
   &lt;body&gt;test&lt;/body&gt;
 &lt;/message&gt;
-</PRE><P>is represented as the following structure:
-</P><PRE CLASS="verbatim">{xmlelement, "message",
+</pre><p>is represented as the following structure:
+</p><pre class="verbatim">{xmlelement, "message",
     [{"to", "test@conference.example.org"},
      {"type", "groupchat"}],
     [{xmlelement, "body",
          [],
          [{xmlcdata, "test"}]}]}}
-</PRE><!--TOC section Module <TT>xml</TT>-->
-<H2 CLASS="section"><!--SEC ANCHOR --><A NAME="htoc11">6</A>&#XA0;&#XA0;Module <TT>xml</TT></H2><!--SEC END --><P>
-<A NAME="xmlmod"></A></P><DL CLASS="description"><DT CLASS="dt-description">
-</DT><DD CLASS="dd-description"><CODE>element_to_string(El) -&gt; string()</CODE>
-<PRE CLASS="verbatim">El = XMLElement
-</PRE>Returns string representation of XML stanza <TT>El</TT>.</DD><DT CLASS="dt-description"></DT><DD CLASS="dd-description"><CODE>crypt(S) -&gt; string()</CODE>
-<PRE CLASS="verbatim">S = string()
-</PRE>Returns string which correspond to <TT>S</TT> with encoded XML special
-characters.</DD><DT CLASS="dt-description"></DT><DD CLASS="dd-description"><CODE>remove_cdata(ECList) -&gt; EList</CODE>
-<PRE CLASS="verbatim">ECList = [ElementOrCDATA]
+</pre>
+<!--TOC section id="sec12" Module <span style="font-family:monospace">xml</span>-->
+<h2 id="sec12" class="section">6&#XA0;&#XA0;Module <span style="font-family:monospace">xml</span></h2><!--SEC END --><p>
+<a id="xmlmod"></a></p><dl class="description"><dt class="dt-description">
+</dt><dd class="dd-description"><code>element_to_string(El) -&gt; string()</code>
+<pre class="verbatim">El = XMLElement
+</pre>Returns string representation of XML stanza <span style="font-family:monospace">El</span>.</dd><dt class="dt-description"></dt><dd class="dd-description"><code>crypt(S) -&gt; string()</code>
+<pre class="verbatim">S = string()
+</pre>Returns string which correspond to <span style="font-family:monospace">S</span> with encoded XML special
+characters.</dd><dt class="dt-description"></dt><dd class="dd-description"><code>remove_cdata(ECList) -&gt; EList</code>
+<pre class="verbatim">ECList = [ElementOrCDATA]
 EList = [XMLElement]
-</PRE><TT>EList</TT> is a list of all non-CDATA elements of ECList.</DD><DT CLASS="dt-description"></DT><DD CLASS="dd-description"><CODE>get_path_s(El, Path) -&gt; Res</CODE>
-<PRE CLASS="verbatim">El = XMLElement
+</pre><span style="font-family:monospace">EList</span> is a list of all non-CDATA elements of ECList.</dd><dt class="dt-description"></dt><dd class="dd-description"><code>get_path_s(El, Path) -&gt; Res</code>
+<pre class="verbatim">El = XMLElement
 Path = [PathItem]
 PathItem = PathElem | PathAttr | PathCDATA
 PathElem = {elem, Name}
@@ -284,57 +304,60 @@ PathAttr = {attr, Name}
 PathCDATA = cdata
 Name = string()
 Res = string() | XMLElement
-</PRE>If <TT>Path</TT> is empty, then returns <TT>El</TT>. Else sequentially
-consider elements of <TT>Path</TT>. Each element is one of:
-<DL CLASS="description"><DT CLASS="dt-description">
-</DT><DD CLASS="dd-description"><CODE>{elem, Name}</CODE> <TT>Name</TT> is name of subelement of
-<TT>El</TT>, if such element exists, then this element considered in
+</pre>If <span style="font-family:monospace">Path</span> is empty, then returns <span style="font-family:monospace">El</span>. Else sequentially
+consider elements of <span style="font-family:monospace">Path</span>. Each element is one of:
+<dl class="description"><dt class="dt-description">
+</dt><dd class="dd-description"><code>{elem, Name}</code> <span style="font-family:monospace">Name</span> is name of subelement of
+<span style="font-family:monospace">El</span>, if such element exists, then this element considered in
 following steps, else returns empty string.
-</DD><DT CLASS="dt-description"></DT><DD CLASS="dd-description"><CODE>{attr, Name}</CODE> If <TT>El</TT> have attribute <TT>Name</TT>, then
+</dd><dt class="dt-description"></dt><dd class="dd-description"><code>{attr, Name}</code> If <span style="font-family:monospace">El</span> have attribute <span style="font-family:monospace">Name</span>, then
 returns value of this attribute, else returns empty string.
-</DD><DT CLASS="dt-description"></DT><DD CLASS="dd-description"><CODE>cdata</CODE> Returns CDATA of <TT>El</TT>.
-</DD></DL></DD><DT CLASS="dt-description"></DT><DD CLASS="dd-description">TODO:
-<PRE CLASS="verbatim">         get_cdata/1, get_tag_cdata/1
+</dd><dt class="dt-description"></dt><dd class="dd-description"><code>cdata</code> Returns CDATA of <span style="font-family:monospace">El</span>.
+</dd></dl></dd><dt class="dt-description"></dt><dd class="dd-description">TODO:
+<pre class="verbatim">         get_cdata/1, get_tag_cdata/1
          get_attr/2, get_attr_s/2
          get_tag_attr/2, get_tag_attr_s/2
          get_subtag/2
-</PRE></DD></DL><!--TOC section Module <TT>xml_stream</TT>-->
-<H2 CLASS="section"><!--SEC ANCHOR --><A NAME="htoc12">7</A>&#XA0;&#XA0;Module <TT>xml_stream</TT></H2><!--SEC END --><P>
-<A NAME="xmlstreammod"></A></P><DL CLASS="description"><DT CLASS="dt-description">
-</DT><DD CLASS="dd-description"><CODE>parse_element(Str) -&gt; XMLElement | {error, Err}</CODE>
-<PRE CLASS="verbatim">Str = string()
+</pre></dd></dl>
+<!--TOC section id="sec13" Module <span style="font-family:monospace">xml_stream</span>-->
+<h2 id="sec13" class="section">7&#XA0;&#XA0;Module <span style="font-family:monospace">xml_stream</span></h2><!--SEC END --><p>
+<a id="xmlstreammod"></a></p><dl class="description"><dt class="dt-description">
+</dt><dd class="dd-description"><code>parse_element(Str) -&gt; XMLElement | {error, Err}</code>
+<pre class="verbatim">Str = string()
 Err = term()
-</PRE>Parses <TT>Str</TT> using XML parser, returns either parsed element or error
+</pre>Parses <span style="font-family:monospace">Str</span> using XML parser, returns either parsed element or error
 tuple.
-</DD></DL><!--TOC section Modules-->
-<H2 CLASS="section"><!--SEC ANCHOR --><A NAME="htoc13">8</A>&#XA0;&#XA0;Modules</H2><!--SEC END --><P>
-<A NAME="emods"></A></P><!--TOC subsection Module gen_iq_handler-->
-<H3 CLASS="subsection"><!--SEC ANCHOR --><A NAME="htoc14">8.1</A>&#XA0;&#XA0;Module gen_iq_handler</H3><!--SEC END --><P>
-<A NAME="geniqhandl"></A></P><P>The module <CODE>gen_iq_handler</CODE> allows to easily write handlers for IQ packets
-of particular XML namespaces that addressed to server or to users bare JIDs.</P><P>In this module the following functions are defined:
-</P><DL CLASS="description"><DT CLASS="dt-description">
-</DT><DD CLASS="dd-description"><CODE>add_iq_handler(Component, Host, NS, Module, Function, Type)</CODE>
-<PRE CLASS="verbatim">Component = Module = Function = atom()
+</dd></dl>
+<!--TOC section id="sec14" Modules-->
+<h2 id="sec14" class="section">8&#XA0;&#XA0;Modules</h2><!--SEC END --><p>
+<a id="emods"></a></p>
+<!--TOC subsection id="sec15" Module gen_iq_handler-->
+<h3 id="sec15" class="subsection">8.1&#XA0;&#XA0;Module gen_iq_handler</h3><!--SEC END --><p>
+<a id="geniqhandl"></a></p><p>The module <code>gen_iq_handler</code> allows to easily write handlers for IQ packets
+of particular XML namespaces that addressed to server or to users bare JIDs.</p><p>In this module the following functions are defined:
+</p><dl class="description"><dt class="dt-description">
+</dt><dd class="dd-description"><code>add_iq_handler(Component, Host, NS, Module, Function, Type)</code>
+<pre class="verbatim">Component = Module = Function = atom()
 Host = NS = string()
 Type = no_queue | one_queue | parallel
-</PRE>Registers function <CODE>Module:Function</CODE> as handler for IQ packets on
-virtual host <CODE>Host</CODE> that contain child of namespace <CODE>NS</CODE> in
-<CODE>Component</CODE>. Queueing discipline is <CODE>Type</CODE>. There are at least
+</pre>Registers function <code>Module:Function</code> as handler for IQ packets on
+virtual host <code>Host</code> that contain child of namespace <code>NS</code> in
+<code>Component</code>. Queueing discipline is <code>Type</code>. There are at least
 two components defined:
-<DL CLASS="description"><DT CLASS="dt-description">
-</DT><DD CLASS="dd-description"><CODE>ejabberd_local</CODE> Handles packets that addressed to server JID;
-</DD><DT CLASS="dt-description"></DT><DD CLASS="dd-description"><CODE>ejabberd_sm</CODE> Handles packets that addressed to users bare JIDs.
-</DD></DL>
-</DD><DT CLASS="dt-description"></DT><DD CLASS="dd-description"><CODE>remove_iq_handler(Component, Host, NS)</CODE>
-<PRE CLASS="verbatim">Component = atom()
+<dl class="description"><dt class="dt-description">
+</dt><dd class="dd-description"><code>ejabberd_local</code> Handles packets that addressed to server JID;
+</dd><dt class="dt-description"></dt><dd class="dd-description"><code>ejabberd_sm</code> Handles packets that addressed to users bare JIDs.
+</dd></dl>
+</dd><dt class="dt-description"></dt><dd class="dd-description"><code>remove_iq_handler(Component, Host, NS)</code>
+<pre class="verbatim">Component = atom()
 Host = NS = string()
-</PRE>Removes IQ handler on virtual host <CODE>Host</CODE> for namespace <CODE>NS</CODE> from
-<CODE>Component</CODE>.
-</DD></DL><P>Handler function must have the following type:
-</P><DL CLASS="description"><DT CLASS="dt-description">
-</DT><DD CLASS="dd-description"><CODE>Module:Function(From, To, IQ)</CODE>
-<PRE CLASS="verbatim">From = To = jid()
-</PRE></DD></DL><PRE CLASS="verbatim">-module(mod_cputime).
+</pre>Removes IQ handler on virtual host <code>Host</code> for namespace <code>NS</code> from
+<code>Component</code>.
+</dd></dl><p>Handler function must have the following type:
+</p><dl class="description"><dt class="dt-description">
+</dt><dd class="dd-description"><code>Module:Function(From, To, IQ)</code>
+<pre class="verbatim">From = To = jid()
+</pre></dd></dl><pre class="verbatim">-module(mod_cputime).
 
 -behaviour(gen_mod).
 
@@ -368,9 +391,10 @@ process_local_iq(From, To, {iq, ID, Type, XMLNS, SubEl}) -&gt;
                [{"xmlns", ?NS_CPUTIME}],
                [{xmlelement, "cputime", [], [{xmlcdata, SCPUTime}]}]}]}
     end.
-</PRE><!--TOC subsection Services-->
-<H3 CLASS="subsection"><!--SEC ANCHOR --><A NAME="htoc15">8.2</A>&#XA0;&#XA0;Services</H3><!--SEC END --><P>
-<A NAME="services"></A></P><PRE CLASS="verbatim">-module(mod_echo).
+</pre>
+<!--TOC subsection id="sec16" Services-->
+<h3 id="sec16" class="subsection">8.2&#XA0;&#XA0;Services</h3><!--SEC END --><p>
+<a id="services"></a></p><pre class="verbatim">-module(mod_echo).
 
 -behaviour(gen_mod).
 
@@ -404,10 +428,10 @@ stop(Host) -&gt;
     Proc = gen_mod:get_module_proc(Host, ?PROCNAME),
     Proc ! stop,
     {wait, Proc}.
-</PRE><!--CUT END -->
+</pre><!--CUT END -->
 <!--HTMLFOOT-->
 <!--ENDHTML-->
 <!--FOOTER-->
-<HR SIZE=2><BLOCKQUOTE CLASS="quote"><EM>This document was translated from L<sup>A</sup>T<sub>E</sub>X by
-</EM><A HREF="http://hevea.inria.fr/index.html"><EM>H</EM><EM><FONT SIZE=2><sup>E</sup></FONT></EM><EM>V</EM><EM><FONT SIZE=2><sup>E</sup></FONT></EM><EM>A</EM></A><EM>.</EM></BLOCKQUOTE></BODY>
-</HTML>
+<hr style="height:2"><blockquote class="quote"><em>This document was translated from L<sup>A</sup>T<sub>E</sub>X by
+</em><a href="http://hevea.inria.fr/index.html"><em>H</em><em><span style="font-size:small"><sup>E</sup></span></em><em>V</em><em><span style="font-size:small"><sup>E</sup></span></em><em>A</em></a><em>.</em></blockquote></body>
+</html>

doc/features.html

@@ -1,40 +1,45 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"
-            "http://www.w3.org/TR/REC-html40/loose.dtd">
-<HTML>
-<HEAD>
-<TITLE>Ejabberd 2.1.12 Feature Sheet
-</TITLE>
-
-<META http-equiv="Content-Type" content="text/html; charset=US-ASCII">
-<META name="GENERATOR" content="hevea 1.10">
-<STYLE type="text/css">
+<!DOCTYPE html>
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=US-ASCII">
+<meta name="generator" content="hevea 2.09">
+<style type="text/css">
 .li-itemize{margin:1ex 0ex;}
 .li-enumerate{margin:1ex 0ex;}
 .dd-description{margin:0ex 0ex 1ex 4ex;}
 .dt-description{margin:0ex;}
 .toc{list-style:none;}
+.footnotetext{margin:0ex; padding:0ex;}
+div.footnotetext P{margin:0px; text-indent:1em;}
 .thefootnotes{text-align:left;margin:0ex;}
 .dt-thefootnotes{margin:0em;}
 .dd-thefootnotes{margin:0em 0em 0em 2em;}
 .footnoterule{margin:1em auto 1em 0px;width:50%;}
 .caption{padding-left:2ex; padding-right:2ex; margin-left:auto; margin-right:auto}
 .title{margin:2ex auto;text-align:center}
+.titlemain{margin:1ex 2ex 2ex 1ex;}
+.titlerest{margin:0ex 2ex;}
 .center{text-align:center;margin-left:auto;margin-right:auto;}
 .flushleft{text-align:left;margin-left:0ex;margin-right:auto;}
 .flushright{text-align:right;margin-left:auto;margin-right:0ex;}
-DIV TABLE{margin-left:inherit;margin-right:inherit;}
-PRE{text-align:left;margin-left:0ex;margin-right:auto;}
-BLOCKQUOTE{margin-left:4ex;margin-right:4ex;text-align:left;}
-TD P{margin:0px;}
+div table{margin-left:inherit;margin-right:inherit;margin-bottom:2px;margin-top:2px}
+td table{margin:auto;}
+table{border-collapse:collapse;}
+td{padding:0;}
+.cellpadding0 tr td{padding:0;}
+.cellpadding1 tr td{padding:1px;}
+pre{text-align:left;margin-left:0ex;margin-right:auto;}
+blockquote{margin-left:4ex;margin-right:4ex;text-align:left;}
+td p{margin:0px;}
 .boxed{border:1px solid black}
 .textboxed{border:1px solid black}
 .vbar{border:none;width:2px;background-color:black;}
 .hbar{border:none;height:2px;width:100%;background-color:black;}
 .hfill{border:none;height:1px;width:200%;background-color:black;}
 .vdisplay{border-collapse:separate;border-spacing:2px;width:auto; empty-cells:show; border:2px solid red;}
-.vdcell{white-space:nowrap;padding:0px;width:auto; border:2px solid green;}
+.vdcell{white-space:nowrap;padding:0px; border:2px solid green;}
 .display{border-collapse:separate;border-spacing:2px;width:auto; border:none;}
-.dcell{white-space:nowrap;padding:0px;width:auto; border:none;}
+.dcell{white-space:nowrap;padding:0px; border:none;}
 .dcenter{margin:0ex auto;}
 .vdcenter{border:solid #FF8000 2px; margin:0ex auto;}
 .minipage{text-align:left; margin-left:0em; margin-right:auto;}
@@ -44,89 +49,95 @@ TD P{margin:0px;}
 .theorem{text-align:left;margin:1ex auto 1ex 0ex;}
 .part{margin:2ex auto;text-align:center}
 SPAN{width:20%; float:right; text-align:left; margin-left:auto;}
-</STYLE>
-</HEAD>
-<BODY >
+</style>
+<title>Ejabberd community 14.05-120-gedfb5fc Feature Sheet
+</title>
+</head>
+<body >
 <!--HEVEA command line is: /usr/bin/hevea -fix -pedantic features.tex -->
-<!--CUT DEF section 1 --><P><A NAME="titlepage"></A>
+<!--CUT STYLE article--><!--CUT DEF section 1 --><p><a id="titlepage"></a>
 
-</P><TABLE CLASS="title"><TR><TD><H1 CLASS="titlemain">Ejabberd 2.1.12 Feature Sheet</H1><H3 CLASS="titlerest">Sander Devrieze<BR>
- <A HREF="mailto:s.devrieze@pandora.be"><TT>mailto:s.devrieze@pandora.be</TT></A><BR>
- <A HREF="xmpp:sander@devrieze.dyndns.org"><TT>xmpp:sander@devrieze.dyndns.org</TT></A></H3></TD></TR>
-</TABLE><DIV CLASS="center">
+</p><table class="title"><tr><td style="padding:1ex"><h1 class="titlemain">Ejabberd community 14.05-120-gedfb5fc Feature Sheet</h1><h3 class="titlerest">Sander Devrieze <br>
+ <a href="mailto:s.devrieze@pandora.be"><span style="font-family:monospace">mailto:s.devrieze@pandora.be</span></a> <br>
+ <a href="xmpp:sander@devrieze.dyndns.org"><span style="font-family:monospace">xmpp:sander@devrieze.dyndns.org</span></a></h3></td></tr>
+</table><div class="center">
 
-<IMG SRC="logo.png" ALT="logo.png">
+<img src="logo.png" alt="logo.png">
 
 
-</DIV><BLOCKQUOTE CLASS="quotation"><FONT COLOR="#921700"><I>I can thoroughly recommend ejabberd for ease of setup &#X2013;
-Kevin Smith, Current maintainer of the Psi project</I></FONT></BLOCKQUOTE><P>Introduction
-<A NAME="intro"></A></P><BLOCKQUOTE CLASS="quotation"><FONT COLOR="#921700"><I>I just tried out ejabberd and was impressed both by ejabberd itself and the language it is written in, Erlang. &#X2014;
-Joeri</I></FONT></BLOCKQUOTE><P><TT>ejabberd</TT> is a <B><FONT SIZE=4><FONT COLOR="#001376">free and open source</FONT></FONT></B> instant messaging server written in <A HREF="http://www.erlang.org/">Erlang/OTP</A>.</P><P><TT>ejabberd</TT> is <B><FONT SIZE=4><FONT COLOR="#001376">cross-platform</FONT></FONT></B>, distributed, fault-tolerant, and based on open standards to achieve real-time communication.</P><P><TT>ejabberd</TT> is designed to be a <B><FONT SIZE=4><FONT COLOR="#001376">rock-solid and feature rich</FONT></FONT></B> XMPP server.</P><P><TT>ejabberd</TT> is suitable for small deployments, whether they need to be <B><FONT SIZE=4><FONT COLOR="#001376">scalable</FONT></FONT></B> or not, as well as extremely big deployments.</P><!--TOC section Key Features-->
-<H2 CLASS="section"><!--SEC ANCHOR --><A NAME="htoc1"></A>Key Features</H2><!--SEC END --><P>
-<A NAME="keyfeatures"></A>
-</P><BLOCKQUOTE CLASS="quotation"><FONT COLOR="#921700"><I>Erlang seems to be tailor-made for writing stable, robust servers. &#X2014;
-Peter Saint-Andr&#XE9;, Executive Director of the Jabber Software Foundation</I></FONT></BLOCKQUOTE><P><TT>ejabberd</TT> is:
-</P><UL CLASS="itemize"><LI CLASS="li-itemize">
-<B><FONT SIZE=4><FONT COLOR="#001376">Cross-platform:</FONT></FONT></B> <TT>ejabberd</TT> runs under Microsoft Windows and Unix derived systems such as Linux, FreeBSD and NetBSD.</LI><LI CLASS="li-itemize"><B><FONT SIZE=4><FONT COLOR="#001376">Distributed:</FONT></FONT></B> You can run <TT>ejabberd</TT> on a cluster of machines and all of them will serve the same Jabber domain(s). When you need more capacity you can simply add a new cheap node to your cluster. Accordingly, you do not need to buy an expensive high-end machine to support tens of thousands concurrent users.</LI><LI CLASS="li-itemize"><B><FONT SIZE=4><FONT COLOR="#001376">Fault-tolerant:</FONT></FONT></B> You can deploy an <TT>ejabberd</TT> cluster so that all the information required for a properly working service will be replicated permanently on all nodes. This means that if one of the nodes crashes, the others will continue working without disruption. In addition, nodes also can be added or replaced &#X2018;on the fly&#X2019;.</LI><LI CLASS="li-itemize"><B><FONT SIZE=4><FONT COLOR="#001376">Administrator Friendly:</FONT></FONT></B> <TT>ejabberd</TT> is built on top of the Open Source Erlang. As a result you do not need to install an external database, an external web server, amongst others because everything is already included, and ready to run out of the box. Other administrator benefits include:
-<UL CLASS="itemize"><LI CLASS="li-itemize">
+</div><blockquote class="quotation"><span style="color:#921700"><span style="font-style:italic">I can thoroughly recommend ejabberd for ease of setup &#X2013;
+Kevin Smith, Current maintainer of the Psi project</span></span></blockquote><p>Introduction
+<a id="intro"></a></p><blockquote class="quotation"><span style="color:#921700"><span style="font-style:italic">I just tried out ejabberd and was impressed both by ejabberd itself and the language it is written in, Erlang. &#X2014;
+Joeri</span></span></blockquote><p><span style="font-family:monospace">ejabberd</span> is a <span style="font-weight:bold"><span style="font-size:large"><span style="color:#001376">free and open source</span></span></span> instant messaging server written in <a href="http://www.erlang.org/">Erlang/OTP</a>.</p><p><span style="font-family:monospace">ejabberd</span> is <span style="font-weight:bold"><span style="font-size:large"><span style="color:#001376">cross-platform</span></span></span>, distributed, fault-tolerant, and based on open standards to achieve real-time communication.</p><p><span style="font-family:monospace">ejabberd</span> is designed to be a <span style="font-weight:bold"><span style="font-size:large"><span style="color:#001376">rock-solid and feature rich</span></span></span> XMPP server.</p><p><span style="font-family:monospace">ejabberd</span> is suitable for small deployments, whether they need to be <span style="font-weight:bold"><span style="font-size:large"><span style="color:#001376">scalable</span></span></span> or not, as well as extremely big deployments.</p>
+<!--TOC section id="sec1" Key Features-->
+<h2 id="sec1" class="section">Key Features</h2><!--SEC END --><p>
+<a id="keyfeatures"></a>
+</p><blockquote class="quotation"><span style="color:#921700"><span style="font-style:italic">Erlang seems to be tailor-made for writing stable, robust servers. &#X2014;
+Peter Saint-Andr&#XE9;, Executive Director of the Jabber Software Foundation</span></span></blockquote><p><span style="font-family:monospace">ejabberd</span> is:
+</p><ul class="itemize"><li class="li-itemize">
+<span style="font-weight:bold"><span style="font-size:large"><span style="color:#001376">Cross-platform:</span></span></span> <span style="font-family:monospace">ejabberd</span> runs under Microsoft Windows and Unix derived systems such as Linux, FreeBSD and NetBSD.</li><li class="li-itemize"><span style="font-weight:bold"><span style="font-size:large"><span style="color:#001376">Distributed:</span></span></span> You can run <span style="font-family:monospace">ejabberd</span> on a cluster of machines and all of them will serve the same Jabber domain(s). When you need more capacity you can simply add a new cheap node to your cluster. Accordingly, you do not need to buy an expensive high-end machine to support tens of thousands concurrent users.</li><li class="li-itemize"><span style="font-weight:bold"><span style="font-size:large"><span style="color:#001376">Fault-tolerant:</span></span></span> You can deploy an <span style="font-family:monospace">ejabberd</span> cluster so that all the information required for a properly working service will be replicated permanently on all nodes. This means that if one of the nodes crashes, the others will continue working without disruption. In addition, nodes also can be added or replaced &#X2018;on the fly&#X2019;.</li><li class="li-itemize"><span style="font-weight:bold"><span style="font-size:large"><span style="color:#001376">Administrator Friendly:</span></span></span> <span style="font-family:monospace">ejabberd</span> is built on top of the Open Source Erlang. As a result you do not need to install an external database, an external web server, amongst others because everything is already included, and ready to run out of the box. Other administrator benefits include:
+<ul class="itemize"><li class="li-itemize">
 Comprehensive documentation.
-</LI><LI CLASS="li-itemize">Straightforward installers for Linux, Mac OS X, and Windows. </LI><LI CLASS="li-itemize">Web Administration.
-</LI><LI CLASS="li-itemize">Shared Roster Groups.
-</LI><LI CLASS="li-itemize">Command line administration tool. </LI><LI CLASS="li-itemize">Can integrate with existing authentication mechanisms.
-</LI><LI CLASS="li-itemize">Capability to send announce messages.
-</LI></UL></LI><LI CLASS="li-itemize"><B><FONT SIZE=4><FONT COLOR="#001376">Internationalized:</FONT></FONT></B> <TT>ejabberd</TT> leads in internationalization. Hence it is very well suited in a globalized world. Related features are:
-<UL CLASS="itemize"><LI CLASS="li-itemize">
-Translated to 25 languages. </LI><LI CLASS="li-itemize">Support for <A HREF="http://www.ietf.org/rfc/rfc3490.txt">IDNA</A>.
-</LI></UL></LI><LI CLASS="li-itemize"><B><FONT SIZE=4><FONT COLOR="#001376">Open Standards:</FONT></FONT></B> <TT>ejabberd</TT> is the first Open Source Jabber server claiming to fully comply to the XMPP standard.
-<UL CLASS="itemize"><LI CLASS="li-itemize">
+</li><li class="li-itemize">Straightforward installers for Linux, Mac OS X, and Windows. </li><li class="li-itemize">Web Administration.
+</li><li class="li-itemize">Shared Roster Groups.
+</li><li class="li-itemize">Command line administration tool. </li><li class="li-itemize">Can integrate with existing authentication mechanisms.
+</li><li class="li-itemize">Capability to send announce messages.
+</li></ul></li><li class="li-itemize"><span style="font-weight:bold"><span style="font-size:large"><span style="color:#001376">Internationalized:</span></span></span> <span style="font-family:monospace">ejabberd</span> leads in internationalization. Hence it is very well suited in a globalized world. Related features are:
+<ul class="itemize"><li class="li-itemize">
+Translated to 25 languages. </li><li class="li-itemize">Support for <a href="http://www.ietf.org/rfc/rfc3490.txt">IDNA</a>.
+</li></ul></li><li class="li-itemize"><span style="font-weight:bold"><span style="font-size:large"><span style="color:#001376">Open Standards:</span></span></span> <span style="font-family:monospace">ejabberd</span> is the first Open Source Jabber server claiming to fully comply to the XMPP standard.
+<ul class="itemize"><li class="li-itemize">
 Fully XMPP compliant.
-</LI><LI CLASS="li-itemize">XML-based protocol.
-</LI><LI CLASS="li-itemize"><A HREF="http://www.ejabberd.im/protocols">Many protocols supported</A>.
-</LI></UL></LI></UL><!--TOC section Additional Features-->
-<H2 CLASS="section"><!--SEC ANCHOR --><A NAME="htoc2"></A>Additional Features</H2><!--SEC END --><P>
-<A NAME="addfeatures"></A>
-</P><BLOCKQUOTE CLASS="quotation"><FONT COLOR="#921700"><I>ejabberd is making inroads to solving the "buggy incomplete server" problem &#X2014;
-Justin Karneges, Founder of the Psi and the Delta projects</I></FONT></BLOCKQUOTE><P>Moreover, <TT>ejabberd</TT> comes with a wide range of other state-of-the-art features:
-</P><UL CLASS="itemize"><LI CLASS="li-itemize">
+</li><li class="li-itemize">XML-based protocol.
+</li><li class="li-itemize"><a href="http://www.ejabberd.im/protocols">Many protocols supported</a>.
+</li></ul></li></ul>
+<!--TOC section id="sec2" Additional Features-->
+<h2 id="sec2" class="section">Additional Features</h2><!--SEC END --><p>
+<a id="addfeatures"></a>
+</p><blockquote class="quotation"><span style="color:#921700"><span style="font-style:italic">ejabberd is making inroads to solving the "buggy incomplete server" problem &#X2014;
+Justin Karneges, Founder of the Psi and the Delta projects</span></span></blockquote><p>Moreover, <span style="font-family:monospace">ejabberd</span> comes with a wide range of other state-of-the-art features:
+</p><ul class="itemize"><li class="li-itemize">
 Modular
-<UL CLASS="itemize"><LI CLASS="li-itemize">
+<ul class="itemize"><li class="li-itemize">
 Load only the modules you want.
-</LI><LI CLASS="li-itemize">Extend <TT>ejabberd</TT> with your own custom modules.
-</LI></UL>
-</LI><LI CLASS="li-itemize">Security
-<UL CLASS="itemize"><LI CLASS="li-itemize">
+</li><li class="li-itemize">Extend <span style="font-family:monospace">ejabberd</span> with your own custom modules.
+</li></ul>
+</li><li class="li-itemize">Security
+<ul class="itemize"><li class="li-itemize">
 SASL and STARTTLS for c2s and s2s connections.
-</LI><LI CLASS="li-itemize">STARTTLS and Dialback s2s connections.
-</LI><LI CLASS="li-itemize">Web Admin accessible via HTTPS secure access.
-</LI></UL>
-</LI><LI CLASS="li-itemize">Databases
-<UL CLASS="itemize"><LI CLASS="li-itemize">
+</li><li class="li-itemize">STARTTLS and Dialback s2s connections.
+</li><li class="li-itemize">Web Admin accessible via HTTPS secure access.
+</li></ul>
+</li><li class="li-itemize">Databases
+<ul class="itemize"><li class="li-itemize">
 Internal database for fast deployment (Mnesia).
-</LI><LI CLASS="li-itemize">Native MySQL support.
-</LI><LI CLASS="li-itemize">Native PostgreSQL support.
-</LI><LI CLASS="li-itemize">ODBC data storage support.
-</LI><LI CLASS="li-itemize">Microsoft SQL Server support. </LI></UL>
-</LI><LI CLASS="li-itemize">Authentication
-<UL CLASS="itemize"><LI CLASS="li-itemize">
+</li><li class="li-itemize">Native MySQL support.
+</li><li class="li-itemize">Native PostgreSQL support.
+</li><li class="li-itemize">ODBC data storage support.
+</li><li class="li-itemize">Microsoft SQL Server support. </li><li class="li-itemize">Riak NoSQL database support.
+</li></ul>
+</li><li class="li-itemize">Authentication
+<ul class="itemize"><li class="li-itemize">
 Internal Authentication.
-</LI><LI CLASS="li-itemize">PAM, LDAP and ODBC. </LI><LI CLASS="li-itemize">External Authentication script.
-</LI></UL>
-</LI><LI CLASS="li-itemize">Others
-<UL CLASS="itemize"><LI CLASS="li-itemize">
+</li><li class="li-itemize">PAM, LDAP, ODBC and Riak. </li><li class="li-itemize">External Authentication script.
+</li></ul>
+</li><li class="li-itemize">Others
+<ul class="itemize"><li class="li-itemize">
 Support for virtual hosting.
-</LI><LI CLASS="li-itemize">Compressing XML streams with Stream Compression (<A HREF="http://www.xmpp.org/extensions/xep-0138.html">XEP-0138</A>).
-</LI><LI CLASS="li-itemize">Statistics via Statistics Gathering (<A HREF="http://www.xmpp.org/extensions/xep-0039.html">XEP-0039</A>).
-</LI><LI CLASS="li-itemize">IPv6 support both for c2s and s2s connections.
-</LI><LI CLASS="li-itemize"><A HREF="http://www.xmpp.org/extensions/xep-0045.html">Multi-User Chat</A> module with support for clustering and HTML logging. </LI><LI CLASS="li-itemize">Users Directory based on users vCards.
-</LI><LI CLASS="li-itemize"><A HREF="http://www.xmpp.org/extensions/xep-0060.html">Publish-Subscribe</A> component with support for <A HREF="http://www.xmpp.org/extensions/xep-0163.html">Personal Eventing via Pubsub</A>.
-</LI><LI CLASS="li-itemize">Support for web clients: <A HREF="http://www.xmpp.org/extensions/xep-0025.html">HTTP Polling</A> and <A HREF="http://www.xmpp.org/extensions/xep-0206.html">HTTP Binding (BOSH)</A> services.
-</LI><LI CLASS="li-itemize">IRC transport.
-</LI><LI CLASS="li-itemize">Component support: interface with networks such as AIM, ICQ and MSN installing special tranports.
-</LI></UL>
-</LI></UL><!--CUT END -->
+</li><li class="li-itemize">Compressing XML streams with Stream Compression (<a href="http://www.xmpp.org/extensions/xep-0138.html">XEP-0138</a>).
+</li><li class="li-itemize">Statistics via Statistics Gathering (<a href="http://www.xmpp.org/extensions/xep-0039.html">XEP-0039</a>).
+</li><li class="li-itemize">IPv6 support both for c2s and s2s connections.
+</li><li class="li-itemize"><a href="http://www.xmpp.org/extensions/xep-0045.html">Multi-User Chat</a> module with support for clustering and HTML logging. </li><li class="li-itemize">Users Directory based on users vCards.
+</li><li class="li-itemize"><a href="http://www.xmpp.org/extensions/xep-0060.html">Publish-Subscribe</a> component with support for <a href="http://www.xmpp.org/extensions/xep-0163.html">Personal Eventing via Pubsub</a>.
+</li><li class="li-itemize">Support for web clients: <a href="http://www.xmpp.org/extensions/xep-0025.html">HTTP Polling</a> and <a href="http://www.xmpp.org/extensions/xep-0206.html">HTTP Binding (BOSH)</a> services.
+</li><li class="li-itemize">IRC transport.
+</li><li class="li-itemize">SIP support.
+</li><li class="li-itemize">Component support: interface with networks such as AIM, ICQ and MSN installing special tranports.
+</li></ul>
+</li></ul><!--CUT END -->
 <!--HTMLFOOT-->
 <!--ENDHTML-->
 <!--FOOTER-->
-<HR SIZE=2><BLOCKQUOTE CLASS="quote"><EM>This document was translated from L<sup>A</sup>T<sub>E</sub>X by
-</EM><A HREF="http://hevea.inria.fr/index.html"><EM>H</EM><EM><FONT SIZE=2><sup>E</sup></FONT></EM><EM>V</EM><EM><FONT SIZE=2><sup>E</sup></FONT></EM><EM>A</EM></A><EM>.</EM></BLOCKQUOTE></BODY>
-</HTML>
+<hr style="height:2"><blockquote class="quote"><em>This document was translated from L<sup>A</sup>T<sub>E</sub>X by
+</em><a href="http://hevea.inria.fr/index.html"><em>H</em><em><span style="font-size:small"><sup>E</sup></span></em><em>V</em><em><span style="font-size:small"><sup>E</sup></span></em><em>A</em></a><em>.</em></blockquote></body>
+</html>

doc/introduction.tex

@@ -110,11 +110,12 @@ Moreover, \ejabberd{} comes with a wide range of other state-of-the-art features
 \item Native PostgreSQL support.
 \item ODBC data storage support.
 \item Microsoft SQL Server support. %%\new{}
+\item Riak NoSQL database support.
 \end{itemize}
 \item Authentication
 \begin{itemize}
 \item Internal Authentication.
-\item PAM, LDAP and ODBC.  %%\improved{}
+\item PAM, LDAP, ODBC and Riak.  %%\improved{}
 \item External Authentication script.
 \end{itemize}
 \item Others
@@ -128,6 +129,7 @@ Moreover, \ejabberd{} comes with a wide range of other state-of-the-art features
 \item \txepref{0060}{Publish-Subscribe} component with support for \txepref{0163}{Personal Eventing via Pubsub}.
 \item Support for web clients: \txepref{0025}{HTTP Polling} and \txepref{0206}{HTTP Binding (BOSH)} services.
 \item IRC transport.
+\item SIP support.
 \item Component support: interface with networks such as AIM, ICQ and MSN installing special tranports.
 \end{itemize}
 \end{itemize}

doc/version.tex

@@ -1,2 +0,0 @@
-% ejabberd version (automatically generated).
-\newcommand{\version}{13.03-beta2}

ejabberd.cfg.example

@@ -1,609 +0,0 @@
-%%%
-%%%               ejabberd configuration file
-%%%
-%%%'
-
-%%% The parameters used in this configuration file are explained in more detail
-%%% in the ejabberd Installation and Operation Guide.
-%%% Please consult the Guide in case of doubts, it is included with
-%%% your copy of ejabberd, and is also available online at
-%%% http://www.process-one.net/en/ejabberd/docs/
-
-%%% This configuration file contains Erlang terms.
-%%% In case you want to understand the syntax, here are the concepts:
-%%%
-%%%  - The character to comment a line is %
-%%%
-%%%  - Each term ends in a dot, for example:
-%%%      override_global.
-%%%
-%%%  - A tuple has a fixed definition, its elements are
-%%%    enclosed in {}, and separated with commas:
-%%%      {loglevel, 4}.
-%%%
-%%%  - A list can have as many elements as you want,
-%%%    and is enclosed in [], for example:
-%%%      [http_poll, web_admin, tls]
-%%%
-%%%  - A keyword of ejabberd is a word in lowercase.
-%%%    Strings are enclosed in "" and can contain spaces, dots, ...
-%%%      {language, "en"}.
-%%%      {ldap_rootdn, "dc=example,dc=com"}.
-%%%
-%%%  - This term includes a tuple, a keyword, a list, and two strings:
-%%%      {hosts, ["jabber.example.net", "im.example.com"]}.
-%%%
-
-
-%%%.   =======================
-%%%'   OVERRIDE STORED OPTIONS
-
-%%
-%% Override the old values stored in the database.
-%%
-
-%%
-%% Override global options (shared by all ejabberd nodes in a cluster).
-%%
-%%override_global.
-
-%%
-%% Override local options (specific for this particular ejabberd node).
-%%
-%%override_local.
-
-%%
-%% Remove the Access Control Lists before new ones are added.
-%%
-%%override_acls.
-
-
-%%%.   =========
-%%%'   DEBUGGING
-
-%%
-%% loglevel: Verbosity of log files generated by ejabberd.
-%% 0: No ejabberd log at all (not recommended)
-%% 1: Critical
-%% 2: Error
-%% 3: Warning
-%% 4: Info
-%% 5: Debug
-%%
-{loglevel, 4}.
-
-%%
-%% watchdog_admins: Only useful for developers: if an ejabberd process
-%% consumes a lot of memory, send live notifications to these XMPP
-%% accounts.
-%%
-%%{watchdog_admins, ["bob@example.com"]}.
-
-
-%%%.   ================
-%%%'   SERVED HOSTNAMES
-
-%%
-%% hosts: Domains served by ejabberd.
-%% You can define one or several, for example:
-%% {hosts, ["example.net", "example.com", "example.org"]}.
-%%
-{hosts, ["localhost"]}.
-
-%%
-%% route_subdomains: Delegate subdomains to other XMPP servers.
-%% For example, if this ejabberd serves example.org and you want
-%% to allow communication with an XMPP server called im.example.org.
-%%
-%%{route_subdomains, s2s}.
-
-
-%%%.   ===============
-%%%'   LISTENING PORTS
-
-%%
-%% listen: The ports ejabberd will listen on, which service each is handled
-%% by and what options to start it with.
-%%
-{listen,
- [
-
-  {5222, ejabberd_c2s, [
-
-			%%
-			%% If TLS is compiled in and you installed a SSL
-			%% certificate, specify the full path to the
-			%% file and uncomment this line:
-			%%
-			%%{certfile, "/path/to/ssl.pem"}, starttls,
-
-			{access, c2s},
-			{shaper, c2s_shaper},
-			{max_stanza_size, 65536}
-		       ]},
-
-  %%
-  %% To enable the old SSL connection method on port 5223:
-  %%
-  %%{5223, ejabberd_c2s, [
-  %%			{access, c2s},
-  %%			{shaper, c2s_shaper},
-  %%			{certfile, "/path/to/ssl.pem"}, tls,
-  %%			{max_stanza_size, 65536}
-  %%		       ]},
-
-  {5269, ejabberd_s2s_in, [
-			   {shaper, s2s_shaper},
-			   {max_stanza_size, 131072}
-			  ]},
-
-  %%
-  %% ejabberd_service: Interact with external components (transports, ...)
-  %%
-  %%{8888, ejabberd_service, [
-  %%			    {access, all},
-  %%			    {shaper_rule, fast},
-  %%			    {hosts, ["icq.example.org", "sms.example.org"],
-  %%			     [{password, "secret"}]
-  %%			    }
-  %%			   ]},
-
-  %%
-  %% ejabberd_stun: Handles STUN Binding requests
-  %%
-  %%{{3478, udp}, ejabberd_stun, []},
-
-  {5280, ejabberd_http, [
-			 %%{request_handlers,
-			 %% [
-			 %%  {["pub", "archive"], mod_http_fileserver}
-			 %% ]},
-			 captcha,
-			 http_bind,
-			 http_poll,
-			 %%register,
-			 web_admin
-			]}
-
- ]}.
-
-%%
-%% s2s_use_starttls: Enable STARTTLS + Dialback for S2S connections.
-%% Allowed values are: false optional required required_trusted
-%% You must specify a certificate file.
-%%
-%%{s2s_use_starttls, optional}.
-
-%%
-%% s2s_certfile: Specify a certificate file.
-%%
-%%{s2s_certfile, "/path/to/ssl.pem"}.
-
-%%
-%% domain_certfile: Specify a different certificate for each served hostname.
-%%
-%%{domain_certfile, "example.org", "/path/to/example_org.pem"}.
-%%{domain_certfile, "example.com", "/path/to/example_com.pem"}.
-
-%%
-%% S2S whitelist or blacklist
-%%
-%% Default s2s policy for undefined hosts.
-%%
-%%{s2s_default_policy, allow}.
-
-%%
-%% Allow or deny communication with specific servers.
-%%
-%%{{s2s_host, "goodhost.org"}, allow}.
-%%{{s2s_host, "badhost.org"}, deny}.
-
-%%
-%% Outgoing S2S options
-%%
-%% Preferred address families (which to try first) and connect timeout
-%% in milliseconds.
-%%
-%%{outgoing_s2s_options, [ipv4, ipv6], 10000}.
-
-
-%%%.   ==============
-%%%'   AUTHENTICATION
-
-%%
-%% auth_method: Method used to authenticate the users.
-%% The default method is the internal.
-%% If you want to use a different method,
-%% comment this line and enable the correct ones.
-%%
-{auth_method, internal}.
-%%
-%% Store the plain passwords or hashed for SCRAM:
-%%{auth_password_format, plain}.
-%%{auth_password_format, scram}.
-%%
-%% Define the FQDN if ejabberd doesn't detect it:
-%%{fqdn, "server3.example.com"}.
-
-%%
-%% Authentication using external script
-%% Make sure the script is executable by ejabberd.
-%%
-%%{auth_method, external}.
-%%{extauth_program, "/path/to/authentication/script"}.
-
-%%
-%% Authentication using ODBC
-%% Remember to setup a database in the next section.
-%%
-%%{auth_method, odbc}.
-
-%%
-%% Authentication using PAM
-%%
-%%{auth_method, pam}.
-%%{pam_service, "pamservicename"}.
-
-%%
-%% Authentication using LDAP
-%%
-%%{auth_method, ldap}.
-%%
-%% List of LDAP servers:
-%%{ldap_servers, ["localhost"]}.
-%%
-%% Encryption of connection to LDAP servers:
-%%{ldap_encrypt, none}.
-%%{ldap_encrypt, tls}.
-%%
-%% Port to connect to on LDAP servers:
-%%{ldap_port, 389}.
-%%{ldap_port, 636}.
-%%
-%% LDAP manager:
-%%{ldap_rootdn, "dc=example,dc=com"}.
-%%
-%% Password of LDAP manager:
-%%{ldap_password, "******"}.
-%%
-%% Search base of LDAP directory:
-%%{ldap_base, "dc=example,dc=com"}.
-%%
-%% LDAP attribute that holds user ID:
-%%{ldap_uids, [{"mail", "%u@mail.example.org"}]}.
-%%
-%% LDAP filter:
-%%{ldap_filter, "(objectClass=shadowAccount)"}.
-
-%%
-%% Anonymous login support:
-%%   auth_method: anonymous
-%%   anonymous_protocol: sasl_anon | login_anon | both
-%%   allow_multiple_connections: true | false
-%%
-%%{host_config, "public.example.org", [{auth_method, anonymous},
-%%                                     {allow_multiple_connections, false},
-%%                                     {anonymous_protocol, sasl_anon}]}.
-%%
-%% To use both anonymous and internal authentication:
-%%
-%%{host_config, "public.example.org", [{auth_method, [internal, anonymous]}]}.
-
-
-%%%.   ==============
-%%%'   DATABASE SETUP
-
-%% ejabberd by default uses the internal Mnesia database,
-%% so you do not necessarily need this section.
-%% This section provides configuration examples in case
-%% you want to use other database backends.
-%% Please consult the ejabberd Guide for details on database creation.
-
-%%
-%% MySQL server:
-%%
-%%{odbc_server, {mysql, "server", "database", "username", "password"}}.
-%%
-%% If you want to specify the port:
-%%{odbc_server, {mysql, "server", 1234, "database", "username", "password"}}.
-
-%%
-%% PostgreSQL server:
-%%
-%%{odbc_server, {pgsql, "server", "database", "username", "password"}}.
-%%
-%% If you want to specify the port:
-%%{odbc_server, {pgsql, "server", 1234, "database", "username", "password"}}.
-%%
-%% If you use PostgreSQL, have a large database, and need a
-%% faster but inexact replacement for "select count(*) from users"
-%%
-%%{pgsql_users_number_estimate, true}.
-
-%%
-%% ODBC compatible or MSSQL server:
-%%
-%%{odbc_server, "DSN=ejabberd;UID=ejabberd;PWD=ejabberd"}.
-
-%%
-%% Number of connections to open to the database for each virtual host
-%%
-%%{odbc_pool_size, 10}.
-
-%%
-%% Interval to make a dummy SQL request to keep the connections to the
-%% database alive. Specify in seconds: for example 28800 means 8 hours
-%%
-%%{odbc_keepalive_interval, undefined}.
-
-
-%%%.   ===============
-%%%'   TRAFFIC SHAPERS
-
-%%
-%% The "normal" shaper limits traffic speed to 1000 B/s
-%%
-{shaper, normal, {maxrate, 1000}}.
-
-%%
-%% The "fast" shaper limits traffic speed to 50000 B/s
-%%
-{shaper, fast, {maxrate, 50000}}.
-
-%%
-%% This option specifies the maximum number of elements in the queue
-%% of the FSM. Refer to the documentation for details.
-%%
-{max_fsm_queue, 1000}.
-
-
-%%%.   ====================
-%%%'   ACCESS CONTROL LISTS
-
-%%
-%% The 'admin' ACL grants administrative privileges to XMPP accounts.
-%% You can put here as many accounts as you want.
-%%
-%%{acl, admin, {user, "aleksey", "localhost"}}.
-%%{acl, admin, {user, "ermine", "example.org"}}.
-
-%%
-%% Blocked users
-%%
-%%{acl, blocked, {user, "baduser", "example.org"}}.
-%%{acl, blocked, {user, "test"}}.
-
-%%
-%% Local users: don't modify this line.
-%%
-{acl, local, {user_regexp, ""}}.
-
-%%
-%% More examples of ACLs
-%%
-%%{acl, jabberorg, {server, "jabber.org"}}.
-%%{acl, aleksey, {user, "aleksey", "jabber.ru"}}.
-%%{acl, test, {user_regexp, "^test"}}.
-%%{acl, test, {user_glob, "test*"}}.
-
-%%
-%% Define specific ACLs in a virtual host.
-%%
-%%{host_config, "localhost",
-%% [
-%%  {acl, admin, {user, "bob-local", "localhost"}}
-%% ]
-%%}.
-
-
-%%%.   ============
-%%%'   ACCESS RULES
-
-%% Maximum number of simultaneous sessions allowed for a single user:
-{access, max_user_sessions, [{10, all}]}.
-
-%% Maximum number of offline messages that users can have:
-{access, max_user_offline_messages, [{5000, admin}, {100, all}]}.
-
-%% This rule allows access only for local users:
-{access, local, [{allow, local}]}.
-
-%% Only non-blocked users can use c2s connections:
-{access, c2s, [{deny, blocked},
-	       {allow, all}]}.
-
-%% For C2S connections, all users except admins use the "normal" shaper
-{access, c2s_shaper, [{none, admin},
-		      {normal, all}]}.
-
-%% All S2S connections use the "fast" shaper
-{access, s2s_shaper, [{fast, all}]}.
-
-%% Only admins can send announcement messages:
-{access, announce, [{allow, admin}]}.
-
-%% Only admins can use the configuration interface:
-{access, configure, [{allow, admin}]}.
-
-%% Admins of this server are also admins of the MUC service:
-{access, muc_admin, [{allow, admin}]}.
-
-%% Only accounts of the local ejabberd server can create rooms:
-{access, muc_create, [{allow, local}]}.
-
-%% All users are allowed to use the MUC service:
-{access, muc, [{allow, all}]}.
-
-%% Only accounts on the local ejabberd server can create Pubsub nodes:
-{access, pubsub_createnode, [{allow, local}]}.
-
-%% In-band registration allows registration of any possible username.
-%% To disable in-band registration, replace 'allow' with 'deny'.
-{access, register, [{allow, all}]}.
-
-%% By default the frequency of account registrations from the same IP
-%% is limited to 1 account every 10 minutes. To disable, specify: infinity
-%%{registration_timeout, 600}.
-
-%%
-%% Define specific Access Rules in a virtual host.
-%%
-%%{host_config, "localhost",
-%% [
-%%  {access, c2s, [{allow, admin}, {deny, all}]},
-%%  {access, register, [{deny, all}]}
-%% ]
-%%}.
-
-
-%%%.   ================
-%%%'   DEFAULT LANGUAGE
-
-%%
-%% language: Default language used for server messages.
-%%
-{language, "en"}.
-
-%%
-%% Set a different default language in a virtual host.
-%%
-%%{host_config, "localhost",
-%% [{language, "ru"}]
-%%}.
-
-
-%%%.   =======
-%%%'   CAPTCHA
-
-%%
-%% Full path to a script that generates the image.
-%%
-%%{captcha_cmd, "/lib/ejabberd/priv/bin/captcha.sh"}.
-
-%%
-%% Host for the URL and port where ejabberd listens for CAPTCHA requests.
-%%
-%%{captcha_host, "example.org:5280"}.
-
-%%
-%% Limit CAPTCHA calls per minute for JID/IP to avoid DoS.
-%%
-%%{captcha_limit, 5}.
-
-%%%.   =======
-%%%'   MODULES
-
-%%
-%% Modules enabled in all ejabberd virtual hosts.
-%%
-{modules,
- [
-  {mod_adhoc,    []},
-  {mod_announce, [{access, announce}]}, % recommends mod_adhoc
-  {mod_blocking,[]}, % requires mod_privacy
-  {mod_caps,     []},
-  {mod_configure,[]}, % requires mod_adhoc
-  {mod_disco,    []},
-  %%{mod_echo,   [{host, "echo.localhost"}]},
-  {mod_irc,      []},
-  {mod_http_bind, []},
-  %%{mod_http_fileserver, [
-  %%                       {docroot, "/var/www"},
-  %%                       {accesslog, "/var/log/ejabberd/access.log"}
-  %%                      ]},
-  {mod_last,     []},
-  {mod_muc,      [
-		  %%{host, "conference.@HOST@"},
-		  {access, muc},
-		  {access_create, muc_create},
-		  {access_persistent, muc_create},
-		  {access_admin, muc_admin}
-		 ]},
-  %%{mod_muc_log,[]},
-  {mod_offline,  [{access_max_user_messages, max_user_offline_messages}]},
-  {mod_ping,     []},
-  %%{mod_pres_counter,[{count, 5}, {interval, 60}]},
-  {mod_privacy,  []},
-  {mod_private,  []},
-  %%{mod_proxy65,[]},
-  {mod_pubsub,   [
-		  {access_createnode, pubsub_createnode},
-		  {ignore_pep_from_offline, true}, % reduces resource comsumption, but XEP incompliant
-		  %%{ignore_pep_from_offline, false},  % XEP compliant, but increases resource comsumption
-		  {last_item_cache, false},
-		  {plugins, ["flat", "hometree", "pep"]}  % pep requires mod_caps
-		 ]},
-  {mod_register, [
-		  %%
-		  %% Protect In-Band account registrations with CAPTCHA.
-		  %%
-		  %%{captcha_protected, true},
-
-		  %%
-		  %% Set the minimum informational entropy for passwords.
-		  %%
-		  %%{password_strength, 32},
-
-		  %%
-		  %% After successful registration, the user receives
-		  %% a message with this subject and body.
-		  %%
-		  {welcome_message, {"Welcome!",
-				     "Hi.\nWelcome to this XMPP server."}},
-
-		  %%
-		  %% When a user registers, send a notification to
-		  %% these XMPP accounts.
-		  %%
-		  %%{registration_watchers, ["admin1@example.org"]},
-
-		  %%
-		  %% Only clients in the server machine can register accounts
-		  %%
-		  {ip_access, [{allow, "127.0.0.0/8"},
-			       {deny, "0.0.0.0/0"}]},
-
-		  %%
-		  %% Local c2s or remote s2s users cannot register accounts
-		  %%
-		  %%{access_from, deny},
-
-		  {access, register}
-		 ]},
-  %%{mod_register_web, [
-		  %%
-		  %% When a user registers, send a notification to
-		  %% these XMPP accounts.
-		  %%
-		  %%{registration_watchers, ["admin1@example.org"]}
-  %%		 ]},
-  {mod_roster,   []},
-  %%{mod_service_log,[]},
-  {mod_shared_roster,[]},
-  {mod_stats,    []},
-  {mod_time,     []},
-  {mod_vcard,    []},
-  {mod_version,  []}
- ]}.
-
-%%
-%% Enable modules with custom options in a specific virtual host
-%%
-%%{host_config, "localhost",
-%% [{{add, modules},
-%%   [
-%%    {mod_echo, [{host, "mirror.localhost"}]}
-%%   ]
-%%  }
-%% ]}.
-
-
-%%%.
-%%%'
-
-%%% $Id$
-
-%%% Local Variables:
-%%% mode: erlang
-%%% End:
-%%% vim: set filetype=erlang tabstop=8 foldmarker=%%%',%%%. foldmethod=marker:

ejabberd.init.template

@@ -24,7 +24,7 @@ test -x "$CTL" || {
 	echo "ERROR: ejabberd not found: $DIR"
 	exit 1
 }
-grep ^"$USER": /etc/passwd >/dev/null || {
+getent passwd "$USER" >/dev/null || {
 	echo "ERROR: System user not found: $USER"
 	exit 2
 }

ejabberd.yml.example

@@ -0,0 +1,658 @@
+###
+###               ejabberd configuration file
+###
+###
+
+### The parameters used in this configuration file are explained in more detail
+### in the ejabberd Installation and Operation Guide.
+### Please consult the Guide in case of doubts, it is included with
+### your copy of ejabberd, and is also available online at
+### http://www.process-one.net/en/ejabberd/docs/
+
+### The configuration file is written in YAML.
+### Refer to http://en.wikipedia.org/wiki/YAML for the brief description.
+### However, ejabberd treats different literals as different types:
+###
+### - unquoted or single-quoted strings. They are called "atoms".
+###   Example: dog, 'Jupiter', '3.14159', YELLOW
+###
+### - numeric literals. Example: 3, -45.0, .0
+###
+### - quoted or folded strings.
+###   Examples of quoted string: "Lizzard", "orange".
+###   Example of folded string:
+###   > Art thou not Romeo,
+###     and a Montague?
+
+###   =======
+###   LOGGING
+
+##
+## loglevel: Verbosity of log files generated by ejabberd.
+## 0: No ejabberd log at all (not recommended)
+## 1: Critical
+## 2: Error
+## 3: Warning
+## 4: Info
+## 5: Debug
+##
+loglevel: 4
+
+##
+## rotation: Describe how to rotate logs. Either size and/or date can trigger
+## log rotation. Setting count to N keeps N rotated logs. Setting count to 0
+## does not disable rotation, it instead rotates the file and keeps no previous
+## versions around. Setting size to X rotate log when it reaches X bytes.
+## To disable rotation set the size to 0 and the date to ""
+## Date syntax is taken from the syntax newsyslog uses in newsyslog.conf.
+## Some examples:
+##  $D0     rotate every night at midnight
+##  $D23    rotate every day at 23:00 hr
+##  $W0D23  rotate every week on Sunday at 23:00 hr
+##  $W5D16  rotate every week on Friday at 16:00 hr
+##  $M1D0   rotate on the first day of every month at midnight
+##  $M5D6   rotate on every 5th day of the month at 6:00 hr
+##
+log_rotate_size: 10485760
+log_rotate_date: ""
+log_rotate_count: 1
+
+##
+## overload protection: If you want to limit the number of messages per second
+## allowed from error_logger, which is a good idea if you want to avoid a flood
+## of messages when system is overloaded, you can set a limit.
+## 100 is ejabberd's default.
+log_rate_limit: 100
+
+##
+## watchdog_admins: Only useful for developers: if an ejabberd process
+## consumes a lot of memory, send live notifications to these XMPP
+## accounts.
+##
+## watchdog_admins:
+##   - "bob@example.com"
+
+
+###   ================
+###   SERVED HOSTNAMES
+
+##
+## hosts: Domains served by ejabberd.
+## You can define one or several, for example:
+## hosts: 
+##   - "example.net"
+##   - "example.com"
+##   - "example.org"
+##
+hosts:
+  - "localhost"
+
+##
+## route_subdomains: Delegate subdomains to other XMPP servers.
+## For example, if this ejabberd serves example.org and you want
+## to allow communication with an XMPP server called im.example.org.
+##
+## route_subdomains: s2s
+
+###   ===============
+###   LISTENING PORTS
+
+##
+## listen: The ports ejabberd will listen on, which service each is handled
+## by and what options to start it with.
+##
+listen: 
+  - 
+    port: 5222
+    module: ejabberd_c2s
+    ##
+    ## If TLS is compiled in and you installed a SSL
+    ## certificate, specify the full path to the
+    ## file and uncomment these lines:
+    ##
+    ## certfile: "/path/to/ssl.pem"
+    ## starttls: true
+    ##
+    ## To enforce TLS encryption for client connections,
+    ## use this instead of the "starttls" option:
+    ##
+    ## starttls_required: true
+    ##
+    ## Custom OpenSSL options
+    ##
+    ## protocol_options:
+    ##   - "no_sslv3"
+    ##   - "no_tlsv1"
+    max_stanza_size: 65536
+    shaper: c2s_shaper
+    access: c2s
+  - 
+    port: 5269
+    module: ejabberd_s2s_in
+  ##
+  ## ejabberd_service: Interact with external components (transports, ...)
+  ##
+  ## - 
+  ##   port: 8888
+  ##   module: ejabberd_service
+  ##   access: all
+  ##   shaper_rule: fast
+  ##   ip: "127.0.0.1"
+  ##   hosts:
+  ##     "icq.example.org":
+  ##       password: "secret"
+  ##     "sms.example.org":
+  ##       password: "secret"
+
+  ##
+  ## ejabberd_stun: Handles STUN Binding requests
+  ##
+  ## - 
+  ##   port: 3478
+  ##   transport: udp
+  ##   module: ejabberd_stun
+
+  ##
+  ## To handle XML-RPC requests that provide admin credentials:
+  ##
+  ## - 
+  ##   port: 4560
+  ##   module: ejabberd_xmlrpc
+  - 
+    port: 5280
+    module: ejabberd_http
+    ## request_handlers:
+    ##   "/pub/archive": mod_http_fileserver
+    web_admin: true
+    http_poll: true
+    http_bind: true
+    ## register: true
+    captcha: true
+
+##
+## s2s_use_starttls: Enable STARTTLS + Dialback for S2S connections.
+## Allowed values are: false optional required required_trusted
+## You must specify a certificate file.
+##
+## s2s_use_starttls: optional
+
+##
+## s2s_certfile: Specify a certificate file.
+##
+## s2s_certfile: "/path/to/ssl.pem"
+
+## Custom OpenSSL options
+##
+## s2s_protocol_options:
+##   - "no_sslv3"
+##   - "no_tlsv1"
+
+##
+## domain_certfile: Specify a different certificate for each served hostname.
+##
+## host_config:
+##   "example.org":
+##     domain_certfile: "/path/to/example_org.pem"
+##   "example.com":
+##     domain_certfile: "/path/to/example_com.pem"
+
+##
+## S2S whitelist or blacklist
+##
+## Default s2s policy for undefined hosts.
+##
+## s2s_access: s2s
+
+##
+## Outgoing S2S options
+##
+## Preferred address families (which to try first) and connect timeout
+## in milliseconds.
+##
+## outgoing_s2s_families:
+##   - ipv4
+##   - ipv6
+## outgoing_s2s_timeout: 10000
+
+###   ==============
+###   AUTHENTICATION
+
+##
+## auth_method: Method used to authenticate the users.
+## The default method is the internal.
+## If you want to use a different method,
+## comment this line and enable the correct ones.
+##
+auth_method: internal
+
+##
+## Store the plain passwords or hashed for SCRAM:
+## auth_password_format: plain
+## auth_password_format: scram
+##
+## Define the FQDN if ejabberd doesn't detect it:
+## fqdn: "server3.example.com"
+
+##
+## Authentication using external script
+## Make sure the script is executable by ejabberd.
+##
+## auth_method: external
+## extauth_program: "/path/to/authentication/script"
+
+##
+## Authentication using ODBC
+## Remember to setup a database in the next section.
+##
+## auth_method: odbc
+
+##
+## Authentication using PAM
+##
+## auth_method: pam
+## pam_service: "pamservicename"
+
+##
+## Authentication using LDAP
+##
+## auth_method: ldap
+##
+## List of LDAP servers:
+## ldap_servers:
+##   - "localhost"
+##
+## Encryption of connection to LDAP servers:
+## ldap_encrypt: none
+## ldap_encrypt: tls
+##
+## Port to connect to on LDAP servers:
+## ldap_port: 389
+## ldap_port: 636
+##
+## LDAP manager:
+## ldap_rootdn: "dc=example,dc=com"
+##
+## Password of LDAP manager:
+## ldap_password: "******"
+##
+## Search base of LDAP directory:
+## ldap_base: "dc=example,dc=com"
+##
+## LDAP attribute that holds user ID:
+## ldap_uids:
+##   - "mail": "%u@mail.example.org"
+##
+## LDAP filter:
+## ldap_filter: "(objectClass=shadowAccount)"
+
+##
+## Anonymous login support:
+##   auth_method: anonymous
+##   anonymous_protocol: sasl_anon | login_anon | both
+##   allow_multiple_connections: true | false
+##
+## host_config:
+##   "public.example.org":
+##     auth_method: anonymous
+##     allow_multiple_connections: false
+##     anonymous_protocol: sasl_anon
+##
+## To use both anonymous and internal authentication:
+##
+## host_config:
+##   "public.example.org":
+##     auth_method:
+##       - internal
+##       - anonymous
+
+###   ==============
+###   DATABASE SETUP
+
+## ejabberd by default uses the internal Mnesia database,
+## so you do not necessarily need this section.
+## This section provides configuration examples in case
+## you want to use other database backends.
+## Please consult the ejabberd Guide for details on database creation.
+
+##
+## MySQL server:
+##
+## odbc_type: mysql
+## odbc_server: "server"
+## odbc_database: "database"
+## odbc_username: "username"
+## odbc_password: "password"
+##
+## If you want to specify the port:
+## odbc_port: 1234
+
+##
+## PostgreSQL server:
+##
+## odbc_type: pgsql
+## odbc_server: "server"
+## odbc_database: "database"
+## odbc_username: "username"
+## odbc_password: "password"
+##
+## If you want to specify the port:
+## odbc_port: 1234
+##
+## If you use PostgreSQL, have a large database, and need a
+## faster but inexact replacement for "select count(*) from users"
+##
+## pgsql_users_number_estimate: true
+
+##
+## ODBC compatible or MSSQL server:
+##
+## odbc_type: odbc
+## odbc_server: "DSN=ejabberd;UID=ejabberd;PWD=ejabberd"
+
+##
+## Number of connections to open to the database for each virtual host
+##
+## odbc_pool_size: 10
+
+##
+## Interval to make a dummy SQL request to keep the connections to the
+## database alive. Specify in seconds: for example 28800 means 8 hours
+##
+## odbc_keepalive_interval: undefined
+
+###   ===============
+###   TRAFFIC SHAPERS
+
+shaper:
+  ##
+  ## The "normal" shaper limits traffic speed to 1000 B/s
+  ##
+  normal: 1000
+
+  ##
+  ## The "fast" shaper limits traffic speed to 50000 B/s
+  ##
+  fast: 50000
+
+##
+## This option specifies the maximum number of elements in the queue
+## of the FSM. Refer to the documentation for details.
+##
+max_fsm_queue: 1000
+
+###.   ====================
+###'   ACCESS CONTROL LISTS
+acl:
+  ##
+  ## The 'admin' ACL grants administrative privileges to XMPP accounts.
+  ## You can put here as many accounts as you want.
+  ##
+  ## admin:
+  ##   user:
+  ##     - "aleksey": "localhost"
+  ##     - "ermine": "example.org"
+  ##
+  ## Blocked users
+  ##
+  ## blocked:
+  ##   user:
+  ##     - "baduser": "example.org"
+  ##     - "test"
+
+  ## Local users: don't modify this.
+  ##
+  local: 
+    user_regexp: ""
+
+  ##
+  ## More examples of ACLs
+  ##
+  ## jabberorg:
+  ##   server:
+  ##     - "jabber.org"
+  ## aleksey:
+  ##   user:
+  ##     - "aleksey": "jabber.ru"
+  ## test:
+  ##   user_regexp: "^test"
+  ##   user_glob: "test*"
+
+  ##
+  ## Loopback network
+  ##
+  loopback:
+    ip:
+      - "127.0.0.0/8"
+
+  ##
+  ## Bad XMPP servers
+  ##
+  ## bad_servers:
+  ##   server:
+  ##     - "xmpp.zombie.org"
+  ##     - "xmpp.spam.com"
+
+##
+## Define specific ACLs in a virtual host.
+##
+## host_config:
+##   "localhost":
+##     acl:
+##       admin:
+##         user:
+##           - "bob-local": "localhost"
+
+###   ============
+###   ACCESS RULES
+access:
+  ## Maximum number of simultaneous sessions allowed for a single user:
+  max_user_sessions: 
+    all: 10
+  ## Maximum number of offline messages that users can have:
+  max_user_offline_messages: 
+    admin: 5000
+    all: 100
+  ## This rule allows access only for local users:
+  local: 
+    local: allow
+  ## Only non-blocked users can use c2s connections:
+  c2s: 
+    blocked: deny
+    all: allow
+  ## For C2S connections, all users except admins use the "normal" shaper
+  c2s_shaper: 
+    admin: none
+    all: normal
+  ## All S2S connections use the "fast" shaper
+  s2s_shaper: 
+    all: fast
+  ## Only admins can send announcement messages:
+  announce: 
+    admin: allow
+  ## Only admins can use the configuration interface:
+  configure: 
+    admin: allow
+  ## Admins of this server are also admins of the MUC service:
+  muc_admin: 
+    admin: allow
+  ## Only accounts of the local ejabberd server can create rooms:
+  muc_create: 
+    local: allow
+  ## All users are allowed to use the MUC service:
+  muc: 
+    all: allow
+  ## Only accounts on the local ejabberd server can create Pubsub nodes:
+  pubsub_createnode: 
+    local: allow
+  ## In-band registration allows registration of any possible username.
+  ## To disable in-band registration, replace 'allow' with 'deny'.
+  register: 
+    all: allow
+  ## Only allow to register from localhost
+  trusted_network: 
+    loopback: allow
+  ## Do not establish S2S connections with bad servers
+  ## s2s: 
+  ##   bad_servers: deny
+  ##   all: allow
+
+## By default the frequency of account registrations from the same IP
+## is limited to 1 account every 10 minutes. To disable, specify: infinity
+## registration_timeout: 600
+  
+##
+## Define specific Access Rules in a virtual host.
+##
+## host_config:
+##   "localhost":
+##     access:
+##       c2s:
+##         admin: allow
+##         all: deny
+##       register:
+##         all: deny
+
+###   ================
+###   DEFAULT LANGUAGE
+
+##
+## language: Default language used for server messages.
+##
+language: "en"
+
+##
+## Set a different default language in a virtual host.
+##
+## host_config:
+##   "localhost":
+##     language: "ru"
+
+###   =======
+###   CAPTCHA
+
+##
+## Full path to a script that generates the image.
+##
+## captcha_cmd: "/lib/ejabberd/priv/bin/captcha.sh"
+
+##
+## Host for the URL and port where ejabberd listens for CAPTCHA requests.
+##
+## captcha_host: "example.org:5280"
+
+##
+## Limit CAPTCHA calls per minute for JID/IP to avoid DoS.
+##
+## captcha_limit: 5
+
+###   =======
+###   MODULES
+
+##
+## Modules enabled in all ejabberd virtual hosts.
+##
+modules: 
+  mod_adhoc: {}
+  mod_announce: # recommends mod_adhoc
+    access: announce
+  mod_blocking: {} # requires mod_privacy
+  mod_caps: {}
+  mod_carboncopy: {}
+  mod_client_state:
+    drop_chat_states: true
+    queue_presence: false
+  mod_configure: {} # requires mod_adhoc
+  mod_disco: {}
+  ## mod_echo: {}
+  mod_irc: {}
+  mod_http_bind: {}
+  ## mod_http_fileserver:
+  ##   docroot: "/var/www"
+  ##   accesslog: "/var/log/ejabberd/access.log"
+  mod_last: {}
+  mod_muc: 
+    ## host: "conference.@HOST@"
+    access: muc
+    access_create: muc_create
+    access_persistent: muc_create
+    access_admin: muc_admin
+  ## mod_muc_log: {}
+  mod_offline: 
+    access_max_user_messages: max_user_offline_messages
+  mod_ping: {}
+  ## mod_pres_counter:
+  ##   count: 5
+  ##   interval: 60
+  mod_privacy: {}
+  mod_private: {}
+  ## mod_proxy65: {}
+  mod_pubsub: 
+    access_createnode: pubsub_createnode
+    ## reduces resource comsumption, but XEP incompliant
+    ignore_pep_from_offline: true
+    ## XEP compliant, but increases resource comsumption
+    ## ignore_pep_from_offline: false
+    last_item_cache: false
+    plugins: 
+      - "flat"
+      - "hometree"
+      - "pep" # pep requires mod_caps
+  mod_register: 
+    ##
+    ## Protect In-Band account registrations with CAPTCHA.
+    ##
+    ## captcha_protected: true
+
+    ##
+    ## Set the minimum informational entropy for passwords.
+    ##
+    ## password_strength: 32
+
+    ##
+    ## After successful registration, the user receives
+    ## a message with this subject and body.
+    ##
+    welcome_message: 
+      subject: "Welcome!"
+      body: |-
+        Hi.
+        Welcome to this XMPP server.
+
+    ##
+    ## When a user registers, send a notification to
+    ## these XMPP accounts.
+    ##
+    ## registration_watchers:
+    ##   - "admin1@example.org"
+
+    ##
+    ## Only clients in the server machine can register accounts
+    ##
+    ip_access: trusted_network
+
+    ##
+    ## Local c2s or remote s2s users cannot register accounts
+    ##
+    ## access_from: deny
+
+    access: register
+  mod_roster: {}
+  mod_shared_roster: {}
+  mod_stats: {}
+  mod_time: {}
+  mod_vcard: {}
+  mod_version: {}
+
+##
+## Enable modules with custom options in a specific virtual host
+##
+## host_config:
+##   "localhost":
+##     modules:
+##       mod_echo:
+##         host: "mirror.localhost"
+
+### Local Variables:
+### mode: yaml
+### End:
+### vim: set filetype=yaml tabstop=8

ejabberdctl.cfg.example

@@ -56,7 +56,7 @@
 # This communication is used by ejabberdctl command line tool,
 # and in a cluster of several ejabberd nodes.
 #
-# Default: 127.0.0.1
+# Default: 0.0.0.0
 #
 #INET_DIST_INTERFACE=127.0.0.1
 

ejabberdctl.template

@@ -7,7 +7,6 @@ ERL_MAX_PORTS=32000
 ERL_PROCESSES=250000
 ERL_MAX_ETS_TABLES=1400
 FIREWALL_WINDOW=""
-INET_DIST_INTERFACE="127.0.0.1"
 ERLANG_NODE=ejabberd@localhost
 
 # define default environment variables
@@ -23,7 +22,12 @@ if [ "$INSTALLUSER" != "" ] ; then
     EXEC_CMD="false"
     for GID in `id -G`; do
         if [ $GID -eq 0 ] ; then
-            EXEC_CMD="su $INSTALLUSER -p -c"
+            INSTALLUSER_HOME=$(getent passwd "$INSTALLUSER" | cut -d: -f6)
+            if [ -n "$INSTALLUSER_HOME" ] && [ ! -d "$INSTALLUSER_HOME" ] ; then
+                mkdir -p "$INSTALLUSER_HOME"
+                chown "$INSTALLUSER" "$INSTALLUSER_HOME"
+            fi
+            EXEC_CMD="su $INSTALLUSER -c"
         fi
     done
     if [ `id -g` -eq `id -g $INSTALLUSER` ] ; then
@@ -45,33 +49,33 @@ while [ $# -ne 0 ] ; do
     case $PARAM in
         --) break ;;
         --node) ERLANG_NODE_ARG=$1 ; shift ;;
-        --config-dir) ETCDIR=$1 ; shift ;;
-        --config) EJABBERD_CONFIG_PATH=$1 ; shift ;;
-        --ctl-config) EJABBERDCTL_CONFIG_PATH=$1 ; shift ;;
-        --logs) LOGS_DIR=$1 ; shift ;;
-        --spool) SPOOLDIR=$1 ; shift ;;
+        --config-dir) ETC_DIR="$1" ; shift ;;
+        --config) EJABBERD_CONFIG_PATH="$1" ; shift ;;
+        --ctl-config) EJABBERDCTL_CONFIG_PATH="$1" ; shift ;;
+        --logs) LOGS_DIR="$1" ; shift ;;
+        --spool) SPOOL_DIR="$1" ; shift ;;
         *) ARGS="$ARGS $PARAM" ;;
     esac
 done
 
 # Define ejabberd variable if they have not been defined from the command line
-if [ "$ETCDIR" = "" ] ; then
-    ETCDIR={{sysconfdir}}/ejabberd
+if [ "$ETC_DIR" = "" ] ; then
+    ETC_DIR={{sysconfdir}}/ejabberd
 fi
 if [ "$EJABBERDCTL_CONFIG_PATH" = "" ] ; then
-    EJABBERDCTL_CONFIG_PATH=$ETCDIR/ejabberdctl.cfg
+    EJABBERDCTL_CONFIG_PATH=$ETC_DIR/ejabberdctl.cfg
 fi
 if [ -f "$EJABBERDCTL_CONFIG_PATH" ] ; then
     . "$EJABBERDCTL_CONFIG_PATH"
 fi
 if [ "$EJABBERD_CONFIG_PATH" = "" ] ; then
-    EJABBERD_CONFIG_PATH=$ETCDIR/ejabberd.cfg
+    EJABBERD_CONFIG_PATH=$ETC_DIR/ejabberd.yml
 fi
 if [ "$LOGS_DIR" = "" ] ; then
     LOGS_DIR={{localstatedir}}/log/ejabberd
 fi
-if [ "$SPOOLDIR" = "" ] ; then
-    SPOOLDIR={{localstatedir}}/lib/ejabberd
+if [ "$SPOOL_DIR" = "" ] ; then
+    SPOOL_DIR={{localstatedir}}/lib/ejabberd
 fi
 if [ "$EJABBERD_DOC_PATH" = "" ] ; then
     EJABBERD_DOC_PATH={{docdir}}
@@ -104,8 +108,7 @@ EJABBERD_LOG_PATH=$LOGS_DIR/ejabberd.log
 SASL_LOG_PATH=$LOGS_DIR/erlang.log
 DATETIME=`date "+%Y%m%d-%H%M%S"`
 ERL_CRASH_DUMP=$LOGS_DIR/erl_crash_$DATETIME.dump
-ERL_INETRC=$ETCDIR/inetrc
-HOME=$SPOOLDIR
+ERL_INETRC=$ETC_DIR/inetrc
 
 # define erl parameters
 ERLANG_OPTS="+K $POLL -smp $SMP +P $ERL_PROCESSES $ERL_OPTIONS"
@@ -126,11 +129,26 @@ else
     NAME="-name"
 fi
 
-# create the ejabberd home dir with the proper user if doesn't exist
-# then change to that directory readable by INSTALLUSER to
-# prevent "File operation error: eacces." messages
-[ -d $HOME ] || $EXEC_CMD "mkdir -p $HOME"
-cd $HOME
+# define ejabberd environment parameters
+if [ "$EJABBERD_CONFIG_PATH" != "${EJABBERD_CONFIG_PATH%.yml}" ] ; then
+    rate=$(sed '/^[ 	]*log_rate_limit/!d;s/.*://;s/ *//' $EJABBERD_CONFIG_PATH)
+    rotate=$(sed '/^[ 	]*log_rotate_size/!d;s/.*://;s/ *//' $EJABBERD_CONFIG_PATH)
+    count=$(sed '/^[ 	]*log_rotate_count/!d;s/.*://;s/ *//' $EJABBERD_CONFIG_PATH)
+    date=$(sed '/^[ 	]*log_rotate_date/!d;s/.*://;s/ *//' $EJABBERD_CONFIG_PATH)
+else
+    rate=$(sed '/^[ 	]*log_rate_limit/!d;s/.*,//;s/ *//;s/}\.//' $EJABBERD_CONFIG_PATH)
+    rotate=$(sed '/^[ 	]*log_rotate_size/!d;s/.*,//;s/ *//;s/}\.//' $EJABBERD_CONFIG_PATH)
+    count=$(sed '/^[ 	]*log_rotate_count/!d;s/.*,//;s/ *//;s/}\.//' $EJABBERD_CONFIG_PATH)
+    date=$(sed '/^[ 	]*log_rotate_date/!d;s/.*,//;s/ *//;s/}\.//' $EJABBERD_CONFIG_PATH)
+fi
+[ -z "$rate" ] || EJABBERD_OPTS="log_rate_limit $rate"
+[ -z "$rotate" ] || EJABBERD_OPTS="${EJABBERD_OPTS} log_rotate_size $rotate"
+[ -z "$count" ] || EJABBERD_OPTS="${EJABBERD_OPTS} log_rotate_count $count"
+[ -z "$date" ] || EJABBERD_OPTS="${EJABBERD_OPTS} log_rotate_date '$date'"
+[ -z "$EJABBERD_OPTS" ] || EJABBERD_OPTS="-ejabberd ${EJABBERD_OPTS}"
+
+[ -d $SPOOL_DIR ] || $EXEC_CMD "mkdir -p $SPOOL_DIR"
+cd $SPOOL_DIR
 
 # export global variables
 export EJABBERD_CONFIG_PATH
@@ -145,8 +163,6 @@ export ERL_EPMD_ADDRESS
 export ERL_INETRC
 export ERL_MAX_PORTS
 export ERL_MAX_ETS_TABLES
-export HOME
-export EXEC_CMD
 
 # start server
 start()
@@ -156,8 +172,9 @@ start()
       $NAME $ERLANG_NODE \
       -noinput -detached \
       -pa $EJABBERD_EBIN_PATH \
-      -mnesia dir \"\\\"$SPOOLDIR\\\"\" \
+      -mnesia dir \"\\\"$SPOOL_DIR\\\"\" \
       $KERNEL_OPTS \
+      $EJABBERD_OPTS \
       -s ejabberd \
       -sasl sasl_error_logger \\{file,\\\"$SASL_LOG_PATH\\\"\\} \
       $ERLANG_OPTS $ARGS \"$@\""
@@ -166,26 +183,26 @@ start()
 # attach to server
 debug()
 {
-    echo "--------------------------------------------------------------------"
-    echo ""
-    echo "IMPORTANT: we will attempt to attach an INTERACTIVE shell"
-    echo "to an already running ejabberd node."
-    echo "If an ERROR is printed, it means the connection was not successful."
-    echo "You can interact with the ejabberd node if you know how to use it."
-    echo "Please be extremely cautious with your actions,"
-    echo "and exit immediately if you are not completely sure."
-    echo ""
-    echo "To detach this shell from ejabberd, press:"
-    echo "  control+c, control+c"
-    echo ""
-    echo "--------------------------------------------------------------------"
-    echo "To bypass permanently this warning, add to ejabberdctl.cfg the line:"
-    echo "  EJABBERD_BYPASS_WARNINGS=true"
-    echo "Press any key to continue"
     if [ "$EJABBERD_BYPASS_WARNINGS" != "true" ] ; then
+        echo "--------------------------------------------------------------------"
+        echo ""
+        echo "IMPORTANT: we will attempt to attach an INTERACTIVE shell"
+        echo "to an already running ejabberd node."
+        echo "If an ERROR is printed, it means the connection was not successful."
+        echo "You can interact with the ejabberd node if you know how to use it."
+        echo "Please be extremely cautious with your actions,"
+        echo "and exit immediately if you are not completely sure."
+        echo ""
+        echo "To detach this shell from ejabberd, press:"
+        echo "  control+c, control+c"
+        echo ""
+        echo "--------------------------------------------------------------------"
+        echo "To bypass permanently this warning, add to ejabberdctl.cfg the line:"
+        echo "  EJABBERD_BYPASS_WARNINGS=true"
+        echo "Press any key to continue"
         read foo
+        echo ""
     fi
-    echo ""
     TTY=`tty | sed -e  's/.*\///g'`
     $EXEC_CMD "$ERL \
       $NAME debug-${TTY}-${ERLANG_NODE} \
@@ -199,30 +216,31 @@ debug()
 live()
 {
     check_start
-    echo "--------------------------------------------------------------------"
-    echo ""
-    echo "IMPORTANT: ejabberd is going to start in LIVE (interactive) mode."
-    echo "All log messages will be shown in the command shell."
-    echo "You can interact with the ejabberd node if you know how to use it."
-    echo "Please be extremely cautious with your actions,"
-    echo "and exit immediately if you are not completely sure."
-    echo ""
-    echo "To exit this LIVE mode and stop ejabberd, press:"
-    echo "  q().  and press the Enter key"
-    echo ""
-    echo "--------------------------------------------------------------------"
-    echo "To bypass permanently this warning, add to ejabberdctl.cfg the line:"
-    echo "  EJABBERD_BYPASS_WARNINGS=true"
-    echo "Press any key to continue"
     if [ "$EJABBERD_BYPASS_WARNINGS" != "true" ] ; then
+        echo "--------------------------------------------------------------------"
+        echo ""
+        echo "IMPORTANT: ejabberd is going to start in LIVE (interactive) mode."
+        echo "All log messages will be shown in the command shell."
+        echo "You can interact with the ejabberd node if you know how to use it."
+        echo "Please be extremely cautious with your actions,"
+        echo "and exit immediately if you are not completely sure."
+        echo ""
+        echo "To exit this LIVE mode and stop ejabberd, press:"
+        echo "  q().  and press the Enter key"
+        echo ""
+        echo "--------------------------------------------------------------------"
+        echo "To bypass permanently this warning, add to ejabberdctl.cfg the line:"
+        echo "  EJABBERD_BYPASS_WARNINGS=true"
+        echo "Press any key to continue"
         read foo
+        echo ""
     fi
-    echo ""
     $EXEC_CMD "$ERL \
       $NAME $ERLANG_NODE \
       -pa $EJABBERD_EBIN_PATH \
-      -mnesia dir \"\\\"$SPOOLDIR\\\"\" \
+      -mnesia dir \"\\\"$SPOOL_DIR\\\"\" \
       $KERNEL_OPTS \
+      $EJABBERD_OPTS \
       -s ejabberd \
       $ERLANG_OPTS $ARGS \"$@\""
 }
@@ -243,11 +261,11 @@ help()
     echo "  live   Start an ejabberd node in live (interactive) mode"
     echo ""
     echo "Optional parameters when starting an ejabberd node:"
-    echo "  --config-dir dir   Config ejabberd:    $ETCDIR"
+    echo "  --config-dir dir   Config ejabberd:    $ETC_DIR"
     echo "  --config file      Config ejabberd:    $EJABBERD_CONFIG_PATH"
     echo "  --ctl-config file  Config ejabberdctl: $EJABBERDCTL_CONFIG_PATH"
     echo "  --logs dir         Directory for logs: $LOGS_DIR"
-    echo "  --spool dir        Database spool dir: $SPOOLDIR"
+    echo "  --spool dir        Database spool dir: $SPOOL_DIR"
     echo "  --node nodename    ejabberd node name: $ERLANG_NODE"
     echo ""
 }

include/adhoc.hrl

@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -12,10 +12,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 

include/ejabberd.hrl

@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -12,10 +12,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 

include/ejabberd_commands.hrl

@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -12,10 +12,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 

include/ejabberd_config.hrl

@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -12,22 +12,18 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 
--record(config, {key :: any(), value :: any()}).
-
 -record(local_config, {key :: any(), value :: any()}).
 
--type config() :: #config{}.
 -type local_config() :: #local_config{}.
 
 -record(state,
-	{opts = []               :: [acl:acl() | config() | local_config()],
+	{opts = []               :: [acl:acl() | local_config()],
          hosts = []              :: [binary()],
          override_local = false  :: boolean(),
 	 override_global = false :: boolean(),

include/ejabberd_ctl.hrl

@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -12,10 +12,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 

include/ejabberd_http.hrl

@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -12,10 +12,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 
@@ -32,5 +31,6 @@
 	 host = <<"">>     :: binary(),
 	 port = 5280       :: inet:port_number(),
 	 tp = http, %         :: protocol(),
+	 opts = []         :: list(),
 	 headers = []      :: [{atom() | binary(), binary()}]}).
 

include/ejabberd_web_admin.hrl

@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -12,10 +12,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 

include/eldap.hrl

@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -12,10 +12,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 

include/http_bind.hrl

@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -12,10 +12,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 

include/jlib.hrl

@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -12,15 +12,14 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 
 -include("ns.hrl").
--include("xml.hrl").
+-include_lib("p1_xml/include/xml.hrl").
 
 -define(STANZA_ERROR(Code, Type, Condition),
 	#xmlel{name = <<"error">>,

include/logger.hrl

@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -12,10 +12,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 -define(PRINT(Format, Args), io:format(Format, Args)).
@@ -41,17 +40,17 @@
 -else.
 
 -define(DEBUG(Format, Args),
-	ejabberd_logger:debug_msg(?MODULE, ?LINE, Format, Args)).
+	p1_logger:debug_msg(?MODULE, ?LINE, Format, Args)).
 
 -define(INFO_MSG(Format, Args),
-	ejabberd_logger:info_msg(?MODULE, ?LINE, Format, Args)).
+	p1_logger:info_msg(?MODULE, ?LINE, Format, Args)).
 
 -define(WARNING_MSG(Format, Args),
-	ejabberd_logger:warning_msg(?MODULE, ?LINE, Format, Args)).
+	p1_logger:warning_msg(?MODULE, ?LINE, Format, Args)).
 
 -define(ERROR_MSG(Format, Args),
-	ejabberd_logger:error_msg(?MODULE, ?LINE, Format, Args)).
+	p1_logger:error_msg(?MODULE, ?LINE, Format, Args)).
 
 -define(CRITICAL_MSG(Format, Args),
-	ejabberd_logger:critical_msg(?MODULE, ?LINE, Format, Args)).
+	p1_logger:critical_msg(?MODULE, ?LINE, Format, Args)).
 -endif.

include/mod_muc_room.hrl

@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -12,10 +12,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 
@@ -59,6 +58,7 @@
     voice_request_min_interval           = 1800 :: non_neg_integer(),
     max_users                            = ?MAX_USERS_DEFAULT :: non_neg_integer() | none,
     logging                              = false :: boolean(),
+    vcard                                = <<"">> :: boolean(),
     captcha_whitelist                    = (?SETS):empty() :: gb_set()
 }).
 

include/mod_privacy.hrl

@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -12,10 +12,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 

include/mod_proxy65.hrl

@@ -2,7 +2,7 @@
 %%% RFC 1928 constants.
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -14,10 +14,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 

include/mod_roster.hrl

@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -12,10 +12,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 

include/ns.hrl

@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -12,10 +12,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 
@@ -43,6 +42,7 @@
 -define(NS_IQDATA, <<"jabber:iq:data">>).
 -define(NS_DELAY91, <<"jabber:x:delay">>).
 -define(NS_DELAY, <<"urn:xmpp:delay">>).
+-define(NS_HINTS, <<"urn:xmpp:hints">>).
 -define(NS_EXPIRE, <<"jabber:x:expire">>).
 -define(NS_EVENT, <<"jabber:x:event">>).
 -define(NS_CHATSTATES,
@@ -144,3 +144,9 @@
 -define(NS_MEDIA, <<"urn:xmpp:media-element">>).
 -define(NS_BOB, <<"urn:xmpp:bob">>).
 -define(NS_PING, <<"urn:xmpp:ping">>).
+-define(NS_CARBONS_2, <<"urn:xmpp:carbons:2">>).
+-define(NS_CARBONS_1, <<"urn:xmpp:carbons:1">>).
+-define(NS_FORWARD, <<"urn:xmpp:forward:0">>).
+-define(NS_CLIENT_STATE,  <<"urn:xmpp:csi:0">>).
+-define(NS_STREAM_MGMT_2,  <<"urn:xmpp:sm:2">>).
+-define(NS_STREAM_MGMT_3,  <<"urn:xmpp:sm:3">>).

include/pubsub.hrl

@@ -13,12 +13,12 @@
 %%% 
 %%%
 %%% The Initial Developer of the Original Code is ProcessOne.
-%%% Portions created by ProcessOne are Copyright 2006-2013, ProcessOne
+%%% Portions created by ProcessOne are Copyright 2006-2014, ProcessOne
 %%% All Rights Reserved.''
-%%% This software is copyright 2006-2013, ProcessOne.
+%%% This software is copyright 2006-2014, ProcessOne.
 %%%
 %%%
-%%% copyright 2006-2013 ProcessOne
+%%% copyright 2006-2014 ProcessOne
 %%%
 %%% This file contains pubsub types definition.
 %%% ====================================================================

m4/erlang-extra.m4

@@ -50,6 +50,10 @@ parse(Version) ->
 
 less_or_equal([[]], [[]]) ->
     true;
+less_or_equal([[]], _Any) ->
+    true;
+less_or_equal(_Any, [[]]) ->
+    false;
 less_or_equal([[Left| Rl]], [[Right| Rr]]) ->
     case {Left < Right, Left == Right} of
         {true, _}  ->

priv/msgs/id.msg

@@ -120,7 +120,7 @@
 {"has been kicked because of a system shutdown","telah dikick karena sistem shutdown"}.
 {"has been kicked because the room has been changed to members-only","telah dikick karena ruangan telah diubah menjadi hanya untuk member"}.
 {"has been kicked","telah dikick"}.
-{" has set the subject to: ","telah menetapkan topik yaitu:"}.
+{" has set the subject to: "," telah menetapkan topik yaitu: "}.
 {"Host","Host"}.
 {"If you don't see the CAPTCHA image here, visit the web page.","Jika Anda tidak melihat gambar CAPTCHA disini, silahkan kunjungi halaman web."}.
 {"If you want to specify different ports, passwords, encodings for IRC servers, fill this list with values in format '{\"irc server\", \"encoding\", port, \"password\"}'.  By default this service use \"~s\" encoding, port ~p, empty password.","Jika Anda ingin menentukan port yang berbeda, sandi, pengkodean untuk layanan IRC, isi daftar ini dengan nilai-nilai dalam format '{\"server irc \", \"encoding \", port, \"sandi \"}'. Secara default ini menggunakan layanan \"~s \" pengkodean, port ~p, kata sandi kosong."}.

rebar.config.script

@@ -16,7 +16,7 @@ Cfg = case file:consult("vars.config") of
 Macros = lists:flatmap(
            fun({roster_gateway_workaround, true}) ->
                    [{d, 'ROSTER_GATEWAY_WORKAROUND'}];
-              ({transient_supervisors, true}) ->
+              ({transient_supervisors, false}) ->
                    [{d, 'NO_TRANSIENT_SUPERVISORS'}];
               ({nif, true}) ->
                    [{d, 'NIF'}];
@@ -30,9 +30,9 @@ Macros = lists:flatmap(
 
 DebugInfo = case lists:keysearch(debug, 1, Cfg) of
                 {value, {debug, true}} ->
-                    [debug_info];
+                    [];
                 _ ->
-                    []
+                    [no_debug_info]
             end,
 
 HiPE = case lists:keysearch(hipe, 1, Cfg) of
@@ -42,9 +42,6 @@ HiPE = case lists:keysearch(hipe, 1, Cfg) of
                []
        end,
 
-Includes = [{i, "include"},
-            {i, filename:join(["deps", "p1_xml", "include"])}],
-
 SrcDirs = lists:foldl(
             fun({tools, true}, Acc) ->
                     [tools|Acc];
@@ -52,12 +49,15 @@ SrcDirs = lists:foldl(
                     Acc
             end, [], Cfg),
 
-Deps = [{p1_logger, ".*", {git, "git://github.com/processone/p1_logger"}},
-        {p1_cache_tab, ".*", {git, "git://github.com/processone/cache_tab"}},
+Deps = [{p1_cache_tab, ".*", {git, "git://github.com/processone/cache_tab"}},
         {p1_tls, ".*", {git, "git://github.com/processone/tls"}},
         {p1_stringprep, ".*", {git, "git://github.com/processone/stringprep"}},
         {p1_xml, ".*", {git, "git://github.com/processone/xml"}},
-        {xmlrpc, ".*", {git, "git://github.com/rds13/xmlrpc"}}],
+	{esip, ".*", {git, "git://github.com/processone/p1_sip"}},
+	{p1_stun, ".*", {git, "git://github.com/processone/stun"}},
+        {p1_yaml, ".*", {git, "git://github.com/processone/p1_yaml"}},
+        {ehyperloglog, ".*", {git, "https://github.com/vaxelfel/eHyperLogLog.git"}},
+        {p1_utils, ".*", {git, "git://github.com/processone/p1_utils"}}],
 
 ConfigureCmd = fun(Pkg, Flags) ->
                        {'get-deps',
@@ -76,6 +76,8 @@ XMLFlags = lists:foldl(
 
 PostHooks = [ConfigureCmd("p1_tls", ""),
              ConfigureCmd("p1_stringprep", ""),
+             ConfigureCmd("p1_yaml", ""),
+	     ConfigureCmd("esip", ""),
              ConfigureCmd("p1_xml", XMLFlags)],
 
 CfgDeps = lists:flatmap(
@@ -87,17 +89,18 @@ CfgDeps = lists:flatmap(
                     [{p1_pam, ".*", {git, "git://github.com/processone/epam"}}];
                ({zlib, true}) ->
                     [{p1_zlib, ".*", {git, "git://github.com/processone/zlib"}}];
-               ({stun, true}) ->
-                    [{p1_stun, ".*", {git, "git://github.com/processone/stun"}}];
+               ({riak, true}) ->
+                    [{riakc, ".*",
+		      {git, "git://github.com/basho/riak-erlang-client",
+		       {tag, "1.4.2"}}}];
                ({json, true}) ->
                     [{jiffy, ".*", {git, "git://github.com/davisp/jiffy"}}];
                ({iconv, true}) ->
                     [{p1_iconv, ".*", {git, "git://github.com/processone/eiconv"}}];
-               ({http, true}) ->
-                    [{ibrowse, ".*", {git, "git://github.com/cmullaparthi/ibrowse"}},
-                     {lhttpc, ".*", {git, "git://github.com/esl/lhttpc"}}];
                ({lager, true}) ->
                     [{lager, ".*", {git, "git://github.com/basho/lager"}}];
+               ({lager, false}) ->
+                    [{p1_logger, ".*", {git, "git://github.com/processone/p1_logger"}}];
                (_) ->
                     []
             end, Cfg),
@@ -113,14 +116,46 @@ CfgPostHooks = lists:flatmap(
                          []
                  end, Cfg),
 
+CfgXrefs = lists:flatmap(
+	     fun({mysql, false}) ->
+		     ["(\".*mysql.*\":_/_)"];
+		({pgsql, false}) ->
+		     ["(\".*pgsql.*\":_/_)"];
+		({pam, false}) ->
+		     ["(\"epam\":_/_)"];
+		({riak, false}) ->
+		     ["(\"riak.*\":_/_)"];
+		({riak, true}) ->
+		     % used in map-reduce function called from riak vm
+		     ["(\"riak_object\":_/_)"];
+		({json, false}) ->
+		    ["(\"jiffy\":_/_)"];
+		({zlib, false}) ->
+		     ["(\"ezlib\":_/_)"];
+		({http, false}) ->
+		     ["(\"lhttpc\":_/_)"];
+		({iconv, false}) ->
+		     ["(\"iconv\":_/_)"];
+		({odbc, false}) ->
+		     ["(\"odbc\":_/_)"];
+		(_) ->
+		     []
+            end, Cfg),
+
+
 {ok, Cwd} = file:get_cwd(),
 
-Config = [{erl_opts, Includes ++ Macros ++ HiPE ++ DebugInfo ++
+Config = [{erl_opts, Macros ++ HiPE ++ DebugInfo ++
                [{src_dirs, [asn1, src | SrcDirs]}]},
           {sub_dirs, ["rel"]},
+          {keep_build_info, true},
           {ct_extra_params, "-include "
-           ++ filename:join([Cwd, "tools"]) ++ " "
-           ++ filename:join([Cwd, "deps", "p1_xml", "include"])},
+           ++ filename:join([Cwd, "tools"])},
+	  {xref_warnings, false},
+          {xref_checks, []},
+	  {xref_queries,
+	   [{"(XC - UC) || (XU - X - B - "
+	     ++ string:join(CfgXrefs, " - ") ++ ")", []}]},
           {post_hooks, PostHooks ++ CfgPostHooks},
           {deps, Deps ++ CfgDeps}],
 %%io:format("ejabberd configuration:~n  ~p~n", [Config]),

rel/reltool.config.script

@@ -28,7 +28,7 @@ ConfiguredOTPApps = lists:flatmap(
 
 OTPApps = RequiredOTPApps ++ ConfiguredOTPApps,
 
-DepRequiredApps = [p1_logger, p1_cache_tab, p1_tls, p1_stringprep, p1_xml, xmlrpc],
+DepRequiredApps = [p1_cache_tab, p1_tls, p1_stringprep, p1_xml, p1_yaml, p1_utils],
 
 DepConfiguredApps = lists:flatmap(
                       fun({mysql, true}) -> [p1_mysql];
@@ -38,8 +38,8 @@ DepConfiguredApps = lists:flatmap(
                          ({stun, true}) -> [p1_stun];
                          ({json, true}) -> [jiffy];
                          ({iconv, true}) -> [p1_iconv];
-                         ({http, true}) -> [ibrowse, lhttpc];
-                         ({lager, true}) -> [lager];
+                         ({lager, true}) -> [lager, goldrush];
+                         ({lager, false}) -> [p1_logger];
                          (_) -> []
                       end, Vars),
 
@@ -88,7 +88,7 @@ Overlay = [
            {template, "files/erl", "\{\{erts_vsn\}\}/bin/erl"},
            {template, "../ejabberdctl.template", "bin/ejabberdctl"},
            {copy, "../ejabberdctl.cfg.example", "etc/ejabberd/ejabberdctl.cfg"},
-           {copy, "../ejabberd.cfg.example", "etc/ejabberd/ejabberd.cfg"},
+           {copy, "../ejabberd.yml.example", "etc/ejabberd/ejabberd.yml"},
            {copy, "../inetrc", "etc/ejabberd/inetrc"},
            {copy, "files/install_upgrade.escript", "bin/install_upgrade.escript"}
           ],

sql/mssql2000.sql

@@ -1,5 +1,5 @@
 /*
- * ejabberd, Copyright (C) 2002-2013   ProcessOne
+ * ejabberd, Copyright (C) 2002-2014   ProcessOne
  *
  * This program is free software; you can redistribute it and/or
  * modify it under the terms of the GNU General Public License as
@@ -11,10 +11,9 @@
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  * General Public License for more details.
  *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
- * 02111-1307 USA
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
  *
  */
 

sql/mssql2005.sql

@@ -1,5 +1,5 @@
 /*
- * ejabberd, Copyright (C) 2002-2013   ProcessOne
+ * ejabberd, Copyright (C) 2002-2014   ProcessOne
  *
  * This program is free software; you can redistribute it and/or
  * modify it under the terms of the GNU General Public License as
@@ -11,10 +11,9 @@
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  * General Public License for more details.
  *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
- * 02111-1307 USA
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
  *
  */
 

sql/mysql.sql

@@ -1,5 +1,5 @@
 --
--- ejabberd, Copyright (C) 2002-2013   ProcessOne
+-- ejabberd, Copyright (C) 2002-2014   ProcessOne
 --
 -- This program is free software; you can redistribute it and/or
 -- modify it under the terms of the GNU General Public License as
@@ -11,27 +11,23 @@
 -- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 -- General Public License for more details.
 --
--- You should have received a copy of the GNU General Public License
--- along with this program; if not, write to the Free Software
--- Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
--- 02111-1307 USA
+-- You should have received a copy of the GNU General Public License along
+-- with this program; if not, write to the Free Software Foundation, Inc.,
+-- 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 --
 
--- Needs MySQL (at least 4.0.x) with innodb back-end
-SET table_type=InnoDB;
-
 CREATE TABLE users (
     username varchar(250) PRIMARY KEY,
     password text NOT NULL,
     created_at timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP
-) CHARACTER SET utf8;
+) ENGINE=InnoDB CHARACTER SET utf8;
 
 
 CREATE TABLE last (
     username varchar(250) PRIMARY KEY,
     seconds text NOT NULL,
     state text NOT NULl
-) CHARACTER SET utf8;
+) ENGINE=InnoDB CHARACTER SET utf8;
 
 
 CREATE TABLE rosterusers (
@@ -45,7 +41,7 @@ CREATE TABLE rosterusers (
     subscribe text NOT NULL,
     type text,
     created_at timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP
-) CHARACTER SET utf8;
+) ENGINE=InnoDB CHARACTER SET utf8;
 
 CREATE UNIQUE INDEX i_rosteru_user_jid ON rosterusers(username(75), jid(75));
 CREATE INDEX i_rosteru_username ON rosterusers(username);
@@ -55,7 +51,7 @@ CREATE TABLE rostergroups (
     username varchar(250) NOT NULL,
     jid varchar(250) NOT NULL,
     grp text NOT NULL
-) CHARACTER SET utf8;
+) ENGINE=InnoDB CHARACTER SET utf8;
 
 CREATE INDEX pk_rosterg_user_jid ON rostergroups(username(75), jid(75));
 
@@ -63,13 +59,13 @@ CREATE TABLE sr_group (
     name varchar(250) NOT NULL,
     opts text NOT NULL,
     created_at timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP
-) CHARACTER SET utf8;
+) ENGINE=InnoDB CHARACTER SET utf8;
 
 CREATE TABLE sr_user (
     jid varchar(250) NOT NULL,
     grp varchar(250) NOT NULL,
     created_at timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP
-) CHARACTER SET utf8;
+) ENGINE=InnoDB CHARACTER SET utf8;
 
 CREATE UNIQUE INDEX i_sr_user_jid_group ON sr_user(jid(75), grp(75));
 CREATE INDEX i_sr_user_jid ON sr_user(jid);
@@ -80,22 +76,21 @@ CREATE TABLE spool (
     xml text NOT NULL,
     seq BIGINT UNSIGNED NOT NULL AUTO_INCREMENT UNIQUE,
     created_at timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP
-) CHARACTER SET utf8;
+) ENGINE=InnoDB CHARACTER SET utf8;
 
 CREATE INDEX i_despool USING BTREE ON spool(username);
 
-
 CREATE TABLE vcard (
     username varchar(250) PRIMARY KEY,
     vcard mediumtext NOT NULL,
     created_at timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP
-) CHARACTER SET utf8;
+) ENGINE=InnoDB CHARACTER SET utf8;
 
 CREATE TABLE vcard_xupdate (
     username varchar(250) PRIMARY KEY,
     hash text NOT NULL,
     created_at timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP
-) CHARACTER SET utf8;
+) ENGINE=InnoDB CHARACTER SET utf8;
 
 CREATE TABLE vcard_search (
     username varchar(250) NOT NULL,
@@ -122,7 +117,7 @@ CREATE TABLE vcard_search (
     lorgname varchar(250) NOT NULL,
     orgunit text NOT NULL,
     lorgunit varchar(250) NOT NULL
-) CHARACTER SET utf8;
+) ENGINE=InnoDB CHARACTER SET utf8;
 
 CREATE INDEX i_vcard_search_lfn       ON vcard_search(lfn);
 CREATE INDEX i_vcard_search_lfamily   ON vcard_search(lfamily);
@@ -139,14 +134,14 @@ CREATE INDEX i_vcard_search_lorgunit  ON vcard_search(lorgunit);
 CREATE TABLE privacy_default_list (
     username varchar(250) PRIMARY KEY,
     name varchar(250) NOT NULL
-) CHARACTER SET utf8;
+) ENGINE=InnoDB CHARACTER SET utf8;
 
 CREATE TABLE privacy_list (
     username varchar(250) NOT NULL,
     name varchar(250) NOT NULL,
     id BIGINT UNSIGNED NOT NULL AUTO_INCREMENT UNIQUE,
     created_at timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP
-) CHARACTER SET utf8;
+) ENGINE=InnoDB CHARACTER SET utf8;
 
 CREATE INDEX i_privacy_list_username  USING BTREE ON privacy_list(username);
 CREATE UNIQUE INDEX i_privacy_list_username_name USING BTREE ON privacy_list (username(75), name(75));
@@ -162,14 +157,15 @@ CREATE TABLE privacy_list_data (
     match_message boolean NOT NULL,
     match_presence_in boolean NOT NULL,
     match_presence_out boolean NOT NULL
-) CHARACTER SET utf8;
+) ENGINE=InnoDB CHARACTER SET utf8;
+CREATE INDEX i_privacy_list_data_id ON privacy_list_data(id);
 
 CREATE TABLE private_storage (
     username varchar(250) NOT NULL,
     namespace varchar(250) NOT NULL,
     data text NOT NULL,
     created_at timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP
-) CHARACTER SET utf8;
+) ENGINE=InnoDB CHARACTER SET utf8;
 
 CREATE INDEX i_private_storage_username USING BTREE ON private_storage(username);
 CREATE UNIQUE INDEX i_private_storage_username_namespace USING BTREE ON private_storage(username(75), namespace(75));
@@ -178,7 +174,7 @@ CREATE UNIQUE INDEX i_private_storage_username_namespace USING BTREE ON private_
 CREATE TABLE roster_version (
     username varchar(250) PRIMARY KEY,
     version text NOT NULL
-) CHARACTER SET utf8;
+) ENGINE=InnoDB CHARACTER SET utf8;
 
 -- To update from 1.x:
 -- ALTER TABLE rosterusers ADD COLUMN askmessage text AFTER ask;
@@ -191,7 +187,7 @@ CREATE TABLE pubsub_node (
   parent text,
   type text,
   nodeid bigint auto_increment primary key
-) CHARACTER SET utf8;
+) ENGINE=InnoDB CHARACTER SET utf8;
 CREATE INDEX i_pubsub_node_parent ON pubsub_node(parent(120));
 CREATE UNIQUE INDEX i_pubsub_node_tuple ON pubsub_node(host(20), node(120));
 
@@ -199,14 +195,14 @@ CREATE TABLE pubsub_node_option (
   nodeid bigint,
   name text,
   val text
-) CHARACTER SET utf8;
+) ENGINE=InnoDB CHARACTER SET utf8;
 CREATE INDEX i_pubsub_node_option_nodeid ON pubsub_node_option(nodeid);
 ALTER TABLE `pubsub_node_option` ADD FOREIGN KEY (`nodeid`) REFERENCES `pubsub_node` (`nodeid`) ON DELETE CASCADE;
 
 CREATE TABLE pubsub_node_owner (
   nodeid bigint,
   owner text
-) CHARACTER SET utf8;
+) ENGINE=InnoDB CHARACTER SET utf8;
 CREATE INDEX i_pubsub_node_owner_nodeid ON pubsub_node_owner(nodeid);
 ALTER TABLE `pubsub_node_owner` ADD FOREIGN KEY (`nodeid`) REFERENCES `pubsub_node` (`nodeid`) ON DELETE CASCADE;
 
@@ -216,7 +212,7 @@ CREATE TABLE pubsub_state (
   affiliation character(1),
   subscriptions text,
   stateid bigint auto_increment primary key
-) CHARACTER SET utf8;
+) ENGINE=InnoDB CHARACTER SET utf8;
 CREATE INDEX i_pubsub_state_jid ON pubsub_state(jid(60));
 CREATE UNIQUE INDEX i_pubsub_state_tuple ON pubsub_state(nodeid, jid(60));
 ALTER TABLE `pubsub_state` ADD FOREIGN KEY (`nodeid`) REFERENCES `pubsub_node` (`nodeid`) ON DELETE CASCADE;
@@ -228,7 +224,7 @@ CREATE TABLE pubsub_item (
   creation text,
   modification text,
   payload text
-) CHARACTER SET utf8;
+) ENGINE=InnoDB CHARACTER SET utf8;
 CREATE INDEX i_pubsub_item_itemid ON pubsub_item(itemid(36));
 CREATE UNIQUE INDEX i_pubsub_item_tuple ON pubsub_item(nodeid, itemid(36));
 ALTER TABLE `pubsub_item` ADD FOREIGN KEY (`nodeid`) REFERENCES `pubsub_node` (`nodeid`) ON DELETE CASCADE;
@@ -245,7 +241,7 @@ CREATE TABLE muc_room (
     host text NOT NULL,
     opts text NOT NULL,
     created_at timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP
-) CHARACTER SET utf8;
+) ENGINE=InnoDB CHARACTER SET utf8;
 
 CREATE UNIQUE INDEX i_muc_room_name_host USING BTREE ON muc_room(name(75), host(75));
 
@@ -254,7 +250,7 @@ CREATE TABLE muc_registered (
     host text NOT NULL,
     nick text NOT NULL,
     created_at timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP
-) CHARACTER SET utf8;
+) ENGINE=InnoDB CHARACTER SET utf8;
 
 CREATE INDEX i_muc_registered_nick USING BTREE ON muc_registered(nick(75));
 CREATE UNIQUE INDEX i_muc_registered_jid_host USING BTREE ON muc_registered(jid(75), host(75));
@@ -264,7 +260,7 @@ CREATE TABLE irc_custom (
     host text NOT NULL,
     data text NOT NULL,
     created_at timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP
-) CHARACTER SET utf8;
+) ENGINE=InnoDB CHARACTER SET utf8;
 
 CREATE UNIQUE INDEX i_irc_custom_jid_host USING BTREE ON irc_custom(jid(75), host(75));
 
@@ -272,13 +268,13 @@ CREATE TABLE motd (
     username varchar(250) PRIMARY KEY,
     xml text,
     created_at timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP
-) CHARACTER SET utf8;
+) ENGINE=InnoDB CHARACTER SET utf8;
 
 CREATE TABLE caps_features (
     node varchar(250) NOT NULL,
     subnode varchar(250) NOT NULL,
     feature text,
     created_at timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP
-) CHARACTER SET utf8;
+) ENGINE=InnoDB CHARACTER SET utf8;
 
 CREATE INDEX i_caps_features_node_subnode ON caps_features(node(75), subnode(75));

sql/pg.sql

@@ -1,5 +1,5 @@
 --
--- ejabberd, Copyright (C) 2002-2013   ProcessOne
+-- ejabberd, Copyright (C) 2002-2014   ProcessOne
 --
 -- This program is free software; you can redistribute it and/or
 -- modify it under the terms of the GNU General Public License as
@@ -11,10 +11,9 @@
 -- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 -- General Public License for more details.
 --                         
--- You should have received a copy of the GNU General Public License
--- along with this program; if not, write to the Free Software
--- Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
--- 02111-1307 USA
+-- You should have received a copy of the GNU General Public License along
+-- with this program; if not, write to the Free Software Foundation, Inc.,
+-- 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 --
 
 CREATE TABLE users (

src/acl.erl

@@ -5,7 +5,7 @@
 %%% Created : 18 Jan 2003 by Alexey Shchepin <alexey@process-one.net>
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -17,10 +17,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 
@@ -29,34 +28,38 @@
 -author('alexey@process-one.net').
 
 -export([start/0, to_record/3, add/3, add_list/3,
-	 match_rule/3, match_acl/3]).
+         add_local/3, add_list_local/3, load_from_config/0,
+	 match_rule/3, match_acl/3, transform_options/1]).
 
 -include("ejabberd.hrl").
 -include("logger.hrl").
 -include("jlib.hrl").
 
 -record(acl, {aclname, aclspec}).
+-record(access, {name       :: aclname(),
+                 rules = [] :: [access_rule()]}).
 
 -type regexp() :: binary().
 -type glob() :: binary().
+-type access_name() :: atom().
+-type access_rule() :: {atom(), any()}.
+-type host() :: binary().
 -type aclname() :: {atom(), binary() | global}.
 -type aclspec() :: all | none |
-                   {user, binary()} |
-                   {user, binary(), binary()} |
+                   {user, {binary(), host()} | binary()} |
                    {server, binary()} |
                    {resource, binary()} |
-                   {user_regexp, regexp()} |
-                   {shared_group, binary()} |
-                   {shared_group, binary(), binary()} |
-                   {user_regexp, regexp(), binary()} |
+                   {user_regexp, {regexp(), host()} | regexp()} |
+                   {shared_group, {binary(), host()} | binary()} |
+                   {user_regexp, {regexp(), host()} | regexp()} |
                    {server_regexp, regexp()} |
                    {resource_regexp, regexp()} |
-                   {node_regexp, regexp(), regexp()} |
-                   {user_glob, glob()} |
-                   {user_glob, glob(), binary()} |
+                   {node_regexp, {regexp(), regexp()}} |
+                   {user_glob, {glob(), host()} | glob()} |
                    {server_glob, glob()} |
                    {resource_glob, glob()} |
-                   {node_glob, glob(), glob()}.
+                   {ip, {inet:ip_address(), integer()}} |
+                   {node_glob, {glob(), glob()}}.
 
 -type acl() :: #acl{aclname :: aclname(),
                     aclspec :: aclspec()}.
@@ -64,11 +67,23 @@
 -export_type([acl/0]).
 
 start() ->
+    case catch mnesia:table_info(acl, storage_type) of
+        disc_copies ->
+            mnesia:delete_table(acl);
+        _ ->
+            ok
+    end,
     mnesia:create_table(acl,
-			[{disc_copies, [node()]}, {type, bag},
+			[{ram_copies, [node()]}, {type, bag},
+                         {local_content, true},
 			 {attributes, record_info(fields, acl)}]),
+    mnesia:create_table(access,
+                        [{ram_copies, [node()]},
+                         {local_content, true},
+			 {attributes, record_info(fields, access)}]),
     mnesia:add_table_copy(acl, node(), ram_copies),
-    update_table(),
+    mnesia:add_table_copy(access, node(), ram_copies),
+    load_from_config(),
     ok.
 
 -spec to_record(binary(), atom(), aclspec()) -> acl().
@@ -77,18 +92,49 @@ to_record(Host, ACLName, ACLSpec) ->
     #acl{aclname = {ACLName, Host},
 	 aclspec = normalize_spec(ACLSpec)}.
 
--spec add(binary(), aclname(), aclspec()) -> {atomic, ok} | {aborted, any()}.
+-spec add(binary(), aclname(), aclspec()) -> ok | {error, any()}.
 
 add(Host, ACLName, ACLSpec) ->
+    {ResL, BadNodes} = rpc:multicall(mnesia:system_info(running_db_nodes),
+                                     ?MODULE, add_local,
+                                     [Host, ACLName, ACLSpec]),
+    case lists:keyfind(aborted, 1, ResL) of
+        false when BadNodes == [] ->
+            ok;
+        false ->
+            {error, {failed_nodes, BadNodes}};
+        Err ->
+            {error, Err}
+    end.
+
+add_local(Host, ACLName, ACLSpec) ->
     F = fun () ->
 		mnesia:write(#acl{aclname = {ACLName, Host},
 				  aclspec = normalize_spec(ACLSpec)})
 	end,
-    mnesia:transaction(F).
+    case mnesia:transaction(F) of
+        {atomic, ok} ->
+            ok;
+        Err ->
+            Err
+    end.
 
--spec add_list(binary(), [acl()], boolean()) -> false | ok.
+-spec add_list(binary(), [acl()], boolean()) -> ok | {error, any()}.
 
 add_list(Host, ACLs, Clear) ->
+    {ResL, BadNodes} = rpc:multicall(mnesia:system_info(running_db_nodes),
+                                     ?MODULE, add_list_local,
+                                     [Host, ACLs, Clear]),
+    case lists:keyfind(aborted, 1, ResL) of
+        false when BadNodes == [] ->
+            ok;
+        false ->
+            {error, {failed_nodes, BadNodes}};
+        Err ->
+            {error, Err}
+    end.
+
+add_list_local(Host, ACLs, Clear) ->
     F = fun () ->
 		if Clear ->
 		       Ks = mnesia:select(acl,
@@ -112,135 +158,197 @@ add_list(Host, ACLs, Clear) ->
 			      end,
 			      ACLs)
 	end,
-    case mnesia:transaction(F) of
-      {atomic, _} -> ok;
-      _ -> false
+    mnesia:transaction(F).
+
+-spec add_access(binary() | global,
+                 access_name(), [access_rule()]) ->  ok | {error, any()}.
+
+add_access(Host, Access, Rules) ->
+    case mnesia:transaction(
+           fun() ->
+                   mnesia:write(
+                     #access{name = {Access, Host},
+                             rules = Rules})
+           end) of
+        {atomic, ok} ->
+            ok;
+        Err ->
+            {error, Err}
     end.
 
-normalize(A) -> jlib:nodeprep(iolist_to_binary(A)).
+-spec load_from_config() -> ok.
 
-normalize_spec({A, B}) -> {A, normalize(B)};
-normalize_spec({A, B, C}) ->
-    {A, normalize(B), normalize(C)};
-normalize_spec(all) -> all;
-normalize_spec(none) -> none.
+load_from_config() ->
+    Hosts = [global|?MYHOSTS],
+    lists:foreach(
+      fun(Host) ->
+              ACLs = ejabberd_config:get_option(
+                       {acl, Host}, fun(V) -> V end, []),
+              AccessRules = ejabberd_config:get_option(
+                              {access, Host}, fun(V) -> V end, []),
+              lists:foreach(
+                fun({ACLName, SpecList}) ->
+                        lists:foreach(
+                          fun({ACLType, ACLSpecs}) when is_list(ACLSpecs) ->
+                                  lists:foreach(
+                                    fun(ACLSpec) ->
+                                            add(Host, ACLName,
+                                                {ACLType, ACLSpec})
+                                    end, lists:flatten(ACLSpecs));
+                             ({ACLType, ACLSpecs}) ->
+                                  add(Host, ACLName, {ACLType, ACLSpecs})
+                          end, lists:flatten(SpecList))
+                end, ACLs),
+              lists:foreach(
+                fun({Access, Rules}) ->
+                        add_access(Host, Access, Rules)
+                end, AccessRules)
+      end, Hosts).
 
--spec match_rule(global | binary(), atom(), jid() | ljid()) -> any().
+b(S) ->
+    iolist_to_binary(S).
 
-match_rule(global, Rule, JID) ->
-    case Rule of
-      all -> allow;
-      none -> deny;
-      _ ->
-	  case ejabberd_config:get_global_option(
-                 {access, Rule, global}, fun(V) -> V end)
-	      of
-	    undefined -> deny;
-	    GACLs -> match_acls(GACLs, JID, global)
-	  end
-    end;
-match_rule(Host, Rule, JID) ->
-    case Rule of
-      all -> allow;
-      none -> deny;
-      _ ->
-	  case ejabberd_config:get_global_option(
-                 {access, Rule, global}, fun(V) -> V end)
-	      of
-	    undefined ->
-		case ejabberd_config:get_global_option(
-                       {access, Rule, Host}, fun(V) -> V end)
-		    of
-		  undefined -> deny;
-		  ACLs -> match_acls(ACLs, JID, Host)
-		end;
-	    GACLs ->
-		case ejabberd_config:get_global_option(
-                       {access, Rule, Host}, fun(V) -> V end)
-		    of
-		  undefined -> match_acls(GACLs, JID, Host);
-		  ACLs ->
-		      case lists:reverse(GACLs) of
-			[{allow, all} | Rest] ->
-			    match_acls(lists:reverse(Rest) ++
-					 ACLs ++ [{allow, all}],
-				       JID, Host);
-			_ -> match_acls(GACLs ++ ACLs, JID, Host)
-		      end
-		end
-	  end
+nodeprep(S) ->
+    jlib:nodeprep(b(S)).
+
+nameprep(S) ->
+    jlib:nameprep(b(S)).
+
+resourceprep(S) ->
+    jlib:resourceprep(b(S)).
+
+normalize_spec(Spec) ->
+    case Spec of
+        all -> all;
+        none -> none;
+        {user, {U, S}} -> {user, {nodeprep(U), nameprep(S)}};
+        {user, U} -> {user, nodeprep(U)};
+        {shared_group, {G, H}} -> {shared_group, {b(G), nameprep(H)}};
+        {shared_group, G} -> {shared_group, b(G)};
+        {user_regexp, {UR, S}} -> {user_regexp, {b(UR), nameprep(S)}};
+        {user_regexp, UR} -> {user_regexp, b(UR)};
+        {node_regexp, {UR, SR}} -> {node_regexp, {b(UR), b(SR)}};
+        {user_glob, {UR, S}} -> {user_glob, {b(UR), nameprep(S)}};
+        {user_glob, UR} -> {user_glob, b(UR)};
+        {node_glob, {UR, SR}} -> {node_glob, {b(UR), b(SR)}};
+        {server, S} -> {server, nameprep(S)};
+        {resource, R} -> {resource, resourceprep(R)};
+        {server_regexp, SR} -> {server_regexp, b(SR)};
+        {server_glob, S} -> {server_glob, b(S)};
+        {resource_glob, R} -> {resource_glob, b(R)};
+        {ip, {Net, Mask}} ->
+            {ip, {Net, Mask}};
+        {ip, S} ->
+            case parse_ip_netmask(b(S)) of
+                {ok, Net, Mask} ->
+                    {ip, {Net, Mask}};
+                error ->
+                    ?INFO_MSG("Invalid network address: ~p", [S]),
+                    none
+            end
+    end.
+
+-spec match_rule(global | binary(), access_name(),
+                 jid() | ljid() | inet:ip_address()) -> any().
+
+match_rule(_Host, all, _JID) ->
+    allow;
+match_rule(_Host, none, _JID) ->
+    deny;
+match_rule(Host, Access, JID) ->
+    GAccess = ets:lookup(access, {Access, global}),
+    LAccess = if Host /= global ->
+                      ets:lookup(access, {Access, Host});
+                 true ->
+                      []
+              end,
+    case GAccess ++ LAccess of
+        [] ->
+            deny;
+        AccessList ->
+            Rules = lists:flatmap(
+                      fun(#access{rules = Rs}) ->
+                              Rs
+                      end, AccessList),
+            match_acls(Rules, JID, Host)
     end.
 
 match_acls([], _, _Host) -> deny;
-match_acls([{Access, ACL} | ACLs], JID, Host) ->
+match_acls([{ACL, Access} | ACLs], JID, Host) ->
     case match_acl(ACL, JID, Host) of
       true -> Access;
       _ -> match_acls(ACLs, JID, Host)
     end.
 
--spec match_acl(atom(), jid() | ljid(), binary()) -> boolean().
+-spec match_acl(atom(),
+                jid() | ljid() | inet:ip_address(),
+                binary()) -> boolean().
 
+match_acl(all, _JID, _Host) ->
+    true;
+match_acl(none, _JID, _Host) ->
+    false;
+match_acl(ACL, IP, Host) when tuple_size(IP) == 4;
+                              tuple_size(IP) == 8 ->
+    lists:any(
+      fun(#acl{aclspec = {ip, {Net, Mask}}}) ->
+              is_ip_match(IP, Net, Mask);
+         (_) ->
+              false
+      end,
+      ets:lookup(acl, {ACL, Host}) ++
+          ets:lookup(acl, {ACL, global}));
 match_acl(ACL, JID, Host) ->
-    case ACL of
-      all -> true;
-      none -> false;
-      _ ->
-	  {User, Server, Resource} = jlib:jid_tolower(JID),
-	  lists:any(fun (#acl{aclspec = Spec}) ->
-			    case Spec of
-			      all -> true;
-			      {user, U} ->
-				  U == User andalso
-				    (Host == Server orelse
-				       Host == global andalso
-					 lists:member(Server, ?MYHOSTS));
-			      {user, U, S} -> U == User andalso S == Server;
-			      {server, S} -> S == Server;
-			      {resource, R} -> R == Resource;
-			      {user_regexp, UR} ->
-				  (Host == Server orelse
-				     Host == global andalso
-				       lists:member(Server, ?MYHOSTS))
-				    andalso is_regexp_match(User, UR);
-			      {shared_group, G} ->
-				  Mod = loaded_shared_roster_module(Host),
-				  Mod:is_user_in_group({User, Server}, G, Host);
-			      {shared_group, G, H} ->
-				  Mod = loaded_shared_roster_module(H),
-				  Mod:is_user_in_group({User, Server}, G, H);
-			      {user_regexp, UR, S} ->
-				  S == Server andalso is_regexp_match(User, UR);
-			      {server_regexp, SR} ->
-				  is_regexp_match(Server, SR);
-			      {resource_regexp, RR} ->
-				  is_regexp_match(Resource, RR);
-			      {node_regexp, UR, SR} ->
-				  is_regexp_match(Server, SR) andalso
-				    is_regexp_match(User, UR);
-			      {user_glob, UR} ->
-				  (Host == Server orelse
-				     Host == global andalso
-				       lists:member(Server, ?MYHOSTS))
-				    andalso is_glob_match(User, UR);
-			      {user_glob, UR, S} ->
-				  S == Server andalso is_glob_match(User, UR);
-			      {server_glob, SR} -> is_glob_match(Server, SR);
-			      {resource_glob, RR} ->
-				  is_glob_match(Resource, RR);
-			      {node_glob, UR, SR} ->
-				  is_glob_match(Server, SR) andalso
-				    is_glob_match(User, UR);
-			      WrongSpec ->
-				  ?ERROR_MSG("Wrong ACL expression: ~p~nCheck your "
-					     "config file and reload it with the override_a"
-					     "cls option enabled",
-					     [WrongSpec]),
-				  false
-			    end
-		    end,
-		    ets:lookup(acl, {ACL, global}) ++
-		      ets:lookup(acl, {ACL, Host}))
-    end.
+    {User, Server, Resource} = jlib:jid_tolower(JID),
+    lists:any(
+      fun(#acl{aclspec = Spec}) ->
+              case Spec of
+                  all -> true;
+                  {user, {U, S}} -> U == User andalso S == Server;
+                  {user, U} ->
+                      U == User andalso
+                          lists:member(Server, ?MYHOSTS);
+                  {server, S} -> S == Server;
+                  {resource, R} -> R == Resource;
+                  {shared_group, {G, H}} ->
+                      Mod = loaded_shared_roster_module(H),
+                      Mod:is_user_in_group({User, Server}, G, H);
+                  {shared_group, G} ->
+                      Mod = loaded_shared_roster_module(Host),
+                      Mod:is_user_in_group({User, Server}, G, Host);
+                  {user_regexp, {UR, S}} ->
+                      S == Server andalso is_regexp_match(User, UR);
+                  {user_regexp, UR} ->
+                      lists:member(Server, ?MYHOSTS)
+                          andalso is_regexp_match(User, UR);
+                  {server_regexp, SR} ->
+                      is_regexp_match(Server, SR);
+                  {resource_regexp, RR} ->
+                      is_regexp_match(Resource, RR);
+                  {node_regexp, {UR, SR}} ->
+                      is_regexp_match(Server, SR) andalso
+                          is_regexp_match(User, UR);
+                  {user_glob, {UR, S}} ->
+                      S == Server andalso is_glob_match(User, UR);
+                  {user_glob, UR} ->
+                      lists:member(Server, ?MYHOSTS)
+                          andalso is_glob_match(User, UR);
+                  {server_glob, SR} -> is_glob_match(Server, SR);
+                  {resource_glob, RR} ->
+                      is_glob_match(Resource, RR);
+                  {node_glob, {UR, SR}} ->
+                      is_glob_match(Server, SR) andalso
+                          is_glob_match(User, UR);
+                  WrongSpec ->
+                      ?ERROR_MSG("Wrong ACL expression: ~p~nCheck your "
+                                 "config file and reload it with the override_a"
+                                 "cls option enabled",
+                                 [WrongSpec]),
+                      false
+              end
+      end,
+      ets:lookup(acl, {ACL, Host}) ++
+          ets:lookup(acl, {ACL, global})).
 
 is_regexp_match(String, RegExp) ->
     case ejabberd_regexp:run(String, RegExp) of
@@ -256,34 +364,115 @@ is_glob_match(String, Glob) ->
     is_regexp_match(String,
 		    ejabberd_regexp:sh_to_awk(Glob)).
 
+is_ip_match({_, _, _, _} = IP, {_, _, _, _} = Net, Mask) ->
+    IPInt = ip_to_integer(IP),
+    NetInt = ip_to_integer(Net),
+    M = bnot (1 bsl (32 - Mask) - 1),
+    IPInt band M =:= NetInt band M;
+is_ip_match({_, _, _, _, _, _, _, _} = IP,
+            {_, _, _, _, _, _, _, _} = Net, Mask) ->
+    IPInt = ip_to_integer(IP),
+    NetInt = ip_to_integer(Net),
+    M = bnot (1 bsl (128 - Mask) - 1),
+    IPInt band M =:= NetInt band M;
+is_ip_match(_, _, _) ->
+    false.
+
+ip_to_integer({IP1, IP2, IP3, IP4}) ->
+    IP1 bsl 8 bor IP2 bsl 8 bor IP3 bsl 8 bor IP4;
+ip_to_integer({IP1, IP2, IP3, IP4, IP5, IP6, IP7,
+	       IP8}) ->
+    IP1 bsl 16 bor IP2 bsl 16 bor IP3 bsl 16 bor IP4 bsl 16
+      bor IP5
+      bsl 16
+      bor IP6
+      bsl 16
+      bor IP7
+      bsl 16
+      bor IP8.
+
 loaded_shared_roster_module(Host) ->
     case gen_mod:is_loaded(Host, mod_shared_roster_ldap) of
       true -> mod_shared_roster_ldap;
       false -> mod_shared_roster
     end.
 
-update_table() ->
-    Fields = record_info(fields, acl),
-    case mnesia:table_info(acl, attributes) of
-        Fields ->
-            ejabberd_config:convert_table_to_binary(
-              acl, Fields, bag,
-              fun(#acl{aclspec = Spec}) when is_tuple(Spec) ->
-                      element(2, Spec);
-                 (_) ->
-                      '$next'
-              end,
-              fun(#acl{aclname = {ACLName, Host},
-                       aclspec = Spec} = R) ->
-                      NewHost = if Host == global ->
-                                        Host;
-                                   true ->
-                                        iolist_to_binary(Host)
-                                end,
-                      R#acl{aclname = {ACLName, NewHost},
-                            aclspec = normalize_spec(Spec)}
-              end);
-        _ ->
-            ?INFO_MSG("Recreating acl table", []),
-            mnesia:transform_table(acl, ignore, Fields)
+parse_ip_netmask(S) ->
+    case str:tokens(S, <<"/">>) of
+      [IPStr] ->
+	  case inet_parse:address(binary_to_list(IPStr)) of
+	    {ok, {_, _, _, _} = IP} -> {ok, IP, 32};
+	    {ok, {_, _, _, _, _, _, _, _} = IP} -> {ok, IP, 128};
+	    _ -> error
+	  end;
+      [IPStr, MaskStr] ->
+	  case catch jlib:binary_to_integer(MaskStr) of
+	    Mask when is_integer(Mask), Mask >= 0 ->
+		case inet_parse:address(binary_to_list(IPStr)) of
+		  {ok, {_, _, _, _} = IP} when Mask =< 32 ->
+		      {ok, IP, Mask};
+		  {ok, {_, _, _, _, _, _, _, _} = IP} when Mask =< 128 ->
+		      {ok, IP, Mask};
+		  _ -> error
+		end;
+	    _ -> error
+	  end;
+      _ -> error
     end.
+
+transform_options(Opts) ->
+    Opts1 = lists:foldl(fun transform_options/2, [], Opts),
+    {ACLOpts, Opts2} = lists:mapfoldl(
+                         fun({acl, Os}, Acc) ->
+                                 {Os, Acc};
+                            (O, Acc) ->
+                                 {[], [O|Acc]}
+                         end, [], Opts1),
+    {AccessOpts, Opts3} = lists:mapfoldl(
+                            fun({access, Os}, Acc) ->
+                                    {Os, Acc};
+                               (O, Acc) ->
+                                    {[], [O|Acc]}
+                            end, [], Opts2),
+    ACLOpts1 = ejabberd_config:collect_options(lists:flatten(ACLOpts)),
+    AccessOpts1 = case ejabberd_config:collect_options(
+                         lists:flatten(AccessOpts)) of
+                      [] -> [];
+                      L1 -> [{access, L1}]
+                  end,
+    ACLOpts2 = case lists:map(
+                      fun({ACLName, Os}) ->
+                              {ACLName, ejabberd_config:collect_options(Os)}
+                      end, ACLOpts1) of
+                   [] -> [];
+                   L2 -> [{acl, L2}]
+               end,
+    ACLOpts2 ++ AccessOpts1 ++ Opts3.
+
+transform_options({acl, Name, Type}, Opts) ->
+    T = case Type of
+            all -> all;
+            none -> none;
+            {user, U} -> {user, [b(U)]};
+            {user, U, S} -> {user, [[{b(U), b(S)}]]};
+            {shared_group, G} -> {shared_group, [b(G)]};
+            {shared_group, G, H} -> {shared_group, [[{b(G), b(H)}]]};
+            {user_regexp, UR} -> {user_regexp, [b(UR)]};
+            {user_regexp, UR, S} -> {user_regexp, [[{b(UR), b(S)}]]};
+            {node_regexp, UR, SR} -> {node_regexp, [[{b(UR), b(SR)}]]};
+            {user_glob, UR} -> {user_glob, [b(UR)]};
+            {user_glob, UR, S} -> {user_glob, [[{b(UR), b(S)}]]};
+            {node_glob, UR, SR} -> {node_glob, [[{b(UR), b(SR)}]]};
+            {server, S} -> {server, [b(S)]};
+            {resource, R} -> {resource, [b(R)]};
+            {server_regexp, SR} -> {server_regexp, [b(SR)]};
+            {server_glob, S} -> {server_glob, [b(S)]};
+            {ip, S} -> {ip, [b(S)]};
+            {resource_glob, R} -> {resource_glob, [b(R)]}
+        end,
+    [{acl, [{Name, [T]}]}|Opts];
+transform_options({access, Name, Rules}, Opts) ->
+    NewRules = [{ACL, Action} || {Action, ACL} <- Rules],
+    [{access, [{Name, NewRules}]}|Opts];
+transform_options(Opt, Opts) ->
+    [Opt|Opts].

src/adhoc.erl

@@ -5,7 +5,7 @@
 %%% Created : 31 Oct 2005 by Magnus Henoch <henoch@dtek.chalmers.se>
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -17,10 +17,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 

src/cyrsasl.erl

@@ -5,7 +5,7 @@
 %%% Created :  8 Mar 2003 by Alexey Shchepin <alexey@process-one.net>
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -17,10 +17,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 
@@ -94,9 +93,15 @@ start() ->
 ).
 
 register_mechanism(Mechanism, Module, PasswordType) ->
-    ets:insert(sasl_mechanism,
-	       #sasl_mechanism{mechanism = Mechanism, module = Module,
-			       password_type = PasswordType}).
+    case is_disabled(Mechanism) of
+      false ->
+	  ets:insert(sasl_mechanism,
+		     #sasl_mechanism{mechanism = Mechanism, module = Module,
+				     password_type = PasswordType});
+      true ->
+	  ?DEBUG("SASL mechanism ~p is disabled", [Mechanism]),
+	  true
+    end.
 
 %%% TODO: use callbacks
 %%-include("ejabberd.hrl").
@@ -216,3 +221,19 @@ filter_anonymous(Host, Mechs) ->
       true  -> Mechs;
       false -> Mechs -- [<<"ANONYMOUS">>]
     end.
+
+-spec(is_disabled/1 ::
+(
+  Mechanism :: mechanism())
+    -> boolean()
+).
+
+is_disabled(Mechanism) ->
+    Disabled = ejabberd_config:get_option(
+		 disable_sasl_mechanisms,
+		 fun(V) when is_list(V) ->
+			 lists:map(fun(M) -> str:to_upper(M) end, V);
+		    (V) ->
+			 [str:to_upper(V)]
+		 end, []),
+    lists:member(Mechanism, Disabled).

src/cyrsasl_anonymous.erl

@@ -6,7 +6,7 @@
 %%% Created : 23 Aug 2005 by Magnus Henoch <henoch@dtek.chalmers.se>
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -18,10 +18,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 

src/cyrsasl_digest.erl

@@ -5,7 +5,7 @@
 %%% Created : 11 Mar 2003 by Alexey Shchepin <alexey@sevcom.net>
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -17,10 +17,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 
@@ -204,11 +203,11 @@ get_local_fqdn() ->
       Str when is_binary(Str) -> Str;
       _ ->
 	  <<"unknown-fqdn, please configure fqdn "
-	    "option in ejabberd.cfg!">>
+	    "option in ejabberd.yml!">>
     end.
 
 get_local_fqdn2() ->
-    case ejabberd_config:get_local_option(
+    case ejabberd_config:get_option(
            fqdn, fun iolist_to_binary/1) of
         ConfiguredFqdn when is_binary(ConfiguredFqdn) ->
             ConfiguredFqdn;
@@ -237,7 +236,7 @@ response(KeyVals, User, Passwd, Nonce, AuthzId,
     DigestURI = proplists_get_bin_value(<<"digest-uri">>, KeyVals, <<>>),
     NC = proplists_get_bin_value(<<"nc">>, KeyVals, <<>>),
     QOP = proplists_get_bin_value(<<"qop">>, KeyVals, <<>>),
-    MD5Hash = crypto:md5(<<User/binary, ":", Realm/binary, ":",
+    MD5Hash = erlang:md5(<<User/binary, ":", Realm/binary, ":",
                            Passwd/binary>>),
     A1 = case AuthzId of
 	   <<"">> ->
@@ -253,7 +252,7 @@ response(KeyVals, User, Passwd, Nonce, AuthzId,
 	       <<A2Prefix/binary, ":", DigestURI/binary,
 		 ":00000000000000000000000000000000">>
 	 end,
-    T = <<(hex((crypto:md5(A1))))/binary, ":", Nonce/binary,
+    T = <<(hex((erlang:md5(A1))))/binary, ":", Nonce/binary,
 	  ":", NC/binary, ":", CNonce/binary, ":", QOP/binary,
-	  ":", (hex((crypto:md5(A2))))/binary>>,
-    hex((crypto:md5(T))).
+	  ":", (hex((erlang:md5(A2))))/binary>>,
+    hex((erlang:md5(T))).

src/cyrsasl_plain.erl

@@ -5,7 +5,7 @@
 %%% Created :  8 Mar 2003 by Alexey Shchepin <alexey@process-one.net>
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -17,10 +17,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 

src/cyrsasl_scram.erl

@@ -5,7 +5,7 @@
 %%% Created : 7 Aug 2011 by Stephen Röttger <stephen.roettger@googlemail.com>
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -17,10 +17,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 

src/ejabberd.erl

@@ -5,7 +5,7 @@
 %%% Created : 16 Nov 2002 by Alexey Shchepin <alexey@process-one.net>
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -17,18 +17,17 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 
 -module(ejabberd).
 -author('alexey@process-one.net').
 
--export([start/0, stop/0, start_app/1,
-	 get_pid_file/0]).
+-export([start/0, stop/0, start_app/1, start_app/2,
+	 get_pid_file/0, check_app/1]).
 
 -include("logger.hrl").
 
@@ -51,27 +50,93 @@ get_pid_file() ->
 	    Path
     end.
 
-start_app(App) when not is_list(App) ->
-    start_app([App]);
-start_app([App|Apps]) ->
+start_app(App) ->
+    start_app(App, temporary).
+
+start_app(App, Type) ->
+    StartFlag = not is_loaded(),
+    start_app(App, Type, StartFlag).
+
+check_app(App) ->
+    StartFlag = not is_loaded(),
+    spawn(fun() -> check_app_modules(App, StartFlag) end),
+    ok.
+
+is_loaded() ->
+    Apps = application:which_applications(),
+    lists:keymember(ejabberd, 1, Apps).
+
+start_app(App, Type, StartFlag) when not is_list(App) ->
+    start_app([App], Type, StartFlag);
+start_app([App|Apps], Type, StartFlag) ->
     case application:start(App) of
         ok ->
-            start_app(Apps);
+            spawn(fun() -> check_app_modules(App, StartFlag) end),
+            start_app(Apps, Type, StartFlag);
         {error, {already_started, _}} ->
-            start_app(Apps);
+            start_app(Apps, Type, StartFlag);
         {error, {not_started, DepApp}} ->
             case lists:member(DepApp, [App|Apps]) of
                 true ->
-                    ?CRITICAL_MSG("failed to start application '~p': "
-                                  "circular dependency on '~p' detected",
-                                  [App, DepApp]),
-                    erlang:error(application_start_failed);
+                    Reason = io_lib:format(
+                               "failed to start application '~p': "
+                               "circular dependency on '~p' detected",
+                               [App, DepApp]),
+                    exit_or_halt(Reason, StartFlag);
                 false ->
-                    start_app([DepApp,App|Apps])
+                    start_app([DepApp,App|Apps], Type, StartFlag)
             end;
         Err ->
-            ?CRITICAL_MSG("failed to start application '~p': ~p", [App, Err]),
-            erlang:error(application_start_failed)
+            Reason = io_lib:format("failed to start application '~p': ~p",
+                                   [App, Err]),
+            exit_or_halt(Reason, StartFlag)
     end;
-start_app([]) ->
+start_app([], _Type, _StartFlag) ->
     ok.
+
+check_app_modules(App, StartFlag) ->
+    {A, B, C} = now(),
+    random:seed(A, B, C),
+    sleep(5000),
+    case application:get_key(App, modules) of
+        {ok, Mods} ->
+            lists:foreach(
+              fun(Mod) ->
+                      case code:which(Mod) of
+                          non_existing ->
+                              File = get_module_file(App, Mod),
+                              Reason = io_lib:format(
+                                         "couldn't find module ~s "
+                                         "needed for application '~p'",
+                                         [File, App]),
+                              exit_or_halt(Reason, StartFlag);
+                          _ ->
+                              sleep(10)
+                      end
+              end, Mods);
+        _ ->
+            %% No modules? This is strange
+            ok
+    end.
+
+exit_or_halt(Reason, StartFlag) ->
+    ?CRITICAL_MSG(Reason, []),
+    if StartFlag ->
+            %% Wait for the critical message is written in the console/log
+            timer:sleep(1000),
+            halt(string:substr(lists:flatten(Reason), 1, 199));
+       true ->
+            erlang:error(application_start_failed)
+    end.
+
+sleep(N) ->
+    timer:sleep(random:uniform(N)).
+
+get_module_file(App, Mod) ->
+    BaseName = atom_to_list(Mod),
+    case code:lib_dir(App, ebin) of
+        {error, _} ->
+            BaseName;
+        Dir ->
+            filename:join([Dir, BaseName ++ ".beam"])
+    end.

src/ejabberd_admin.erl

@@ -5,7 +5,7 @@
 %%% Created :  7 May 2006 by Mickael Remond <mremond@process-one.net>
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -17,10 +17,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%-------------------------------------------------------------------
 
@@ -164,6 +163,12 @@ commands() ->
                         module = ejd2odbc, function = export,
                         args = [{host, string}, {file, string}], result = {res, rescode}},
 
+     #ejabberd_commands{name = convert_to_yaml, tags = [config],
+                        desc = "Convert the input file from Erlang to YAML format",
+                        module = ejabberd_config, function = convert_to_yaml,
+                        args = [{in, string}, {out, string}],
+                        result = {res, rescode}},
+
      #ejabberd_commands{name = delete_expired_messages, tags = [purge],
 			desc = "Delete expired offline messages from database",
 			module = ?MODULE, function = delete_expired_messages,

src/ejabberd_app.erl

@@ -5,7 +5,7 @@
 %%% Created : 31 Jan 2003 by Alexey Shchepin <alexey@process-one.net>
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -17,10 +17,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 
@@ -29,7 +28,7 @@
 
 -behaviour(application).
 
--export([start_modules/0,start/2, get_log_path/0, prep_stop/1, stop/1, init/0]).
+-export([start_modules/0,start/2, prep_stop/1, stop/1, init/0]).
 
 -include("ejabberd.hrl").
 -include("logger.hrl").
@@ -39,24 +38,26 @@
 %%%
 
 start(normal, _Args) ->
-    maybe_start_lager(),
-    ejabberd_logger:set(4),
+    ejabberd_logger:start(),
     write_pid_file(),
     start_apps(),
+    ejabberd:check_app(ejabberd),
     randoms:start(),
     db_init(),
     start(),
     translate:start(),
-    acl:start(),
     ejabberd_ctl:init(),
     ejabberd_commands:init(),
     ejabberd_admin:start(),
     gen_mod:start(),
     ejabberd_config:start(),
-    ejabberd_check:config(),
+    set_loglevel_from_config(),
+    acl:start(),
+    shaper:start(),
     connect_nodes(),
     Sup = ejabberd_sup:start_link(),
     ejabberd_rdbms:start(),
+    ejabberd_riak_sup:start(),
     ejabberd_auth:start(),
     cyrsasl:start(),
     % Profiling
@@ -98,10 +99,6 @@ start() ->
 
 init() ->
     register(ejabberd, self()),
-    %erlang:system_flag(fullsweep_after, 0),
-    %error_logger:logfile({open, ?LOG_PATH}),
-    LogPath = get_log_path(),
-    ejabberd_logger:set_logfile(LogPath),
     loop().
 
 loop() ->
@@ -111,20 +108,32 @@ loop() ->
     end.
 
 db_init() ->
+    MyNode = node(),
+    DbNodes = mnesia:system_info(db_nodes),
+    case lists:member(MyNode, DbNodes) of
+	true ->
+	    ok;
+	false ->
+	    ?CRITICAL_MSG("Node name mismatch: I'm [~s], "
+			  "the database is owned by ~p", [MyNode, DbNodes]),
+	    ?CRITICAL_MSG("Either set ERLANG_NODE in ejabberdctl.cfg "
+			  "or change node name in Mnesia", []),
+	    erlang:error(node_name_mismatch)
+    end,
     case mnesia:system_info(extra_db_nodes) of
 	[] ->
 	    mnesia:create_schema([node()]);
 	_ ->
 	    ok
     end,
-    application:start(mnesia, permanent),
+    ejabberd:start_app(mnesia, permanent),
     mnesia:wait_for_tables(mnesia:system_info(local_tables), infinity).
 
 %% Start all the modules in all the hosts
 start_modules() ->
     lists:foreach(
       fun(Host) ->
-              Modules = ejabberd_config:get_local_option(
+              Modules = ejabberd_config:get_option(
                           {modules, Host},
                           fun(Mods) ->
                                   lists:map(
@@ -142,7 +151,7 @@ start_modules() ->
 stop_modules() ->
     lists:foreach(
       fun(Host) ->
-              Modules = ejabberd_config:get_local_option(
+              Modules = ejabberd_config:get_option(
                           {modules, Host},
                           fun(Mods) ->
                                   lists:map(
@@ -157,7 +166,7 @@ stop_modules() ->
       end, ?MYHOSTS).
 
 connect_nodes() ->
-    Nodes = ejabberd_config:get_local_option(
+    Nodes = ejabberd_config:get_option(
               cluster_nodes,
               fun(Ns) ->
                       true = lists:all(fun is_atom/1, Ns),
@@ -167,26 +176,6 @@ connect_nodes() ->
                           net_kernel:connect_node(Node)
                   end, Nodes).
 
-%% @spec () -> string()
-%% @doc Returns the full path to the ejabberd log file.
-%% It first checks for application configuration parameter 'log_path'.
-%% If not defined it checks the environment variable EJABBERD_LOG_PATH.
-%% And if that one is neither defined, returns the default value:
-%% "ejabberd.log" in current directory.
-get_log_path() ->
-    case application:get_env(log_path) of
-	{ok, Path} ->
-	    Path;
-	undefined ->
-	    case os:getenv("EJABBERD_LOG_PATH") of
-		false ->
-		    ?LOG_PATH;
-		Path ->
-		    Path
-	    end
-    end.
-
-
 %% If ejabberd is running on some Windows machine, get nameservers and add to Erlang
 maybe_add_nameservers() ->
     case os:type() of
@@ -201,10 +190,12 @@ add_windows_nameservers() ->
 
 
 broadcast_c2s_shutdown() ->
-    Children = supervisor:which_children(ejabberd_c2s_sup),
+    Children = ejabberd_sm:get_all_pids(),
     lists:foreach(
-      fun({_, C2SPid, _, _}) ->
-	      C2SPid ! system_shutdown
+      fun(C2SPid) when node(C2SPid) == node() ->
+	      C2SPid ! system_shutdown;
+	 (_) ->
+	      ok
       end, Children).
 
 %%%
@@ -237,23 +228,17 @@ delete_pid_file() ->
 	    file:delete(PidFilename)
     end.
 
-
--ifdef(LAGER).
-
-maybe_start_lager() ->
-    lager:start().
-
--else.
-
-maybe_start_lager() ->
-    ok.
-
--endif.
-
+set_loglevel_from_config() ->
+    Level = ejabberd_config:get_option(
+              loglevel,
+              fun(P) when P>=0, P=<5 -> P end,
+              4),
+    ejabberd_logger:set(Level).
 
 start_apps() ->
     ejabberd:start_app(sasl),
     ejabberd:start_app(ssl),
+    ejabberd:start_app(p1_yaml),
     ejabberd:start_app(p1_tls),
     ejabberd:start_app(p1_xml),
     ejabberd:start_app(p1_stringprep),

src/ejabberd_auth.erl

@@ -5,7 +5,7 @@
 %%% Created : 23 Nov 2002 by Alexey Shchepin <alexey@process-one.net>
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -17,10 +17,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 
@@ -35,8 +34,8 @@
 	 check_password/5, check_password_with_authmodule/3,
 	 check_password_with_authmodule/5, try_register/3,
 	 dirty_get_registered_users/0, get_vh_registered_users/1,
-	 get_vh_registered_users/2, export/1,
-	 get_vh_registered_users_number/1,
+	 get_vh_registered_users/2, export/1, import/1,
+	 get_vh_registered_users_number/1, import/3,
 	 get_vh_registered_users_number/2, get_password/2,
 	 get_password_s/2, get_password_with_authmodule/2,
 	 is_user_exists/2, is_user_exists_in_other_modules/3,
@@ -301,6 +300,9 @@ get_password_with_authmodule(User, Server) ->
 
 -spec is_user_exists(binary(), binary()) -> boolean().
 
+is_user_exists(User, <<"">>) ->
+    false;
+
 is_user_exists(User, Server) ->
 %% Check if the user exists in all authentications module except the module
 %% passed as parameter
@@ -423,7 +425,7 @@ auth_modules() ->
 %% Return the list of authenticated modules for a given host
 auth_modules(Server) ->
     LServer = jlib:nameprep(Server),
-    Methods = ejabberd_config:get_local_option(
+    Methods = ejabberd_config:get_option(
                 {auth_method, LServer},
                 fun(V) when is_list(V) ->
                         true = lists:all(fun is_atom/1, V),
@@ -437,3 +439,13 @@ auth_modules(Server) ->
 
 export(Server) ->
     ejabberd_auth_internal:export(Server).
+
+import(Server) ->
+    ejabberd_auth_internal:import(Server).
+
+import(Server, mnesia, Passwd) ->
+    ejabberd_auth_internal:import(Server, mnesia, Passwd);
+import(Server, riak, Passwd) ->
+    ejabberd_auth_riak:import(Server, riak, Passwd);
+import(_, _, _) ->
+    pass.

src/ejabberd_auth_anonymous.erl

@@ -5,7 +5,7 @@
 %%% Created : 17 Feb 2006 by Mickael Remond <mremond@process-one.net>
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -17,10 +17,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 
@@ -104,7 +103,7 @@ is_login_anonymous_enabled(Host) ->
 %% Return the anonymous protocol to use: sasl_anon|login_anon|both
 %% defaults to login_anon
 anonymous_protocol(Host) ->
-    ejabberd_config:get_local_option(
+    ejabberd_config:get_option(
       {anonymous_protocol, Host},
       fun(sasl_anon) -> sasl_anon;
          (login_anon) -> login_anon;
@@ -115,7 +114,7 @@ anonymous_protocol(Host) ->
 %% Return true if multiple connections have been allowed in the config file
 %% defaults to false
 allow_multiple_connections(Host) ->
-    ejabberd_config:get_local_option(
+    ejabberd_config:get_option(
       {allow_multiple_connections, Host},
       fun(V) when is_boolean(V) -> V end,
       false).

src/ejabberd_auth_external.erl

@@ -5,7 +5,7 @@
 %%% Created : 12 Dec 2004 by Alexey Shchepin <alexey@process-one.net>
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -17,10 +17,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 
@@ -48,17 +47,15 @@
 %%% API
 %%%----------------------------------------------------------------------
 start(Host) ->
-    Cmd = ejabberd_config:get_local_option(
+    Cmd = ejabberd_config:get_option(
             {extauth_program, Host},
             fun(V) ->
                     binary_to_list(iolist_to_binary(V))
             end,
             "extauth"),
     extauth:start(Host, Cmd),
-    case check_cache_last_options(Host) of
-      cache -> ok = ejabberd_auth_internal:start(Host);
-      no_cache -> ok
-    end.
+    check_cache_last_options(Host),
+    ejabberd_auth_internal:start(Host).
 
 check_cache_last_options(Server) ->
     case get_cache_option(Server) of
@@ -171,9 +168,11 @@ remove_user(User, Server, Password) ->
 
 %% @spec (Host::string()) -> false | {true, CacheTime::integer()}
 get_cache_option(Host) ->
-    case ejabberd_config:get_local_option(
+    case ejabberd_config:get_option(
            {extauth_cache, Host},
-           fun(I) when is_integer(I), I > 0 -> I end) of
+           fun(false) -> undefined;
+              (I) when is_integer(I), I >= 0 -> I
+           end) of
         undefined -> false;
         CacheTime -> {true, CacheTime}
     end.
@@ -187,6 +186,8 @@ check_password_extauth(User, Server, Password) ->
 try_register_extauth(User, Server, Password) ->
     extauth:try_register(User, Server, Password).
 
+check_password_cache(User, Server, Password, 0) ->
+    check_password_external_cache(User, Server, Password);
 check_password_cache(User, Server, Password,
 		     CacheTime) ->
     case get_last_access(User, Server) of

src/ejabberd_auth_internal.erl

@@ -5,7 +5,7 @@
 %%% Created : 12 Dec 2004 by Alexey Shchepin <alexey@process-one.net>
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -17,10 +17,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 
@@ -38,8 +37,8 @@
 	 get_vh_registered_users_number/1,
 	 get_vh_registered_users_number/2, get_password/2,
 	 get_password_s/2, is_user_exists/2, remove_user/2,
-	 remove_user/3, store_type/0, export/1,
-	 plain_password_required/0]).
+	 remove_user/3, store_type/0, export/1, import/1,
+	 import/3, plain_password_required/0]).
 
 -include("ejabberd.hrl").
 -include("logger.hrl").
@@ -406,7 +405,7 @@ is_scrammed() ->
 
 is_option_scram() ->
     scram ==
-      ejabberd_config:get_local_option({auth_password_format, ?MYNAME},
+      ejabberd_config:get_option({auth_password_format, ?MYNAME},
                                        fun(V) -> V end).
 
 maybe_alert_password_scrammed_without_option() ->
@@ -474,3 +473,14 @@ export(_Server) ->
          (_Host, _R) ->
               []
       end}].
+
+import(LServer) ->
+    [{<<"select username, password from users;">>,
+      fun([LUser, Password]) ->
+              #passwd{us = {LUser, LServer}, password = Password}
+      end}].
+
+import(_LServer, mnesia, #passwd{} = P) ->
+    mnesia:dirty_write(P);
+import(_, _, _) ->
+    pass.

src/ejabberd_auth_ldap.erl

@@ -5,7 +5,7 @@
 %%% Created : 12 Dec 2004 by Alexey Shchepin <alexey@process-one.net>
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -17,10 +17,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 
@@ -369,8 +368,10 @@ parse_options(Host) ->
                                    {iolist_to_binary(U),
                                     iolist_to_binary(P)};
                               ({U}) ->
+                                   {iolist_to_binary(U)};
+                              (U) ->
                                    {iolist_to_binary(U)}
-                           end, Us)
+                           end, lists:flatten(Us))
                  end, [{<<"uid">>, <<"%u">>}]),
     UIDs = eldap_utils:uids_domain_subst(Host, UIDsTemp),
     SubFilter =	eldap_utils:generate_subfilter(UIDs),
@@ -386,7 +387,7 @@ parse_options(Host) ->
 				       [{<<"%u">>, <<"*">>}]),
     {DNFilter, DNFilterAttrs} =
         eldap_utils:get_opt({ldap_dn_filter, Host}, [],
-                            fun({DNF, DNFA}) ->
+                            fun([{DNF, DNFA}]) ->
                                     NewDNFA = case DNFA of
                                                   undefined ->
                                                       [];

src/ejabberd_auth_odbc.erl

@@ -5,7 +5,7 @@
 %%% Created : 12 Dec 2004 by Alexey Shchepin <alexey@process-one.net>
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -17,10 +17,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 

src/ejabberd_auth_pam.erl

@@ -5,7 +5,7 @@
 %%% Created : 5 Jul 2007 by Evgeniy Khramtsov <xram@jabber.ru>
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -17,10 +17,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%-------------------------------------------------------------------
 -module(ejabberd_auth_pam).
@@ -107,13 +106,13 @@ store_type() -> external.
 %% Internal functions
 %%====================================================================
 get_pam_service(Host) ->
-    ejabberd_config:get_local_option(
+    ejabberd_config:get_option(
       {pam_service, Host},
       fun iolist_to_binary/1,
       <<"ejabberd">>).
 
 get_pam_userinfotype(Host) ->
-    ejabberd_config:get_local_option(
+    ejabberd_config:get_option(
       {pam_userinfotype, Host},
       fun(username) -> username;
          (jid) -> jid

src/ejabberd_auth_riak.erl

@@ -0,0 +1,296 @@
+%%%----------------------------------------------------------------------
+%%% File    : ejabberd_auth_riak.erl
+%%% Author  : Evgeniy Khramtsov <ekhramtsov@process-one.net>
+%%% Purpose : Authentification via Riak
+%%% Created : 12 Nov 2012 by Evgeniy Khramtsov <ekhramtsov@process-one.net>
+%%%
+%%%
+%%% ejabberd, Copyright (C) 2002-2012   ProcessOne
+%%%
+%%% This program is free software; you can redistribute it and/or
+%%% modify it under the terms of the GNU General Public License as
+%%% published by the Free Software Foundation; either version 2 of the
+%%% License, or (at your option) any later version.
+%%%
+%%% This program is distributed in the hope that it will be useful,
+%%% but WITHOUT ANY WARRANTY; without even the implied warranty of
+%%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+%%% General Public License for more details.
+%%%
+%%% You should have received a copy of the GNU General Public License
+%%% along with this program; if not, write to the Free Software
+%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+%%% 02111-1307 USA
+%%%
+%%%----------------------------------------------------------------------
+
+-module(ejabberd_auth_riak).
+
+-author('alexey@process-one.net').
+
+-behaviour(ejabberd_auth).
+
+%% External exports
+-export([start/1, set_password/3, check_password/3,
+	 check_password/5, try_register/3,
+	 dirty_get_registered_users/0, get_vh_registered_users/1,
+	 get_vh_registered_users/2,
+	 get_vh_registered_users_number/1,
+	 get_vh_registered_users_number/2, get_password/2,
+	 get_password_s/2, is_user_exists/2, remove_user/2,
+	 remove_user/3, store_type/0, export/1, import/3,
+	 plain_password_required/0]).
+-export([passwd_schema/0]).
+
+-include("ejabberd.hrl").
+
+-record(passwd, {us = {<<"">>, <<"">>} :: {binary(), binary()} | '$1',
+                 password = <<"">> :: binary() | scram() | '_'}).
+
+-define(SALT_LENGTH, 16).
+
+start(_Host) ->
+    ok.
+
+plain_password_required() ->
+    case is_scrammed() of
+      false -> false;
+      true -> true
+    end.
+
+store_type() ->
+    case is_scrammed() of
+      false -> plain; %% allows: PLAIN DIGEST-MD5 SCRAM
+      true -> scram %% allows: PLAIN SCRAM
+    end.
+
+passwd_schema() ->
+    {record_info(fields, passwd), #passwd{}}.
+
+check_password(User, Server, Password) ->
+    LUser = jlib:nodeprep(User),
+    LServer = jlib:nameprep(Server),
+    case ejabberd_riak:get(passwd, passwd_schema(), {LUser, LServer}) of
+        {ok, #passwd{password = Password}} when is_binary(Password) ->
+            Password /= <<"">>;
+        {ok, #passwd{password = Scram}} when is_record(Scram, scram) ->
+            is_password_scram_valid(Password, Scram);
+        _ ->
+            false
+    end.
+
+check_password(User, Server, Password, Digest,
+	       DigestGen) ->
+    LUser = jlib:nodeprep(User),
+    LServer = jlib:nameprep(Server),
+    case ejabberd_riak:get(passwd, passwd_schema(), {LUser, LServer}) of
+      {ok, #passwd{password = Passwd}} when is_binary(Passwd) ->
+	  DigRes = if Digest /= <<"">> ->
+			  Digest == DigestGen(Passwd);
+		      true -> false
+		   end,
+	  if DigRes -> true;
+	     true -> (Passwd == Password) and (Password /= <<"">>)
+	  end;
+      {ok, #passwd{password = Scram}}
+	  when is_record(Scram, scram) ->
+	  Passwd = jlib:decode_base64(Scram#scram.storedkey),
+	  DigRes = if Digest /= <<"">> ->
+			  Digest == DigestGen(Passwd);
+		      true -> false
+		   end,
+	  if DigRes -> true;
+	     true -> (Passwd == Password) and (Password /= <<"">>)
+	  end;
+      _ -> false
+    end.
+
+set_password(User, Server, Password) ->
+    LUser = jlib:nodeprep(User),
+    LServer = jlib:nameprep(Server),
+    US = {LUser, LServer},
+    if (LUser == error) or (LServer == error) ->
+	   {error, invalid_jid};
+       true ->
+            Password2 = case is_scrammed() and is_binary(Password)
+                        of
+                            true -> password_to_scram(Password);
+                            false -> Password
+                        end,
+            ok = ejabberd_riak:put(#passwd{us = US, password = Password2},
+				   passwd_schema(),
+                                   [{'2i', [{<<"host">>, LServer}]}])
+    end.
+
+try_register(User, Server, PasswordList) ->
+    LUser = jlib:nodeprep(User),
+    LServer = jlib:nameprep(Server),
+    Password = iolist_to_binary(PasswordList),
+    US = {LUser, LServer},
+    if (LUser == error) or (LServer == error) ->
+	   {error, invalid_jid};
+       true ->
+            case ejabberd_riak:get(passwd, passwd_schema(), US) of
+                {error, notfound} ->
+                    Password2 = case is_scrammed() and
+                                    is_binary(Password)
+                                of
+                                    true -> password_to_scram(Password);
+                                    false -> Password
+                                end,
+                    {atomic, ejabberd_riak:put(
+                               #passwd{us = US,
+                                       password = Password2},
+			       passwd_schema(),
+                               [{'2i', [{<<"host">>, LServer}]}])};
+                {ok, _} ->
+                    exists;
+                Err ->
+                    {atomic, Err}
+            end
+    end.
+
+dirty_get_registered_users() ->
+    lists:flatmap(
+      fun(Server) ->
+              get_vh_registered_users(Server)
+      end, ejabberd_config:get_vh_by_auth_method(riak)).
+
+get_vh_registered_users(Server) ->
+    LServer = jlib:nameprep(Server),
+    case ejabberd_riak:get_keys_by_index(passwd, <<"host">>, LServer) of
+        {ok, Users} ->
+            Users;
+        _ ->
+            []
+    end.
+
+get_vh_registered_users(Server, _) ->
+    get_vh_registered_users(Server).
+
+get_vh_registered_users_number(Server) ->
+    LServer = jlib:nameprep(Server),
+    case ejabberd_riak:count_by_index(passwd, <<"host">>, LServer) of
+        {ok, N} ->
+            N;
+        _ ->
+            0
+    end.
+
+get_vh_registered_users_number(Server, _) ->
+    get_vh_registered_users_number(Server).
+
+get_password(User, Server) ->
+    LUser = jlib:nodeprep(User),
+    LServer = jlib:nameprep(Server),
+    case ejabberd_riak:get(passwd, passwd_schema(), {LUser, LServer}) of
+      {ok, #passwd{password = Password}}
+	  when is_binary(Password) ->
+	  Password;
+      {ok, #passwd{password = Scram}}
+	  when is_record(Scram, scram) ->
+	  {jlib:decode_base64(Scram#scram.storedkey),
+	   jlib:decode_base64(Scram#scram.serverkey),
+	   jlib:decode_base64(Scram#scram.salt),
+	   Scram#scram.iterationcount};
+      _ -> false
+    end.
+
+get_password_s(User, Server) ->
+    LUser = jlib:nodeprep(User),
+    LServer = jlib:nameprep(Server),
+    case ejabberd_riak:get(passwd, passwd_schema(), {LUser, LServer}) of
+      {ok, #passwd{password = Password}}
+	  when is_binary(Password) ->
+	  Password;
+      {ok, #passwd{password = Scram}}
+	  when is_record(Scram, scram) ->
+	  <<"">>;
+      _ -> <<"">>
+    end.
+
+is_user_exists(User, Server) ->
+    LUser = jlib:nodeprep(User),
+    LServer = jlib:nameprep(Server),
+    case ejabberd_riak:get(passwd, passwd_schema(), {LUser, LServer}) of
+      {error, notfound} -> false;
+      {ok, _} -> true;
+      Err -> Err
+    end.
+
+remove_user(User, Server) ->
+    LUser = jlib:nodeprep(User),
+    LServer = jlib:nameprep(Server),
+    ejabberd_riak:delete(passwd, {LUser, LServer}),
+    ok.
+
+remove_user(User, Server, Password) ->
+    LUser = jlib:nodeprep(User),
+    LServer = jlib:nameprep(Server),
+    case ejabberd_riak:get(passwd, passwd_schema(), {LUser, LServer}) of
+        {ok, #passwd{password = Password}}
+          when is_binary(Password) ->
+            ejabberd_riak:delete(passwd, {LUser, LServer}),
+            ok;
+        {ok, #passwd{password = Scram}}
+          when is_record(Scram, scram) ->
+            case is_password_scram_valid(Password, Scram) of
+                true ->
+                    ejabberd_riak:delete(passwd, {LUser, LServer}),
+                    ok;
+                false -> not_allowed
+            end;
+        _ -> not_exists
+    end.
+
+%%%
+%%% SCRAM
+%%%
+
+is_scrammed() ->
+    scram ==
+      ejabberd_config:get_local_option({auth_password_format, ?MYNAME},
+                                       fun(V) -> V end).
+
+password_to_scram(Password) ->
+    password_to_scram(Password,
+		      ?SCRAM_DEFAULT_ITERATION_COUNT).
+
+password_to_scram(Password, IterationCount) ->
+    Salt = crypto:rand_bytes(?SALT_LENGTH),
+    SaltedPassword = scram:salted_password(Password, Salt,
+					   IterationCount),
+    StoredKey =
+	scram:stored_key(scram:client_key(SaltedPassword)),
+    ServerKey = scram:server_key(SaltedPassword),
+    #scram{storedkey = jlib:encode_base64(StoredKey),
+	   serverkey = jlib:encode_base64(ServerKey),
+	   salt = jlib:encode_base64(Salt),
+	   iterationcount = IterationCount}.
+
+is_password_scram_valid(Password, Scram) ->
+    IterationCount = Scram#scram.iterationcount,
+    Salt = jlib:decode_base64(Scram#scram.salt),
+    SaltedPassword = scram:salted_password(Password, Salt,
+					   IterationCount),
+    StoredKey =
+	scram:stored_key(scram:client_key(SaltedPassword)),
+    jlib:decode_base64(Scram#scram.storedkey) == StoredKey.
+
+export(_Server) ->
+    [{passwd,
+      fun(Host, #passwd{us = {LUser, LServer}, password = Password})
+            when LServer == Host ->
+              Username = ejabberd_odbc:escape(LUser),
+              Pass = ejabberd_odbc:escape(Password),
+              [[<<"delete from users where username='">>, Username, <<"';">>],
+               [<<"insert into users(username, password) "
+                  "values ('">>, Username, <<"', '">>, Pass, <<"');">>]];
+         (_Host, _R) ->
+              []
+      end}].
+
+import(LServer, riak, #passwd{} = Passwd) ->
+    ejabberd_riak:put(Passwd, passwd_schema(), [{'2i', [{<<"host">>, LServer}]}]);
+import(_, _, _) ->
+    pass.

src/ejabberd_c2s_config.erl

@@ -6,7 +6,7 @@
 %%% Created :  2 Nov 2007 by Mickael Remond <mremond@process-one.net>
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -18,10 +18,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 
@@ -34,7 +33,7 @@
 %% Get first c2s configuration limitations to apply it to other c2s
 %% connectors.
 get_c2s_limits() ->
-    case ejabberd_config:get_local_option(listen, fun(V) -> V end) of
+    case ejabberd_config:get_option(listen, fun(V) -> V end) of
       undefined -> [];
       C2SFirstListen ->
 	  case lists:keysearch(ejabberd_c2s, 2, C2SFirstListen) of

src/ejabberd_captcha.erl

@@ -5,7 +5,7 @@
 %%% Created : 26 Apr 2008 by Evgeniy Khramtsov <xramtsov@gmail.com>
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -17,10 +17,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%-------------------------------------------------------------------
 
@@ -504,7 +503,7 @@ do_create_image(Key) ->
     end.
 
 get_prog_name() ->
-    case ejabberd_config:get_local_option(
+    case ejabberd_config:get_option(
            captcha_cmd,
            fun(FileName) ->
                    F = iolist_to_binary(FileName),
@@ -521,7 +520,7 @@ get_prog_name() ->
     end.
 
 get_url(Str) ->
-    CaptchaHost = ejabberd_config:get_local_option(
+    CaptchaHost = ejabberd_config:get_option(
                     captcha_host,
                     fun iolist_to_binary/1,
                     <<"">>),
@@ -549,7 +548,7 @@ get_transfer_protocol(PortString) ->
     get_captcha_transfer_protocol(PortListeners).
 
 get_port_listeners(PortNumber) ->
-    AllListeners = ejabberd_config:get_local_option(listen, fun(V) -> V end),
+    AllListeners = ejabberd_config:get_option(listen, fun(V) -> V end),
     lists:filter(fun ({{Port, _Ip, _Netp}, _Module1,
 		       _Opts1})
 			 when Port == PortNumber ->
@@ -579,7 +578,7 @@ get_captcha_transfer_protocol([_ | Listeners]) ->
 
 is_limited(undefined) -> false;
 is_limited(Limiter) ->
-    case ejabberd_config:get_local_option(
+    case ejabberd_config:get_option(
            captcha_limit,
            fun(I) when is_integer(I), I > 0 -> I end) of
       undefined -> false;

src/ejabberd_check.erl

@@ -1,111 +0,0 @@
-%%%----------------------------------------------------------------------
-%%% File    : ejabberd_check.erl
-%%% Author  : Mickael Remond <mremond@process-one.net>
-%%% Purpose : Check ejabberd configuration and 
-%%% Created : 27 Feb 2008 by Mickael Remond <mremond@process-one.net>
-%%%
-%%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
-%%%
-%%% This program is free software; you can redistribute it and/or
-%%% modify it under the terms of the GNU General Public License as
-%%% published by the Free Software Foundation; either version 2 of the
-%%% License, or (at your option) any later version.
-%%%
-%%% This program is distributed in the hope that it will be useful,
-%%% but WITHOUT ANY WARRANTY; without even the implied warranty of
-%%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-%%% General Public License for more details.
-%%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
-%%%
-%%%----------------------------------------------------------------------
-
--module(ejabberd_check).
-
--export([libs/0, config/0]).
-
--include("ejabberd.hrl").
--include("logger.hrl").
--include("ejabberd_config.hrl").
-
-%% TODO:
-%% We want to implement library checking at launch time to issue
-%% human readable user messages.
-libs() ->
-    ok.
-
-%% @doc Consistency check on ejabberd configuration
-config() ->
-    check_database_modules().
-
-check_database_modules() ->
-     [check_database_module(M)||M<-get_db_used()].
-
-check_database_module(odbc) ->
-    check_modules(odbc, [odbc, odbc_app, odbc_sup, ejabberd_odbc, ejabberd_odbc_sup, odbc_queries]);
-check_database_module(mysql) ->
-    check_modules(mysql, [mysql, mysql_auth, mysql_conn, mysql_recv]);
-check_database_module(pgsql) ->
-    check_modules(pgsql, [pgsql, pgsql_proto, pgsql_tcp, pgsql_util]).
-
-%% @doc Issue a critical error and throw an exit if needing module is
-%% missing.
-check_modules(DB, Modules) ->
-    case get_missing_modules(Modules) of
-	[] ->
-	    ok;
-	MissingModules when is_list(MissingModules) ->
-	    ?CRITICAL_MSG("ejabberd is configured to use '~p', but the following Erlang modules are not installed: '~p'", [DB, MissingModules]),
-	    exit(database_module_missing)
-    end.
-
-
-%% @doc Return the list of undefined modules
-get_missing_modules(Modules) ->
-    lists:filter(fun(Module) ->
-			 case catch Module:module_info() of
-			     {'EXIT', {undef, _}} ->
-				 true;
-			     _ -> false
-			 end
-		 end, Modules).
-
-%% @doc Return the list of databases used
-get_db_used() ->
-    %% Retrieve domains with a database configured:
-    Domains = 
-	ets:match(local_config, #local_config{key={odbc_server, '$1'},
-					      value='$2'}),
-    %% Check that odbc is the auth method used for those domains:
-    %% and return the database name
-    DBs = lists:foldr(
-	    fun([Domain, DB], Acc) ->
-		    case check_odbc_option(
-			   ejabberd_config:get_local_option(
-			     {auth_method, Domain}, fun(V) -> V end)) of
-			true -> [get_db_type(DB)|Acc];
-			_ -> Acc
-		    end
-	    end,
-	    [], Domains),
-    lists:usort(DBs).
-
-%% @doc Depending in the DB definition, return which type of DB this is.
-%% Note that MSSQL is detected as ODBC.
-%% @spec (DB) -> mysql | pgsql | odbc
-get_db_type(DB) when is_tuple(DB) ->
-    element(1, DB);
-get_db_type(DB) when is_list(DB) ->
-    odbc.
-
-%% @doc Return true if odbc option is used
-check_odbc_option(odbc) ->
-    true;
-check_odbc_option(AuthMethods) when is_list(AuthMethods) ->
-    lists:member(odbc, AuthMethods);
-check_odbc_option(_) ->
-    false.

src/ejabberd_commands.erl

@@ -5,7 +5,7 @@
 %%% Created : 20 May 2008 by Badlop <badlop@process-one.net>
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -17,10 +17,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 

src/ejabberd_config.erl

@@ -5,7 +5,7 @@
 %%% Created : 14 Dec 2002 by Alexey Shchepin <alexey@process-one.net>
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -17,25 +17,25 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 
 -module(ejabberd_config).
 -author('alexey@process-one.net').
 
--export([start/0, load_file/1,
+-export([start/0, load_file/1, read_file/1,
 	 add_global_option/2, add_local_option/2,
 	 get_global_option/2, get_local_option/2,
-         get_global_option/3, get_local_option/3]).
--export([get_vh_by_auth_method/1]).
--export([is_file_readable/1]).
--export([get_version/0, get_myhosts/0, get_mylang/0]).
--export([prepare_opt_val/4]).
--export([convert_table_to_binary/5]).
+         get_global_option/3, get_local_option/3,
+         get_option/2, get_option/3, add_option/2,
+         get_vh_by_auth_method/1, is_file_readable/1,
+         get_version/0, get_myhosts/0, get_mylang/0,
+         prepare_opt_val/4, convert_table_to_binary/5,
+         transform_options/1, collect_options/1,
+         convert_to_yaml/1, convert_to_yaml/2]).
 
 -include("ejabberd.hrl").
 -include("logger.hrl").
@@ -52,25 +52,36 @@
 
 
 start() ->
-    mnesia:create_table(config,
-			[{disc_copies, [node()]},
-			 {attributes, record_info(fields, config)}]),
-    mnesia:add_table_copy(config, node(), ram_copies),
+    case catch mnesia:table_info(local_config, storage_type) of
+        disc_copies ->
+            mnesia:delete_table(local_config);
+        _ ->
+            ok
+    end,
     mnesia:create_table(local_config,
-			[{disc_copies, [node()]},
+			[{ram_copies, [node()]},
 			 {local_content, true},
 			 {attributes, record_info(fields, local_config)}]),
     mnesia:add_table_copy(local_config, node(), ram_copies),
     Config = get_ejabberd_config_path(),
-    load_file(Config),
+    State = read_file(Config),
     %% This start time is used by mod_last:
-    add_local_option(node_start, now()),
-    ok.
+    {MegaSecs, Secs, _} = now(),
+    UnixTime = MegaSecs*1000000 + Secs,
+    SharedKey = case erlang:get_cookie() of
+                    nocookie ->
+                        p1_sha:sha(randoms:get_string());
+                    Cookie ->
+                        p1_sha:sha(jlib:atom_to_binary(Cookie))
+                end,
+    State1 = set_option({node_start, global}, UnixTime, State),
+    State2 = set_option({shared_key, global}, SharedKey, State1),
+    set_opts(State2).
 
 %% @doc Get the filename of the ejabberd configuration file.
-%% The filename can be specified with: erl -config "/path/to/ejabberd.cfg".
+%% The filename can be specified with: erl -config "/path/to/ejabberd.yml".
 %% It can also be specified with the environtment variable EJABBERD_CONFIG_PATH.
-%% If not specified, the default value 'ejabberd.cfg' is assumed.
+%% If not specified, the default value 'ejabberd.yml' is assumed.
 %% @spec () -> string()
 get_ejabberd_config_path() ->
     case application:get_env(config) of
@@ -84,16 +95,59 @@ get_ejabberd_config_path() ->
 	    end
     end.
 
-%% @doc Load the ejabberd configuration file.
+%% @doc Read the ejabberd configuration file.
 %% It also includes additional configuration files and replaces macros.
 %% This function will crash if finds some error in the configuration file.
-%% @spec (File::string()) -> ok
-load_file(File) ->
-    Terms = get_plain_terms_file(File),
+%% @spec (File::string()) -> #state{}.
+read_file(File) ->
+    read_file(File, [{replace_macros, true},
+                     {include_files, true}]).
+
+read_file(File, Opts) ->
+    Terms1 = get_plain_terms_file(File, Opts),
+    Terms_macros = case proplists:get_bool(replace_macros, Opts) of
+                       true -> replace_macros(Terms1);
+                       false -> Terms1
+                   end,
+    Terms = transform_terms(Terms_macros),
     State = lists:foldl(fun search_hosts/2, #state{}, Terms),
-    Terms_macros = replace_macros(Terms),
-    Res = lists:foldl(fun process_term/2, State, Terms_macros),
-    set_opts(Res).
+    {Head, Tail} = lists:partition(
+                     fun({host_config, _}) -> false;
+                        ({append_host_config, _}) -> false;
+                        (_) -> true
+                     end, Terms),
+    State1 = lists:foldl(fun process_term/2, State, Head ++ Tail),
+    State1#state{opts = compact(State1#state.opts)}.
+
+-spec load_file(string()) -> ok.
+
+load_file(File) ->
+    State = read_file(File),
+    set_opts(State).
+
+-spec convert_to_yaml(file:filename()) -> ok | {error, any()}.
+
+convert_to_yaml(File) ->
+    convert_to_yaml(File, stdout).
+
+-spec convert_to_yaml(file:filename(),
+                      stdout | file:filename()) -> ok | {error, any()}.
+
+convert_to_yaml(File, Output) ->
+    State = read_file(File, [{include_files, false}]),
+    Opts = [{K, V} || #local_config{key = K, value = V} <- State#state.opts],
+    {GOpts, HOpts} = split_by_hosts(Opts),
+    NewOpts = GOpts ++ lists:map(
+                         fun({Host, Opts1}) ->
+                                 {host_config, [{Host, Opts1}]}
+                         end, HOpts),
+    Data = p1_yaml:encode(lists:reverse(NewOpts)),
+    case Output of
+        stdout ->
+            io:format("~s~n", [Data]);
+        FileName ->
+            file:write_file(FileName, Data)
+    end.
 
 %% @doc Read an ejabberd configuration file and return the terms.
 %% Input is an absolute or relative path to an ejabberd config file.
@@ -102,22 +156,49 @@ load_file(File) ->
 %% and the terms in those files were included.
 %% @spec(string()) -> [term()]
 %% @spec(iolist()) -> [term()]
-get_plain_terms_file(File) when is_binary(File) ->
-    get_plain_terms_file(binary_to_list(File));
-get_plain_terms_file(File1) ->
+get_plain_terms_file(File) ->
+    get_plain_terms_file(File, [{include_files, true}]).
+
+get_plain_terms_file(File, Opts) when is_binary(File) ->
+    get_plain_terms_file(binary_to_list(File), Opts);
+get_plain_terms_file(File1, Opts) ->
     File = get_absolute_path(File1),
-    case file:consult(File) of
+    case consult(File) of
 	{ok, Terms} ->
             BinTerms = strings_to_binary(Terms),
-	    include_config_files(BinTerms);
-	{error, {LineNumber, erl_parse, _ParseMessage} = Reason} ->
-	    ExitText = describe_config_problem(File, Reason, LineNumber),
-	    ?ERROR_MSG(ExitText, []),
-	    exit_or_halt(ExitText);
+            case proplists:get_bool(include_files, Opts) of
+                true ->
+                    include_config_files(BinTerms);
+                false ->
+                    BinTerms
+            end;
 	{error, Reason} ->
-	    ExitText = describe_config_problem(File, Reason),
-	    ?ERROR_MSG(ExitText, []),
-	    exit_or_halt(ExitText)
+	    ?ERROR_MSG(Reason, []),
+	    exit_or_halt(Reason)
+    end.
+
+consult(File) ->
+    case filename:extension(File) of
+        ".yml" ->
+            case p1_yaml:decode_from_file(File, [plain_as_atom]) of
+                {ok, []} ->
+                    {ok, []};
+                {ok, [Document|_]} ->
+                    {ok, Document};
+                {error, Err} ->
+                    Msg1 = "Cannot load " ++ File ++ ": ",
+                    Msg2 = p1_yaml:format_error(Err),
+                    {error, Msg1 ++ Msg2}
+            end;
+        _ ->
+            case file:consult(File) of
+                {ok, Terms} ->
+                    {ok, Terms};
+                {error, {LineNumber, erl_parse, _ParseMessage} = Reason} ->
+                    {error, describe_config_problem(File, Reason, LineNumber)};
+                {error, Reason} ->
+                    {error, describe_config_problem(File, Reason)}
+            end
     end.
 
 %% @doc Convert configuration filename to absolute path.
@@ -129,9 +210,8 @@ get_absolute_path(File) ->
 	absolute ->
 	    File;
 	relative ->
-	    Config_path = get_ejabberd_config_path(),
-	    Config_dir = filename:dirname(Config_path),
-	    filename:absname_join(Config_dir, File)
+	    {ok, Dir} = file:get_cwd(),
+	    filename:absname_join(Dir, File)
     end.
 
 
@@ -161,7 +241,7 @@ search_hosts(Term, State) ->
 
 add_hosts_to_option(Hosts, State) ->
     PrepHosts = normalize_hosts(Hosts),
-    add_option(hosts, PrepHosts, State#state{hosts = PrepHosts}).
+    set_option({hosts, global}, PrepHosts, State#state{hosts = PrepHosts}).
 
 normalize_hosts(Hosts) ->
     normalize_hosts(Hosts,[]).
@@ -235,21 +315,37 @@ exit_or_halt(ExitText) ->
 %% @doc Include additional configuration files in the list of terms.
 %% @spec ([term()]) -> [term()]
 include_config_files(Terms) ->
-    include_config_files(Terms, []).
+    {FileOpts, Terms1} =
+        lists:mapfoldl(
+          fun({include_config_file, _} = T, Ts) ->
+                  {[transform_include_option(T)], Ts};
+             ({include_config_file, _, _} = T, Ts) ->
+                  {[transform_include_option(T)], Ts};
+             (T, Ts) ->
+                  {[], [T|Ts]}
+          end, [], Terms),
+    Terms2 = lists:flatmap(
+               fun({File, Opts}) ->
+                       include_config_file(File, Opts)
+               end, lists:flatten(FileOpts)),
+    Terms1 ++ Terms2.
 
-include_config_files([], Res) ->
-    Res;
-include_config_files([{include_config_file, Filename} | Terms], Res) ->
-    include_config_files([{include_config_file, Filename, []} | Terms], Res);
-include_config_files([{include_config_file, Filename, Options} | Terms], Res) ->
+transform_include_option({include_config_file, File}) when is_list(File) ->
+    case is_string(File) of
+        true -> {File, []};
+        false -> File
+    end;
+transform_include_option({include_config_file, Filename}) ->
+    {Filename, []};
+transform_include_option({include_config_file, Filename, Options}) ->
+    {Filename, Options}.
+
+include_config_file(Filename, Options) ->
     Included_terms = get_plain_terms_file(Filename),
     Disallow = proplists:get_value(disallow, Options, []),
     Included_terms2 = delete_disallowed(Disallow, Included_terms),
     Allow_only = proplists:get_value(allow_only, Options, all),
-    Included_terms3 = keep_only_allowed(Allow_only, Included_terms2),
-    include_config_files(Terms, Res ++ Included_terms3);
-include_config_files([Term | Terms], Res) ->
-    include_config_files(Terms, Res ++ [Term]).
+    keep_only_allowed(Allow_only, Included_terms2).
 
 %% @doc Filter from the list of terms the disallowed.
 %% Returns a sublist of Terms without the ones which first element is
@@ -311,12 +407,19 @@ split_terms_macros(Terms) ->
       fun(Term, {TOs, Ms}) ->
 	      case Term of
 		  {define_macro, Key, Value} -> 
-		      case is_atom(Key) and is_all_uppercase(Key) of
+		      case is_correct_macro({Key, Value}) of
 			  true -> 
 			      {TOs, Ms++[{Key, Value}]};
 			  false -> 
 			      exit({macro_not_properly_defined, Term})
 		      end;
+                  {define_macro, KeyVals} ->
+                      case lists:all(fun is_correct_macro/1, KeyVals) of
+                          true ->
+                              {TOs, Ms ++ KeyVals};
+                          false ->
+                              exit({macros_not_properly_defined, Term})
+                      end;
 		  Term ->
 		      {TOs ++ [Term], Ms}
 	      end
@@ -324,6 +427,11 @@ split_terms_macros(Terms) ->
       {[], []},
       Terms).
 
+is_correct_macro({Key, _Val}) ->
+    is_atom(Key) and is_all_uppercase(Key);
+is_correct_macro(_) ->
+    false.
+
 %% @doc Recursively replace in Terms macro usages with the defined value.
 %% @spec (Terms, Macros) -> Terms
 %%       Terms = [term()]
@@ -331,7 +439,9 @@ split_terms_macros(Terms) ->
 replace([], _) ->
     [];
 replace([Term|Terms], Macros) ->
-    [replace_term(Term, Macros) | replace(Terms, Macros)].
+    [replace_term(Term, Macros) | replace(Terms, Macros)];
+replace(Term, Macros) ->
+    replace_term(Term, Macros).
 
 replace_term(Key, Macros) when is_atom(Key) ->
     case is_all_uppercase(Key) of
@@ -365,197 +475,65 @@ is_all_uppercase(Atom) ->
 
 process_term(Term, State) ->
     case Term of
-	override_global ->
-	    State#state{override_global = true};
-	override_local ->
-	    State#state{override_local = true};
-	override_acls ->
-	    State#state{override_acls = true};
-	{acl, _ACLName, _ACLData} ->
-	    process_host_term(Term, global, State);
-	{access, _RuleName, _Rules} ->
-	    process_host_term(Term, global, State);
-	{shaper, _Name, _Data} ->
-	    %%lists:foldl(fun(Host, S) -> process_host_term(Term, Host, S) end,
-	    %%    	State, State#state.hosts);
-	    process_host_term(Term, global, State);
-	{host, _Host} ->
-	    State;
-	{hosts, _Hosts} ->
-	    State;
-	{fqdn, HostFQDN} ->
-	    ?DEBUG("FQDN set to: ~p", [HostFQDN]),
-	    add_option(fqdn, HostFQDN, State);
-	{host_config, Host, Terms} ->
-	    lists:foldl(fun(T, S) -> process_host_term(T, Host, S) end,
-			State, Terms);
-	{listen, Listeners} ->
-	    Listeners2 =
-		lists:map(
-		  fun({PortIP, Module, Opts}) ->
-			  {Port, IPT, _, _, Proto, OptsClean} =
-			      ejabberd_listener:parse_listener_portip(PortIP, Opts),
-			  {{Port, IPT, Proto}, Module, OptsClean}
-		  end,
-		  Listeners),
-	    add_option(listen, Listeners2, State);
-	{language, Val} ->
-	    add_option(language, Val, State);
-	{outgoing_s2s_port, Port} ->
-	    add_option(outgoing_s2s_port, Port, State);
-	{outgoing_s2s_options, Methods, Timeout} ->
-	    add_option(outgoing_s2s_options, {Methods, Timeout}, State);
-        {s2s_dns_options, PropList} ->
-            add_option(s2s_dns_options, PropList, State);
-	{s2s_use_starttls, Port} ->
-	    add_option(s2s_use_starttls, Port, State);
-	{s2s_certfile, CertFile} ->
-            CertFileS = binary_to_list(CertFile),
-	    case ejabberd_config:is_file_readable(CertFileS) of
-		true -> add_option(s2s_certfile, CertFile, State);
-		false ->
-		    ErrorText = "There is a problem in the configuration: "
-			"the specified file is not readable: ",
-		    throw({error, ErrorText ++ CertFileS})
-	    end;
-	{domain_certfile, Domain, CertFile} ->
-            CertFileS = binary_to_list(CertFile),
-	    case ejabberd_config:is_file_readable(CertFileS) of
-		true -> add_option({domain_certfile, Domain}, CertFile, State);
-		false ->
-		    ErrorText = "There is a problem in the configuration: "
-			"the specified file is not readable: ",
-		    throw({error, ErrorText ++ CertFileS})
-	    end;
-	{node_type, NodeType} ->
-	    add_option(node_type, NodeType, State);
-	{cluster_nodes, Nodes} ->
-	    add_option(cluster_nodes, Nodes, State);
-	{domain_balancing, Domain, Balancing} ->
-	    add_option({domain_balancing, Domain}, Balancing, State);
-	{domain_balancing_component_number, Domain, N} ->
-	    add_option({domain_balancing_component_number, Domain}, N, State);
-	{watchdog_admins, Admins} ->
-	    add_option(watchdog_admins, Admins, State);
-	{watchdog_large_heap, LH} ->
-	    add_option(watchdog_large_heap, LH, State);
-	{registration_timeout, Timeout} ->
-	    add_option(registration_timeout, Timeout, State);
-	{captcha_cmd, Cmd} ->
-	    add_option(captcha_cmd, Cmd, State);
-	{captcha_host, Host} ->
-	    add_option(captcha_host, Host, State);
-        {captcha_limit, Limit} ->
-            add_option(captcha_limit, Limit, State);
-	{ejabberdctl_access_commands, ACs} ->
-	    add_option(ejabberdctl_access_commands, ACs, State);
-	{loglevel, Loglevel} ->
-	    ejabberd_logger:set(Loglevel),
-	    State;
-	{max_fsm_queue, N} ->
-	    add_option(max_fsm_queue, N, State);
-	{_Opt, _Val} ->
-	    lists:foldl(fun(Host, S) -> process_host_term(Term, Host, S) end,
-			State, State#state.hosts)
-    end.
-
-process_host_term(Term, Host, State) ->
-    case Term of
-	{acl, ACLName, ACLData} ->
-	    State#state{opts =
-			[acl:to_record(Host, ACLName, ACLData) | State#state.opts]};
-	{access, RuleName, Rules} ->
-	    State#state{opts = [#config{key = {access, RuleName, Host},
-					value = Rules} |
-				State#state.opts]};
-	{shaper, Name, Data} ->
-	    State#state{opts = [#config{key = {shaper, Name, Host},
-					value = Data} |
-				State#state.opts]};
-	{host, Host} ->
-	    State;
-	{hosts, _Hosts} ->
-	    State;
-	{odbc_server, ODBC_server} ->
-	    add_option({odbc_server, Host}, ODBC_server, State);
-        {modules, Modules} ->
-            add_option({modules, Host}, replace_modules(Modules), State);
-	{Opt, Val} ->
-	    add_option({Opt, Host}, Val, State)
-    end.
-
-add_option(Opt, Val, State) ->
-    Table = case Opt of
-		hosts ->
-		    config;
-		language ->
-		    config;
-		_ ->
-		    local_config
-	    end,
-    case Table of
-	config ->
-	    State#state{opts = [#config{key = Opt, value = Val} |
-				State#state.opts]};
-	local_config ->
-	    case Opt of
-		{{add, OptName}, Host} ->
-		    State#state{opts = compact({OptName, Host}, Val,
-					       State#state.opts, [])};
-		_ ->
-		    State#state{opts = [#local_config{key = Opt, value = Val} |
-					State#state.opts]}
-	    end
-    end.
-
-compact({OptName, Host} = Opt, Val, [], Os) ->
-    ?WARNING_MSG("The option '~p' is defined for the host ~p using host_config "
-    "before the global '~p' option. This host_config option may get overwritten.", [OptName, Host, OptName]),
-    [#local_config{key = Opt, value = Val}] ++ Os;
-%% Traverse the list of the options already parsed
-compact(Opt, Val, [O | Os1], Os2) ->
-    case catch O#local_config.key of
-	%% If the key of a local_config matches the Opt that wants to be added
-	Opt ->
-	    %% Then prepend the new value to the list of old values
-	    Os2 ++ [#local_config{key = Opt,
-				  value = Val++O#local_config.value}
-		   ] ++ Os1;
+	{host_config, HostTerms} ->
+            lists:foldl(
+              fun({Host, Terms}, AccState) ->
+                      lists:foldl(fun(T, S) ->
+                                          process_host_term(T, Host, S, set)
+                                  end, AccState, Terms)
+              end, State, HostTerms);
+        {append_host_config, HostTerms} ->
+            lists:foldl(
+              fun({Host, Terms}, AccState) ->
+                      lists:foldl(fun(T, S) ->
+                                          process_host_term(T, Host, S, append)
+                                  end, AccState, Terms)
+              end, State, HostTerms);
 	_ ->
-	    compact(Opt, Val, Os1, Os2++[O])
+            process_host_term(Term, global, State, set)
     end.
 
+process_host_term(Term, Host, State, Action) ->
+    case Term of
+        {modules, Modules} when Action == set ->
+            set_option({modules, Host}, replace_modules(Modules), State);
+        {modules, Modules} when Action == append ->
+            append_option({modules, Host}, replace_modules(Modules), State);
+        {host, _} ->
+            State;
+        {hosts, _} ->
+            State;
+	{Opt, Val} when Action == set ->
+	    set_option({Opt, Host}, Val, State);
+        {Opt, Val} when Action == append ->
+            append_option({Opt, Host}, Val, State);
+        Opt ->
+            ?WARNING_MSG("Ignore invalid (outdated?) option ~p", [Opt]),
+            State
+    end.
+
+set_option(Opt, Val, State) ->
+    State#state{opts = [#local_config{key = Opt, value = Val} |
+                        State#state.opts]}.
+
+append_option({Opt, Host}, Val, State) ->
+    GlobalVals = lists:flatmap(
+                   fun(#local_config{key = {O, global}, value = V})
+                         when O == Opt ->
+                           if is_list(V) -> V;
+                              true -> [V]
+                           end;
+                      (_) ->
+                           []
+                   end, State#state.opts),
+    NewVal = if is_list(Val) -> Val ++ GlobalVals;
+                true -> [Val|GlobalVals]
+             end,
+    set_option({Opt, Host}, NewVal, State).
 
 set_opts(State) ->
-    Opts = lists:reverse(State#state.opts),
+    Opts = State#state.opts,
     F = fun() ->
-		if
-		    State#state.override_global ->
-			Ksg = mnesia:all_keys(config),
-			lists:foreach(fun(K) ->
-					      mnesia:delete({config, K})
-				      end, Ksg);
-		    true ->
-			ok
-		end,
-		if
-		    State#state.override_local ->
-			Ksl = mnesia:all_keys(local_config),
-			lists:foreach(fun(K) ->
-					      mnesia:delete({local_config, K})
-				      end, Ksl);
-		    true ->
-			ok
-		end,
-		if
-		    State#state.override_acls ->
-			Ksa = mnesia:all_keys(acl),
-			lists:foreach(fun(K) ->
-					      mnesia:delete({acl, K})
-				      end, Ksa);
-		    true ->
-			ok
-		end,
 		lists:foreach(fun(R) ->
 				      mnesia:write(R)
 			      end, Opts)
@@ -576,12 +554,14 @@ set_opts(State) ->
     end.
 
 add_global_option(Opt, Val) ->
-    mnesia:transaction(fun() ->
-			       mnesia:write(#config{key = Opt,
-						    value = Val})
-		       end).
+    add_option(Opt, Val).
 
 add_local_option(Opt, Val) ->
+    add_option(Opt, Val).
+
+add_option(Opt, Val) when is_atom(Opt) ->
+    add_option({Opt, global}, Val);
+add_option(Opt, Val) ->
     mnesia:transaction(fun() ->
 			       mnesia:write(#local_config{key = Opt,
 							  value = Val})
@@ -615,31 +595,49 @@ prepare_opt_val(Opt, Val, F, Default) ->
 -spec get_global_option(any(), check_fun()) -> any().
 
 get_global_option(Opt, F) ->
-    get_global_option(Opt, F, undefined).
+    get_option(Opt, F, undefined).
 
 -spec get_global_option(any(), check_fun(), any()) -> any().
 
 get_global_option(Opt, F, Default) ->
-    case ets:lookup(config, Opt) of
-	[#config{value = Val}] ->
-	    prepare_opt_val(Opt, Val, F, Default);
-	_ ->
-            Default
-    end.
+    get_option(Opt, F, Default).
 
 -spec get_local_option(any(), check_fun()) -> any().
 
 get_local_option(Opt, F) ->
-    get_local_option(Opt, F, undefined).
+    get_option(Opt, F, undefined).
 
 -spec get_local_option(any(), check_fun(), any()) -> any().
 
 get_local_option(Opt, F, Default) ->
+    get_option(Opt, F, Default).
+
+-spec get_option(any(), check_fun()) -> any().
+
+get_option(Opt, F) ->
+    get_option(Opt, F, undefined).
+
+-spec get_option(any(), check_fun(), any()) -> any().
+
+get_option(Opt, F, Default) when is_atom(Opt) ->
+    get_option({Opt, global}, F, Default);
+get_option(Opt, F, Default) ->
+    case Opt of
+        {O, global} when is_atom(O) -> ok;
+        {O, H} when is_atom(O), is_binary(H) -> ok;
+        _ -> ?WARNING_MSG("Option ~p has invalid (outdated?) format. "
+                          "This is likely a bug", [Opt])
+    end,
     case ets:lookup(local_config, Opt) of
 	[#local_config{value = Val}] ->
 	    prepare_opt_val(Opt, Val, F, Default);
-	_ ->
-	    Default
+        _ ->
+            case Opt of
+                {Key, Host} when Host /= global ->
+                    get_option({Key, global}, F, Default);
+                _ ->
+                    Default
+            end
     end.
 
 -spec get_vh_by_auth_method(atom()) -> [binary()].
@@ -669,12 +667,12 @@ get_version() ->
 -spec get_myhosts() -> [binary()].
 
 get_myhosts() ->
-    ejabberd_config:get_global_option(hosts, fun(V) -> V end).
+    get_option(hosts, fun(V) -> V end).
 
 -spec get_mylang() -> binary().
 
 get_mylang() ->
-    ejabberd_config:get_global_option(
+    get_option(
       language,
       fun iolist_to_binary/1,
       <<"en">>).
@@ -702,14 +700,14 @@ replace_modules(Modules) ->
                       emit_deprecation_warning(Module, NewModule, DBType),
                       NewOpts = [{db_type, DBType} |
                                  lists:keydelete(db_type, 1, Opts)],
-                      {NewModule, NewOpts};
+                      {NewModule, transform_module_options(Module, NewOpts)};
                   NewModule ->
                       if Module /= NewModule ->
                               emit_deprecation_warning(Module, NewModule);
                          true ->
                               ok
                       end,
-                      {NewModule, Opts}
+                      {NewModule, transform_module_options(Module, Opts)}
               end
       end, Modules).
 
@@ -722,6 +720,9 @@ strings_to_binary(L) when is_list(L) ->
         false ->
             strings_to_binary1(L)
     end;
+strings_to_binary({A, B, C, D}) when
+	is_integer(A), is_integer(B), is_integer(C), is_integer(D) ->
+    {A, B, C ,D};
 strings_to_binary(T) when is_tuple(T) ->
     list_to_tuple(strings_to_binary1(tuple_to_list(T)));
 strings_to_binary(X) ->
@@ -762,6 +763,142 @@ format_term(S) when is_list(S), S /= [] ->
 format_term(T) ->
     io_lib:format("~p", [binary_to_strings(T)]).
 
+transform_terms(Terms) ->
+    %% We could check all ejabberd beams, but this
+    %% slows down start-up procedure :(
+    Mods = [mod_register,
+            mod_last,
+            ejabberd_s2s,
+            ejabberd_listener,
+            ejabberd_odbc_sup,
+            shaper,
+            ejabberd_s2s_out,
+            acl,
+            ejabberd_config],
+    collect_options(transform_terms(Mods, Terms)).
+
+transform_terms([Mod|Mods], Terms) ->
+    case catch Mod:transform_options(Terms) of
+        {'EXIT', _} = Err ->
+            ?ERROR_MSG("Failed to transform terms by ~p: ~p", [Mod, Err]),
+            transform_terms(Mods, Terms);
+        NewTerms ->
+            transform_terms(Mods, NewTerms)
+    end;
+transform_terms([], NewTerms) ->
+    NewTerms.
+
+transform_module_options(Module, Opts) ->
+    Opts1 = gen_iq_handler:transform_module_options(Opts),
+    try
+        Module:transform_module_options(Opts1)
+    catch error:undef ->
+            Opts1
+    end.
+
+compact(Cfg) ->
+    Opts = [{K, V} || #local_config{key = K, value = V} <- Cfg],
+    {GOpts, HOpts} = split_by_hosts(Opts),
+    [#local_config{key = {O, global}, value = V} || {O, V} <- GOpts] ++
+        lists:flatmap(
+          fun({Host, OptVal}) ->
+                  case lists:member(OptVal, GOpts) of
+                      true ->
+                          [];
+                      false ->
+                          [#local_config{key = {Opt, Host}, value = Val}
+                           || {Opt, Val} <- OptVal]
+                  end
+          end, lists:flatten(HOpts)).
+
+split_by_hosts(Opts) ->
+    Opts1 = orddict:to_list(
+              lists:foldl(
+                fun({{Opt, Host}, Val}, D) ->
+                        orddict:append(Host, {Opt, Val}, D)
+                end, orddict:new(), Opts)),
+    case lists:keytake(global, 1, Opts1) of
+        {value, {global, GlobalOpts}, HostOpts} ->
+            {GlobalOpts, HostOpts};
+        _ ->
+            {[], Opts1}
+    end.
+
+collect_options(Opts) ->
+    {D, InvalidOpts} =
+        lists:foldl(
+          fun({K, V}, {D, Os}) when is_list(V) ->
+                  {orddict:append_list(K, V, D), Os};
+             ({K, V}, {D, Os}) ->
+                  {orddict:store(K, V, D), Os};
+             (Opt, {D, Os}) ->
+                  {D, [Opt|Os]}
+          end, {orddict:new(), []}, Opts),
+    InvalidOpts ++ orddict:to_list(D).
+
+transform_options(Opts) ->
+    Opts1 = lists:foldl(fun transform_options/2, [], Opts),
+    {HOpts, Opts2} = lists:mapfoldl(
+                       fun({host_config, O}, Os) ->
+                               {[O], Os};
+                          (O, Os) ->
+                               {[], [O|Os]}
+                       end, [], Opts1),
+    {AHOpts, Opts3} = lists:mapfoldl(
+                        fun({append_host_config, O}, Os) ->
+                                {[O], Os};
+                           (O, Os) ->
+                                {[], [O|Os]}
+                        end, [], Opts2),
+    HOpts1 = case collect_options(lists:flatten(HOpts)) of
+                 [] ->
+                     [];
+                 HOs ->
+                     [{host_config,
+                       [{H, transform_terms(O)} || {H, O} <- HOs]}]
+             end,
+    AHOpts1 = case collect_options(lists:flatten(AHOpts)) of
+                  [] ->
+                      [];
+                  AHOs ->
+                      [{append_host_config,
+                        [{H, transform_terms(O)} || {H, O} <- AHOs]}]
+              end,
+    HOpts1 ++ AHOpts1 ++ Opts3.
+
+transform_options({domain_certfile, Domain, CertFile}, Opts) ->
+    ?WARNING_MSG("Option 'domain_certfile' now should be defined "
+                 "per virtual host or globally. The old format is "
+                 "still supported but it is better to fix your config", []),
+    [{host_config, [{Domain, [{domain_certfile, CertFile}]}]}|Opts];
+transform_options(Opt, Opts) when Opt == override_global;
+                                  Opt == override_local;
+                                  Opt == override_acls ->
+    ?WARNING_MSG("Ignoring '~s' option which has no effect anymore", [Opt]),
+    Opts;
+transform_options({host_config, Host, HOpts}, Opts) ->
+    {AddOpts, HOpts1} =
+        lists:mapfoldl(
+          fun({{add, Opt}, Val}, Os) ->
+                  ?WARNING_MSG("Option 'add' is deprecated. "
+                               "The option is still supported "
+                               "but it is better to fix your config: "
+                               "use 'append_host_config' instead.", []),
+                  {[{Opt, Val}], Os};
+             (O, Os) ->
+                  {[], [O|Os]}
+          end, [], HOpts),
+    [{append_host_config, [{Host, lists:flatten(AddOpts)}]},
+     {host_config, [{Host, HOpts1}]}|Opts];
+transform_options({define_macro, Macro, Val}, Opts) ->
+    [{define_macro, [{Macro, Val}]}|Opts];
+transform_options({include_config_file, _} = Opt, Opts) ->
+    [{include_config_file, [transform_include_option(Opt)]} | Opts];
+transform_options({include_config_file, _, _} = Opt, Opts) ->
+    [{include_config_file, [transform_include_option(Opt)]} | Opts];
+transform_options(Opt, Opts) ->
+    [Opt|Opts].
+
 -spec convert_table_to_binary(atom(), [atom()], atom(),
                               fun(), fun()) -> ok.
 
@@ -851,7 +988,7 @@ report_and_stop(Tab, Err) ->
     halt(string:substr(ErrTxt, 1, 199)).
 
 emit_deprecation_warning(Module, NewModule, DBType) ->
-    ?WARNING_MSG("Module ~s is deprecated, use {~s, [{db_type, ~s}, ...]}"
+    ?WARNING_MSG("Module ~s is deprecated, use ~s with 'db_type: ~s'"
                  " instead", [Module, NewModule, DBType]).
 
 emit_deprecation_warning(Module, NewModule) ->

src/ejabberd_ctl.erl

@@ -5,7 +5,7 @@
 %%% Created : 11 Jan 2004 by Alexey Shchepin <alexey@process-one.net>
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -17,10 +17,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 
@@ -84,7 +83,7 @@ start() ->
 	    Node = list_to_atom(SNode1),
 	    Status = case rpc:call(Node, ?MODULE, process, [Args]) of
 			 {badrpc, Reason} ->
-			     ?PRINT("Failed RPC connection to the node ~p: ~p~n",
+			     print("Failed RPC connection to the node ~p: ~p~n",
 				    [Node, Reason]),
 			     %% TODO: show minimal start help
 			     ?STATUS_BADRPC;
@@ -131,17 +130,17 @@ unregister_commands(CmdDescs, Module, Function) ->
 %% they are usable even if ejabberd is completely stopped.
 process(["status"]) ->
     {InternalStatus, ProvidedStatus} = init:get_status(),
-    ?PRINT("The node ~p is ~p with status: ~p~n",
+    print("The node ~p is ~p with status: ~p~n",
 	   [node(), InternalStatus, ProvidedStatus]),
     case lists:keysearch(ejabberd, 1, application:which_applications()) of
         false ->
-            EjabberdLogPath = ejabberd_app:get_log_path(),
-            ?PRINT("ejabberd is not running in that node~n"
+            EjabberdLogPath = ejabberd_logger:get_log_path(),
+            print("ejabberd is not running in that node~n"
 		   "Check for error messages: ~s~n"
 		   "or other files in that directory.~n", [EjabberdLogPath]),
             ?STATUS_ERROR;
         {value, {_, _, Version}} ->
-            ?PRINT("ejabberd ~s is running in that node~n", [Version]),
+            print("ejabberd ~s is running in that node~n", [Version]),
             ?STATUS_SUCCESS
     end;
 
@@ -155,7 +154,7 @@ process(["restart"]) ->
     ?STATUS_SUCCESS;
 
 process(["mnesia"]) ->
-    ?PRINT("~p~n", [mnesia:system_info(all)]),
+    print("~p~n", [mnesia:system_info(all)]),
     ?STATUS_SUCCESS;
 
 process(["mnesia", "info"]) ->
@@ -164,8 +163,8 @@ process(["mnesia", "info"]) ->
 
 process(["mnesia", Arg]) ->
     case catch mnesia:system_info(list_to_atom(Arg)) of
-	{'EXIT', Error} -> ?PRINT("Error: ~p~n", [Error]);
-	Return -> ?PRINT("~p~n", [Return])
+	{'EXIT', Error} -> print("Error: ~p~n", [Error]);
+	Return -> print("~p~n", [Return])
     end,
     ?STATUS_SUCCESS;
 
@@ -237,7 +236,7 @@ process2(Args, Auth, AccessCommands) ->
     end.
 
 get_accesscommands() ->
-    ejabberd_config:get_local_option(ejabberdctl_access_commands,
+    ejabberd_config:get_option(ejabberdctl_access_commands,
                                      fun(V) when is_list(V) -> V end, []).
 
 %%-----------------------------
@@ -261,7 +260,7 @@ try_run_ctp(Args, Auth, AccessCommands) ->
 	Error:Why ->
             %% In this case probably ejabberd is not started, so let's show Status
             process(["status"]),
-            ?PRINT("~n", []),
+            print("~n", []),
 	    {io_lib:format("Error in ejabberd ctl process: '~p' ~p", [Error, Why]), ?STATUS_USAGE}
     end.
 
@@ -419,6 +418,7 @@ is_supported_args(Args) ->
       fun({_Name, Format}) ->
 	      (Format == integer)
 		  or (Format == string)
+		      or (Format == binary)
       end,
       Args).
 
@@ -457,14 +457,14 @@ print_usage(HelpMode, MaxC, ShCode) ->
 	get_list_commands() ++
 	get_list_ctls(),
 
-    ?PRINT(
+    print(
        ["Usage: ", ?B("ejabberdctl"), " [--node ", ?U("nodename"), "] [--auth ",
 	?U("user"), " ", ?U("host"), " ", ?U("password"), "] ",
 	?U("command"), " [", ?U("options"), "]\n"
 	"\n"
 	"Available commands in this ejabberd node:\n"], []),
     print_usage_commands(HelpMode, MaxC, ShCode, AllCommands),
-    ?PRINT(
+    print(
        ["\n"
 	"Examples:\n"
 	"  ejabberdctl restart\n"
@@ -498,7 +498,7 @@ print_usage_commands(HelpMode, MaxC, ShCode, Commands) ->
     %% Convert its definition to a line
     FmtCmdDescs = format_command_lines(CmdArgsLenDescsSorted, MaxCmdLen, MaxC, ShCode, HelpMode),
 
-    ?PRINT([FmtCmdDescs], []).
+    print([FmtCmdDescs], []).
 
 
 %% Get some info about the shell:
@@ -565,7 +565,7 @@ format_command_lines(CALD, MaxCmdLen, MaxC, ShCode, dual) ->
     lists:map(
       fun({Cmd, Args, CmdArgsL, Desc}) ->
 	      DescFmt = prepare_description(MaxCmdLen+4, MaxC, Desc),
-	      ["  ", ?B(Cmd), " ", [[?U(Arg), " "] || Arg <- Args],
+	      ["   ", ?B(Cmd), " ", [[?U(Arg), " "] || Arg <- Args],
                string:chars($\s, MaxCmdLen - CmdArgsL + 1),
 	       DescFmt, "\n"]
       end, CALD);
@@ -574,7 +574,7 @@ format_command_lines(CALD, _MaxCmdLen, MaxC, ShCode, long) ->
     lists:map(
       fun({Cmd, Args, _CmdArgsL, Desc}) ->
 	      DescFmt = prepare_description(8, MaxC, Desc),
-	      ["\n  ", ?B(Cmd), " ", [[?U(Arg), " "] || Arg <- Args], "\n", "        ",
+	      ["\n   ", ?B(Cmd), " ", [[?U(Arg), " "] || Arg <- Args], "\n", "        ",
 	       DescFmt, "\n"]
       end, CALD).
 
@@ -584,20 +584,20 @@ format_command_lines(CALD, _MaxCmdLen, MaxC, ShCode, long) ->
 %%-----------------------------
 
 print_usage_tags(MaxC, ShCode) ->
-    ?PRINT("Available tags and commands:", []),
+    print("Available tags and commands:", []),
     TagsCommands = ejabberd_commands:get_tags_commands(),
     lists:foreach(
       fun({Tag, Commands} = _TagCommands) ->
-	      ?PRINT(["\n\n  ", ?B(Tag), "\n     "], []),
+	      print(["\n\n  ", ?B(Tag), "\n     "], []),
 	      Words = lists:sort(Commands),
 	      Desc = prepare_long_line(5, MaxC, Words),
-	      ?PRINT(Desc, [])
+	      print(Desc, [])
       end,
       TagsCommands),
-    ?PRINT("\n\n", []).
+    print("\n\n", []).
 
 print_usage_tags(Tag, MaxC, ShCode) ->
-    ?PRINT(["Available commands with tag ", ?B(Tag), ":", "\n"], []),
+    print(["Available commands with tag ", ?B(Tag), ":", "\n"], []),
     HelpMode = long,
     TagsCommands = ejabberd_commands:get_tags_commands(),
     CommandsNames = case lists:keysearch(Tag, 1, TagsCommands) of
@@ -615,7 +615,7 @@ print_usage_tags(Tag, MaxC, ShCode) ->
 		     end,
 		     CommandsNames),
     print_usage_commands(HelpMode, MaxC, ShCode, CommandsList),
-    ?PRINT("\n", []).
+    print("\n", []).
 
 
 %%-----------------------------
@@ -673,7 +673,7 @@ print_usage_commands2(Cmds, MaxC, ShCode) ->
       fun(Cmd, Remaining) ->
 	      print_usage_command(Cmd, MaxC, ShCode),
 	      case Remaining > 1 of
-		  true -> ?PRINT([" ", lists:duplicate(MaxC, 126), " \n"], []);
+		  true -> print([" ", lists:duplicate(MaxC, 126), " \n"], []);
 		  false -> ok
 	      end,
 	      {ok, Remaining-1}
@@ -749,7 +749,7 @@ print_usage_command(Cmd, C, MaxC, ShCode) ->
 			  false -> ["  ", ?B("Note:"), " This command cannot be executed using ejabberdctl. Try ejabberd_xmlrpc.\n\n"]
 		      end,
 
-    ?PRINT(["\n", NameFmt, "\n", ArgsFmt, "\n", ReturnsFmt, "\n\n", XmlrpcFmt, TagsFmt, "\n\n", DescFmt, "\n\n", LongDescFmt, NoteEjabberdctl], []).
+    print(["\n", NameFmt, "\n", ArgsFmt, "\n", ReturnsFmt, "\n\n", XmlrpcFmt, TagsFmt, "\n\n", DescFmt, "\n\n", LongDescFmt, NoteEjabberdctl], []).
 
 format_usage_ctype(Type, _Indentation)
   when (Type==atom) or (Type==integer) or (Type==string) or (Type==binary) or (Type==rescode) or (Type==restuple)->
@@ -780,6 +780,8 @@ format_usage_tuple([ElementDef | ElementsDef], Indentation) ->
     MarginString = lists:duplicate(Indentation, $\s), % Put spaces
     [ElementFmt, ",\n", MarginString, format_usage_tuple(ElementsDef, Indentation)].
 
+print(Format, Args) ->
+    io:format(lists:flatten(Format), Args).
 
 %%-----------------------------
 %% Command managment

src/ejabberd_frontend_socket.erl

@@ -5,7 +5,7 @@
 %%% Created : 23 Aug 2006 by Alexey Shchepin <alexey@process-one.net>
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -17,10 +17,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 
@@ -280,7 +279,7 @@ code_change(_OldVsn, State, _Extra) -> {ok, State}.
 %%% Internal functions
 %%--------------------------------------------------------------------
 check_starttls(SockMod, Socket, Receiver, Opts) ->
-    TLSEnabled = lists:member(tls, Opts),
+    TLSEnabled = proplists:get_bool(tls, Opts),
     TLSOpts = lists:filter(fun({certfile, _}) -> true;
 			      (_) -> false
 			   end, Opts),
@@ -292,4 +291,3 @@ check_starttls(SockMod, Socket, Receiver, Opts) ->
 	true ->
 	    {SockMod, Socket}
     end.
-

src/ejabberd_hooks.erl

@@ -5,7 +5,7 @@
 %%% Created :  8 Aug 2004 by Alexey Shchepin <alexey@process-one.net>
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -17,10 +17,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 
@@ -152,7 +151,7 @@ run(Hook, Host, Args) ->
 %% The arguments passed to the function are: [Val | Args].
 %% The result of a call is used as Val for the next call.
 %% If a call returns 'stop', no more calls are performed and 'stopped' is returned.
-%% If a call returns {stopped, NewVal}, no more calls are performed and NewVal is returned.
+%% If a call returns {stop, NewVal}, no more calls are performed and NewVal is returned.
 run_fold(Hook, Val, Args) ->
     run_fold(Hook, global, Val, Args).
 

src/ejabberd_http.erl

@@ -5,7 +5,7 @@
 %%% Created : 27 Feb 2004 by Alexey Shchepin <alexey@process-one.net>
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -17,10 +17,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 
@@ -30,7 +29,8 @@
 
 %% External exports
 -export([start/2, start_link/2, become_controller/1,
-	 socket_type/0, receive_headers/1, url_encode/1]).
+	 socket_type/0, receive_headers/1, url_encode/1,
+         transform_listen_option/2]).
 
 %% Callbacks
 -export([init/2]).
@@ -50,7 +50,7 @@
 		request_auth,
 		request_keepalive,
 		request_content_length,
-		request_lang = "en",
+		request_lang = <<"en">>,
 		%% XXX bard: request handlers are configured in
 		%% ejabberd.cfg under the HTTP service.	 For example,
 		%% to have the module test_web handle requests with
@@ -65,6 +65,7 @@
 		request_tp,
 		request_headers = [],
 		end_of_request = false,
+		options = [],
 		default_host,
 		trail = <<>>
 	       }).
@@ -91,12 +92,16 @@ start_link(SockData, Opts) ->
 			 [SockData, Opts])}.
 
 init({SockMod, Socket}, Opts) ->
-    TLSEnabled = lists:member(tls, Opts),
+    TLSEnabled = proplists:get_bool(tls, Opts),
     TLSOpts1 = lists:filter(fun ({certfile, _}) -> true;
 				(_) -> false
 			    end,
 			    Opts),
-    TLSOpts = [verify_none | TLSOpts1],
+    TLSOpts2 = case proplists:get_bool(tls_compression, Opts) of
+                   false -> [compression_none | TLSOpts1];
+                   true -> TLSOpts1
+               end,
+    TLSOpts = [verify_none | TLSOpts2],
     {SockMod1, Socket1} = if TLSEnabled ->
 				 inet:setopts(Socket, [{recbuf, 8192}]),
 				 {ok, TLSSocket} = p1_tls:tcp_to_tls(Socket,
@@ -109,34 +114,39 @@ init({SockMod, Socket}, Opts) ->
 	  inet:setopts(Socket1, [{packet, http_bin}, {recbuf, 8192}]);
       _ -> ok
     end,
-    Captcha = case lists:member(captcha, Opts) of
+    Captcha = case proplists:get_bool(captcha, Opts) of
                   true -> [{[<<"captcha">>], ejabberd_captcha}];
                   false -> []
               end,
-    Register = case lists:member(register, Opts) of
+    Register = case proplists:get_bool(register, Opts) of
                  true -> [{[<<"register">>], mod_register_web}];
                  false -> []
                end,
-    Admin = case lists:member(web_admin, Opts) of
+    Admin = case proplists:get_bool(web_admin, Opts) of
               true -> [{[<<"admin">>], ejabberd_web_admin}];
               false -> []
             end,
-    Bind = case lists:member(http_bind, Opts) of
+    Bind = case proplists:get_bool(http_bind, Opts) of
              true -> [{[<<"http-bind">>], mod_http_bind}];
              false -> []
            end,
-    Poll = case lists:member(http_poll, Opts) of
+    Poll = case proplists:get_bool(http_poll, Opts) of
              true -> [{[<<"http-poll">>], ejabberd_http_poll}];
              false -> []
            end,
-    DefinedHandlers = case lists:keysearch(request_handlers,
-					   1, Opts)
-			  of
-			{value, {request_handlers, H}} -> H;
-			false -> []
-		      end,
+    XMLRPC = case proplists:get_bool(xmlrpc, Opts) of
+		 true -> [{[], ejabberd_xmlrpc}];
+		 false -> []
+	     end,
+    DefinedHandlers = gen_mod:get_opt(
+                        request_handlers, Opts,
+                        fun(Hs) ->
+                                [{str:tokens(
+                                    iolist_to_binary(Path), <<"/">>),
+                                  Mod} || {Path, Mod} <- Hs]
+                        end, []),
     RequestHandlers = DefinedHandlers ++ Captcha ++ Register ++
-        Admin ++ Bind ++ Poll,
+        Admin ++ Bind ++ Poll ++ XMLRPC,
     ?DEBUG("S: ~p~n", [RequestHandlers]),
 
     DefaultHost = gen_mod:get_opt(default_host, Opts, fun(A) -> A end, undefined),
@@ -145,6 +155,7 @@ init({SockMod, Socket}, Opts) ->
     State = #state{sockmod = SockMod1,
                    socket = Socket1,
                    default_host = DefaultHost,
+		   options = Opts,
                    request_handlers = RequestHandlers},
     receive_headers(State).
 
@@ -195,8 +206,8 @@ parse_headers(#state{request_method = Method,
 		     trail = Data} =
 		  State) ->
     PktType = case Method of
-                  undefined -> http;
-                  _ -> httph
+                  undefined -> http_bin;
+                  _ -> httph_bin
               end,
     case erlang:decode_packet(PktType, Data, []) of
         {ok, Pkt, Rest} ->
@@ -354,7 +365,7 @@ process(Handlers, Request) ->
       false -> process(HandlersLeft, Request)
     end.
 
-process_request(#state{request_method = Method,
+process_request(#state{request_method = Method, options = Options,
 		       request_path = {abs_path, Path}, request_auth = Auth,
 		       request_lang = Lang, request_handlers = RequestHandlers,
 		       request_host = Host, request_port = Port,
@@ -384,6 +395,7 @@ process_request(#state{request_method = Method,
 	    IP = analyze_ip_xff(IPHere, XFF, Host),
 	    Request = #request{method = Method,
 			       path = LPath,
+			       opts = Options,
 			       q = LQuery,
 			       auth = Auth,
 			       lang = Lang,
@@ -408,7 +420,7 @@ process_request(#state{request_method = Method,
 		    make_text_output(State, Status, Headers, Output)
 	    end
     end;
-process_request(#state{request_method = Method,
+process_request(#state{request_method = Method, options = Options,
 		       request_path = {abs_path, Path}, request_auth = Auth,
 		       request_content_length = Len, request_lang = Lang,
 		       sockmod = SockMod, socket = Socket, request_host = Host,
@@ -445,6 +457,7 @@ process_request(#state{request_method = Method,
 	    Request = #request{method = Method,
 			       path = LPath,
 			       q = LQuery,
+			       opts = Options,
 			       auth = Auth,
 			       data = Data,
 			       lang = Lang,
@@ -480,7 +493,7 @@ analyze_ip_xff(IP, [], _Host) -> IP;
 analyze_ip_xff({IPLast, Port}, XFF, Host) ->
     [ClientIP | ProxiesIPs] = str:tokens(XFF, <<", ">>) ++
 				[jlib:ip_to_list(IPLast)],
-    TrustedProxies = ejabberd_config:get_local_option(
+    TrustedProxies = ejabberd_config:get_option(
                        {trusted_proxies, Host},
                        fun(TPs) ->
                                [iolist_to_binary(TP) || TP <- TPs]
@@ -830,3 +843,25 @@ normalize_path([_Parent, <<"..">>|Path], Norm) ->
     normalize_path(Path, Norm);
 normalize_path([Part | Path], Norm) ->
     normalize_path(Path, [Part|Norm]).
+
+transform_listen_option(captcha, Opts) ->
+    [{captcha, true}|Opts];
+transform_listen_option(register, Opts) ->
+    [{register, true}|Opts];
+transform_listen_option(web_admin, Opts) ->
+    [{web_admin, true}|Opts];
+transform_listen_option(http_bind, Opts) ->
+    [{http_bind, true}|Opts];
+transform_listen_option(http_poll, Opts) ->
+    [{http_poll, true}|Opts];
+transform_listen_option({request_handlers, Hs}, Opts) ->
+    Hs1 = lists:map(
+            fun({PList, Mod}) when is_list(PList) ->
+                    Path = iolist_to_binary([[$/, P] || P <- PList]),
+                    {Path, Mod};
+               (Opt) ->
+                    Opt
+            end, Hs),
+    [{request_handlers, Hs1} | Opts];
+transform_listen_option(Opt, Opts) ->
+    [Opt|Opts].

src/ejabberd_http_poll.erl

@@ -5,7 +5,7 @@
 %%% Created :  4 Mar 2004 by Alexey Shchepin <alexey@process-one.net>
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -17,10 +17,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 
@@ -49,7 +48,7 @@
 -export_type([poll_socket/0]).
 
 -record(state,
-	{id, key, socket, output = <<"">>, input = <<"">>,
+	{id, key, socket, output = [], input = <<"">>,
 	 waiting_input = false, last_receiver, http_poll_timeout,
 	 timer}).
 
@@ -205,7 +204,7 @@ get_human_html_xmlel() ->
 init([ID, Key, IP]) ->
     ?INFO_MSG("started: ~p", [{ID, Key, IP}]),
     Opts = ejabberd_c2s_config:get_c2s_limits(),
-    HTTPPollTimeout = ejabberd_config:get_local_option(
+    HTTPPollTimeout = ejabberd_config:get_option(
                         {http_poll_timeout, ?MYNAME},
                         fun(I) when is_integer(I), I>0 -> I end,
                         ?HTTP_POLL_TIMEOUT) * 1000,
@@ -253,7 +252,7 @@ handle_event({activate, From}, StateName, StateData) ->
       Input ->
 	  Receiver = From,
 	  Receiver !
-	    {tcp, StateData#state.socket, iolist_to_binary(Input)},
+	    {tcp, StateData#state.socket, Input},
 	  {next_state, StateName,
 	   StateData#state{input = <<"">>, waiting_input = false,
 			   last_receiver = Receiver}}
@@ -272,11 +271,8 @@ handle_event(_Event, StateName, StateData) ->
 %%----------------------------------------------------------------------
 handle_sync_event({send, Packet}, _From, StateName,
 		  StateData) ->
-    Packet2 = if is_binary(Packet) -> (Packet);
-		 true -> Packet
-	      end,
-    Output = StateData#state.output ++
-	       [lists:flatten(Packet2)],
+    Packet2 = iolist_to_binary(Packet),
+    Output = StateData#state.output ++ [Packet2],
     Reply = ok,
     {reply, Reply, StateName,
      StateData#state{output = Output}};
@@ -287,7 +283,7 @@ handle_sync_event({http_put, Key, NewKey, Packet},
     Allow = case StateData#state.key of
 	      <<"">> -> true;
 	      OldKey ->
-		  NextKey = jlib:encode_base64((crypto:sha(Key))),
+		  NextKey = jlib:encode_base64((p1_sha:sha1(Key))),
 		  if OldKey == NextKey -> true;
 		     true -> false
 		  end
@@ -295,7 +291,7 @@ handle_sync_event({http_put, Key, NewKey, Packet},
     if Allow ->
 	   case StateData#state.waiting_input of
 	     false ->
-		 Input = [StateData#state.input | Packet],
+		 Input = <<(StateData#state.input)/binary, Packet/binary>>,
 		 Reply = ok,
 		 {reply, Reply, StateName,
 		  StateData#state{input = Input, key = NewKey}};
@@ -320,7 +316,7 @@ handle_sync_event(http_get, _From, StateName,
 		  StateData) ->
     Reply = {ok, StateData#state.output},
     {reply, Reply, StateName,
-     StateData#state{output = <<"">>}};
+     StateData#state{output = []}};
 handle_sync_event(_Event, _From, StateName,
 		  StateData) ->
     Reply = ok, {reply, Reply, StateName, StateData}.

src/ejabberd_listener.erl

@@ -5,7 +5,7 @@
 %%% Created : 16 Nov 2002 by Alexey Shchepin <alexey@process-one.net>
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -17,10 +17,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 
@@ -36,7 +35,8 @@
 	 parse_listener_portip/2,
 	 add_listener/3,
 	 delete_listener/2,
-	 validate_cfg/1
+         transform_options/1,
+         validate_cfg/1
 	]).
 
 -include("ejabberd.hrl").
@@ -55,7 +55,7 @@ init(_) ->
     {ok, {{one_for_one, 10, 1}, []}}.
 
 bind_tcp_ports() ->
-    case ejabberd_config:get_local_option(listen, fun validate_cfg/1) of
+    case ejabberd_config:get_option(listen, fun validate_cfg/1) of
 	undefined ->
 	    ignore;
 	Ls ->
@@ -88,7 +88,7 @@ bind_tcp_port(PortIP, Module, RawOpts) ->
     end.
 
 start_listeners() ->
-    case ejabberd_config:get_local_option(listen, fun validate_cfg/1) of
+    case ejabberd_config:get_option(listen, fun validate_cfg/1) of
 	undefined ->
 	    ignore;
 	Ls ->
@@ -151,7 +151,20 @@ init_udp(PortIP, Module, Opts, SockOpts, Port, IPS) ->
 	{ok, Socket} ->
 	    %% Inform my parent that this port was opened succesfully
 	    proc_lib:init_ack({ok, self()}),
-	    udp_recv(Socket, Module, Opts);
+	    case erlang:function_exported(Module, udp_init, 2) of
+		false ->
+		    udp_recv(Socket, Module, Opts);
+		true ->
+		    case catch Module:udp_init(Socket, Opts) of
+			{'EXIT', _} = Err ->
+			    ?ERROR_MSG("failed to process callback function "
+				       "~p:~s(~p, ~p): ~p",
+				       [Module, udp_init, Socket, Opts, Err]),
+			    udp_recv(Socket, Module, Opts);
+			NewOpts ->
+			    udp_recv(Socket, Module, NewOpts)
+		    end
+	    end;
 	{error, Reason} ->
 	    socket_error(Reason, PortIP, Module, SockOpts, Port, IPS)
     end.
@@ -160,8 +173,20 @@ init_tcp(PortIP, Module, Opts, SockOpts, Port, IPS) ->
     ListenSocket = listen_tcp(PortIP, Module, SockOpts, Port, IPS),
     %% Inform my parent that this port was opened succesfully
     proc_lib:init_ack({ok, self()}),
-    %% And now start accepting connection attempts
-    accept(ListenSocket, Module, Opts).
+    case erlang:function_exported(Module, tcp_init, 2) of
+	false ->
+	    accept(ListenSocket, Module, Opts);
+	true ->
+	    case catch Module:tcp_init(ListenSocket, Opts) of
+		{'EXIT', _} = Err ->
+		    ?ERROR_MSG("failed to process callback function "
+			       "~p:~s(~p, ~p): ~p",
+			       [Module, tcp_init, ListenSocket, Opts, Err]),
+		    accept(ListenSocket, Module, Opts);
+		NewOpts ->
+		    accept(ListenSocket, Module, NewOpts)
+	    end
+    end.
 
 listen_tcp(PortIP, Module, SockOpts, Port, IPS) ->
     case ets:lookup(listen_sockets, PortIP) of
@@ -176,11 +201,7 @@ listen_tcp(PortIP, Module, SockOpts, Port, IPS) ->
 			catch
 			    _:_ -> []
 			end,
-	    DeliverAs = case Module of
-			    ejabberd_xmlrpc -> list;
-			    _ -> binary
-			end,
-	    Res = gen_tcp:listen(Port, [DeliverAs,
+	    Res = gen_tcp:listen(Port, [binary,
 					{packet, 0},
 					{active, false},
 					{reuseaddr, true},
@@ -267,7 +288,7 @@ strip_ip_option(Opts) ->
 			Opts),
     case IPL of
 	%% Only the first ip option is considered
-	[{ip, T1} | _] when is_tuple(T1) ->
+	[{ip, T1} | _] ->
 	    {T1, OptsNoIP};
 	[] ->
 	    {no_ip_option, OptsNoIP}
@@ -284,9 +305,10 @@ accept(ListenSocket, Module, Opts) ->
     case gen_tcp:accept(ListenSocket) of
 	{ok, Socket} ->
 	    case {inet:sockname(Socket), inet:peername(Socket)} of
-		{{ok, Addr}, {ok, PAddr}} ->
-		    ?INFO_MSG("(~w) Accepted connection ~w -> ~w",
-			      [Socket, PAddr, Addr]);
+		{{ok, {Addr, Port}}, {ok, {PAddr, PPort}}} ->
+		    ?INFO_MSG("(~w) Accepted connection ~s:~p -> ~s:~p",
+			      [Socket, inet_parse:ntoa(PAddr), PPort,
+			       inet_parse:ntoa(Addr), Port]);
 		_ ->
 		    ok
 	    end,
@@ -310,11 +332,11 @@ udp_recv(Socket, Module, Opts) ->
 		    ?ERROR_MSG("failed to process UDP packet:~n"
 			       "** Source: {~p, ~p}~n"
 			       "** Reason: ~p~n** Packet: ~p",
-			       [Addr, Port, Reason, Packet]);
-		_ ->
-		    ok
-	    end,
-	    udp_recv(Socket, Module, Opts);
+			       [Addr, Port, Reason, Packet]),
+		    udp_recv(Socket, Module, Opts);
+		NewOpts ->
+		    udp_recv(Socket, Module, NewOpts)
+	    end;
 	{error, Reason} ->
 	    ?ERROR_MSG("unexpected UDP error: ~s", [format_error(Reason)]),
 	    throw({error, Reason})
@@ -340,6 +362,7 @@ start_listener2(Port, Module, Opts) ->
     %% It is only required to start the supervisor in some cases.
     %% But it doesn't hurt to attempt to start it for any listener.
     %% So, it's normal (and harmless) that in most cases this call returns: {error, {already_started, pid()}}
+    maybe_start_sip(Module),
     start_module_sup(Port, Module),
     start_listener_sup(Port, Module, Opts).
 
@@ -364,7 +387,7 @@ start_listener_sup(Port, Module, Opts) ->
     supervisor:start_child(ejabberd_listeners, ChildSpec).
 
 stop_listeners() ->
-    Ports = ejabberd_config:get_local_option(listen, fun validate_cfg/1),
+    Ports = ejabberd_config:get_option(listen, fun validate_cfg/1),
     lists:foreach(
       fun({PortIpNetp, Module, _Opts}) ->
 	      delete_listener(PortIpNetp, Module)
@@ -397,7 +420,7 @@ add_listener(PortIP, Module, Opts) ->
     PortIP1 = {Port, IPT, Proto},
     case start_listener(PortIP1, Module, Opts) of
 	{ok, _Pid} ->
-	    Ports = case ejabberd_config:get_local_option(
+	    Ports = case ejabberd_config:get_option(
                            listen, fun validate_cfg/1) of
 			undefined ->
 			    [];
@@ -406,7 +429,8 @@ add_listener(PortIP, Module, Opts) ->
 		    end,
 	    Ports1 = lists:keydelete(PortIP1, 1, Ports),
 	    Ports2 = [{PortIP1, Module, Opts} | Ports1],
-	    ejabberd_config:add_local_option(listen, Ports2),
+            Ports3 = lists:map(fun transform_option/1, Ports2),
+	    ejabberd_config:add_option(listen, Ports3),
 	    ok;
 	{error, {already_started, _Pid}} ->
 	    {error, {already_started, PortIP}};
@@ -428,7 +452,7 @@ delete_listener(PortIP, Module) ->
 delete_listener(PortIP, Module, Opts) ->
     {Port, IPT, _, _, Proto, _} = parse_listener_portip(PortIP, Opts),
     PortIP1 = {Port, IPT, Proto},
-    Ports = case ejabberd_config:get_local_option(
+    Ports = case ejabberd_config:get_option(
                    listen, fun validate_cfg/1) of
 		undefined ->
 		    [];
@@ -436,7 +460,8 @@ delete_listener(PortIP, Module, Opts) ->
 		    Ls
 	    end,
     Ports1 = lists:keydelete(PortIP1, 1, Ports),
-    ejabberd_config:add_local_option(listen, Ports1),
+    Ports2 = lists:map(fun transform_option/1, Ports1),
+    ejabberd_config:add_option(listen, Ports2),
     stop_listener(PortIP1, Module).
 
 
@@ -452,6 +477,10 @@ is_frontend(_) -> false.
 strip_frontend({frontend, Module}) -> Module;
 strip_frontend(Module) when is_atom(Module) -> Module.
 
+maybe_start_sip(esip_socket) ->
+    ejabberd:start_app(esip);
+maybe_start_sip(_) ->
+    ok.
 
 %%%
 %%% Check options
@@ -541,6 +570,55 @@ format_error(Reason) ->
 -define(IS_PORT(P), (is_integer(P) and (P > 0) and (P =< 65535))).
 -define(IS_TRANSPORT(T), ((T == tcp) or (T == udp))).
 
+transform_option({{Port, IP, Transport}, Mod, Opts}) ->
+    IPStr = if is_tuple(IP) ->
+                    list_to_binary(inet_parse:ntoa(IP));
+               true ->
+                    IP
+            end,
+    Opts1 = lists:map(
+              fun({ip, IPT}) when is_tuple(IPT) ->
+                      {ip, list_to_binary(inet_parse:ntoa(IP))};
+                 (tls) -> {tls, true};
+                 (ssl) -> {tls, true};
+                 (zlib) -> {zlib, true};
+                 (starttls) -> {starttls, true};
+                 (starttls_required) -> {starttls_required, true};
+                 (Opt) -> Opt
+              end, Opts),
+    Opts2 = lists:foldl(
+              fun(Opt, Acc) ->
+                      try
+                          Mod:transform_listen_option(Opt, Acc)
+                      catch error:undef ->
+                              [Opt|Acc]
+                      end
+              end, [], Opts1),
+    TransportOpt = if Transport == tcp -> [];
+                      true -> [{transport, Transport}]
+                   end,
+    IPOpt = if IPStr == <<"0.0.0.0">> -> [];
+               true -> [{ip, IPStr}]
+            end,
+    IPOpt ++ TransportOpt ++ [{port, Port}, {module, Mod} | Opts2];
+transform_option({{Port, Transport}, Mod, Opts})
+  when ?IS_TRANSPORT(Transport) ->
+    transform_option({{Port, {0,0,0,0}, Transport}, Mod, Opts});
+transform_option({{Port, IP}, Mod, Opts}) ->
+    transform_option({{Port, IP, tcp}, Mod, Opts});
+transform_option({Port, Mod, Opts}) ->
+    transform_option({{Port, {0,0,0,0}, tcp}, Mod, Opts});
+transform_option(Opt) ->
+    Opt.
+
+transform_options(Opts) ->
+    lists:foldl(fun transform_options/2, [], Opts).
+
+transform_options({listen, LOpts}, Opts) ->
+    [{listen, lists:map(fun transform_option/1, LOpts)} | Opts];
+transform_options(Opt, Opts) ->
+    [Opt|Opts].
+
 -type transport() :: udp | tcp.
 -type port_ip_transport() :: inet:port_number() |
                              {inet:port_number(), transport()} |
@@ -551,18 +629,21 @@ format_error(Reason) ->
 
 validate_cfg(L) ->
     lists:map(
-      fun({PortIPTransport, Mod1, Opts}) when is_atom(Mod1), is_list(Opts) ->
-              Mod = prepare_mod(Mod1),
-              case PortIPTransport of
-                  Port when ?IS_PORT(Port) ->
-                      {Port, Mod, Opts};
-                  {Port, Trans} when ?IS_PORT(Port) and ?IS_TRANSPORT(Trans) ->
-                      {{Port, Trans}, Mod, Opts};
-                  {Port, IP} when ?IS_PORT(Port) ->
-                      {{Port, prepare_ip(IP)}, Mod, Opts};
-                  {Port, IP, Trans} when ?IS_PORT(Port) and ?IS_TRANSPORT(Trans) ->
-                      {{Port, prepare_ip(IP), Trans}, Mod, Opts}
-              end
+      fun(LOpts) ->
+              lists:foldl(
+                fun({port, Port}, {{_, IP, T}, Mod, Opts}) ->
+                        true = ?IS_PORT(Port),
+                        {{Port, IP, T}, Mod, Opts};
+                   ({ip, IP}, {{Port, _, T}, Mod, Opts}) ->
+                        {{Port, prepare_ip(IP), T}, Mod, Opts};
+                   ({transport, T}, {{Port, IP, _}, Mod, Opts}) ->
+                        true = ?IS_TRANSPORT(T),
+                        {{Port, IP, T}, Mod, Opts};
+                   ({module, Mod}, {Port, _, Opts}) ->
+                        {Port, prepare_mod(Mod), Opts};
+                   (Opt, {Port, Mod, Opts}) ->
+                        {Port, Mod, [Opt|Opts]}
+                end, {{5222, {0,0,0,0}, tcp}, ejabberd_c2s, []}, LOpts)
       end, L).
 
 prepare_ip({A, B, C, D} = IP)
@@ -578,10 +659,9 @@ prepare_ip(IP) when is_list(IP) ->
 prepare_ip(IP) when is_binary(IP) ->
     prepare_ip(binary_to_list(IP)).
 
-prepare_mod(ejabberd_stun) ->
-    prepare_mod(stun);
-prepare_mod(stun) ->
-    ejabberd:start_app(p1_stun),
-    stun;
-prepare_mod(Mod) ->
+prepare_mod(ejabberd_sip) ->
+    prepare_mod(sip);
+prepare_mod(sip) ->
+    esip_socket;
+prepare_mod(Mod) when is_atom(Mod) ->
     Mod.

src/ejabberd_local.erl

@@ -5,7 +5,7 @@
 %%% Created : 30 Nov 2002 by Alexey Shchepin <alexey@process-one.net>
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -17,10 +17,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 

src/ejabberd_logger.erl

@@ -18,40 +18,163 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 
 %%%-------------------------------------------------------------------
 -module(ejabberd_logger).
 
 %% API
--export([start/0, set_logfile/1, reopen_log/0, get/0, set/1,
-         debug_msg/4, info_msg/4, warning_msg/4, error_msg/4,
-         critical_msg/4]).
+-export([start/0, reopen_log/0, get/0, set/1, get_log_path/0]).
+
+-include("ejabberd.hrl").
+
+-type loglevel() :: 0 | 1 | 2 | 3 | 4 | 5.
+
+-spec start() -> ok.
+-spec get_log_path() -> string().
+-spec reopen_log() -> ok.
+-spec get() -> {loglevel(), atom(), string()}.
+-spec set(loglevel() | {loglevel(), list()}) -> {module, module()}.
 
 %%%===================================================================
 %%% API
 %%%===================================================================
+%% @doc Returns the full path to the ejabberd log file.
+%% It first checks for application configuration parameter 'log_path'.
+%% If not defined it checks the environment variable EJABBERD_LOG_PATH.
+%% And if that one is neither defined, returns the default value:
+%% "ejabberd.log" in current directory.
+get_log_path() ->
+    case application:get_env(ejabberd, log_path) of
+	{ok, Path} ->
+	    Path;
+	undefined ->
+	    case os:getenv("EJABBERD_LOG_PATH") of
+		false ->
+		    ?LOG_PATH;
+		Path ->
+		    Path
+	    end
+    end.
+
+-ifdef(LAGER).
+
+get_pos_integer_env(Name, Default) ->
+    case application:get_env(ejabberd, Name) of
+        {ok, I} when is_integer(I), I>0 ->
+            I;
+        undefined ->
+            Default;
+        {ok, Junk} ->
+            error_logger:error_msg("wrong value for ~s: ~p; "
+                                   "using ~p as a fallback~n",
+                                   [Name, Junk, Default]),
+            Default
+    end.
+get_pos_string_env(Name, Default) ->
+    case application:get_env(ejabberd, Name) of
+        {ok, L} when is_list(L) ->
+            L;
+        undefined ->
+            Default;
+        {ok, Junk} ->
+            error_logger:error_msg("wrong value for ~s: ~p; "
+                                   "using ~p as a fallback~n",
+                                   [Name, Junk, Default]),
+            Default
+    end.
+
 start() ->
+    application:load(sasl),
+    application:set_env(sasl, sasl_error_logger, false),
+    application:load(lager),
+    ConsoleLog = get_log_path(),
+    Dir = filename:dirname(ConsoleLog),
+    ErrorLog = filename:join([Dir, "error.log"]),
+    CrashLog = filename:join([Dir, "crash.log"]),
+    LogRotateDate = get_pos_string_env(log_rotate_date, ""),
+    LogRotateSize = get_pos_integer_env(log_rotate_size, 10*1024*1024),
+    LogRotateCount = get_pos_integer_env(log_rotate_count, 1),
+    LogRateLimit = get_pos_integer_env(log_rate_limit, 100),
+    application:set_env(lager, error_logger_hwm, LogRateLimit),
+    application:set_env(
+      lager, handlers,
+      [{lager_console_backend, info},
+       {lager_file_backend, [{file, ConsoleLog}, {level, info}, {date, LogRotateDate},
+                             {count, LogRotateCount}, {size, LogRotateSize}]},
+       {lager_file_backend, [{file, ErrorLog}, {level, error}, {date, LogRotateDate},
+                             {count, LogRotateCount}, {size, LogRotateSize}]}]),
+    application:set_env(lager, crash_log, CrashLog),
+    application:set_env(lager, crash_log_date, LogRotateDate),
+    application:set_env(lager, crash_log_size, LogRotateSize),
+    application:set_env(lager, crash_log_count, LogRotateCount),
+    ejabberd:start_app(lager),
     ok.
 
-set_logfile(FileName) ->
-    error_logger:add_report_handler(p1_logger_h, FileName).
+reopen_log() ->
+    lager_crash_log ! rotate,
+    lists:foreach(
+      fun({lager_file_backend, File}) ->
+              whereis(lager_event) ! {rotate, File};
+         (_) ->
+              ok
+      end, gen_event:which_handlers(lager_event)).
+
+get() ->
+    case lager:get_loglevel(lager_console_backend) of
+        none -> {0, no_log, "No log"};
+        emergency -> {1, critical, "Critical"};
+        alert -> {1, critical, "Critical"};
+        critical -> {1, critical, "Critical"};
+        error -> {2, error, "Error"};
+        warning -> {3, warning, "Warning"};
+        notice -> {3, warning, "Warning"};
+        info -> {4, info, "Info"};
+        debug -> {5, debug, "Debug"}
+    end.
+
+set(LogLevel) when is_integer(LogLevel) ->
+    LagerLogLevel = case LogLevel of
+                        0 -> none;
+                        1 -> critical;
+                        2 -> error;
+                        3 -> warning;
+                        4 -> info;
+                        5 -> debug
+                    end,
+    case lager:get_loglevel(lager_console_backend) of
+        LagerLogLevel ->
+            ok;
+        _ ->
+            ConsoleLog = get_log_path(),
+            lists:foreach(
+              fun({lager_file_backend, File} = H) when File == ConsoleLog ->
+                      lager:set_loglevel(H, LagerLogLevel);
+                 (lager_console_backend = H) ->
+                      lager:set_loglevel(H, LagerLogLevel);
+                 (_) ->
+                      ok
+              end, gen_event:which_handlers(lager_event))
+    end,
+    {module, lager};
+set({_LogLevel, _}) ->
+    error_logger:error_msg("custom loglevels are not supported for 'lager'"),
+    {module, lager}.
+
+-else.
+
+start() ->
+    set(4),
+    LogPath = get_log_path(),
+    error_logger:add_report_handler(p1_logger_h, LogPath),
+    ok.
 
 reopen_log() ->
     %% TODO: Use the Reopen log API for logger_h ?
     p1_logger_h:reopen_log(),
-    case application:get_env(sasl,sasl_error_logger) of
-	{ok, {file, SASLfile}} ->
-	    error_logger:delete_report_handler(sasl_report_file_h),
-	    p1_logger_h:rotate_log(SASLfile),
-	    error_logger:add_report_handler(sasl_report_file_h,
-	        {SASLfile, get_sasl_error_logger_type()});
-	_ -> false
-	end,
-    ok.
+    reopen_sasl_log().
 
 get() ->
     p1_loglevel:get().
@@ -59,24 +182,29 @@ get() ->
 set(LogLevel) ->
     p1_loglevel:set(LogLevel).
 
-debug_msg(Mod, Line, Format, Args) ->
-    p1_logger:debug_msg(Mod, Line, Format, Args).
-
-info_msg(Mod, Line, Format, Args) ->
-    p1_logger:info_msg(Mod, Line, Format, Args).
-
-warning_msg(Mod, Line, Format, Args) ->
-    p1_logger:warning_msg(Mod, Line, Format, Args).
-
-error_msg(Mod, Line, Format, Args) ->
-    p1_logger:error_msg(Mod, Line, Format, Args).
-
-critical_msg(Mod, Line, Format, Args) ->
-    p1_logger:critical_msg(Mod, Line, Format, Args).
-
 %%%===================================================================
 %%% Internal functions
 %%%===================================================================
+reopen_sasl_log() ->
+    case application:get_env(sasl,sasl_error_logger) of
+	{ok, {file, SASLfile}} ->
+	    error_logger:delete_report_handler(sasl_report_file_h),
+            rotate_sasl_log(SASLfile),
+	    error_logger:add_report_handler(sasl_report_file_h,
+	        {SASLfile, get_sasl_error_logger_type()});
+	_ -> false
+	end,
+    ok.
+
+rotate_sasl_log(Filename) ->
+    case file:read_file_info(Filename) of
+        {ok, _FileInfo} ->
+            file:rename(Filename, [Filename, ".0"]),
+            ok;
+        {error, _Reason} ->
+            ok
+    end.
+
 %% Function copied from Erlang/OTP lib/sasl/src/sasl.erl which doesn't export it
 get_sasl_error_logger_type () ->
     case application:get_env (sasl, errlog_type) of
@@ -86,3 +214,5 @@ get_sasl_error_logger_type () ->
 	{ok, Bad} -> exit ({bad_config, {sasl, {errlog_type, Bad}}});
 	_ -> all
     end.
+
+-endif.

src/ejabberd_node_groups.erl

@@ -5,7 +5,7 @@
 %%% Created :  1 Nov 2006 by Alexey Shchepin <alexey@process-one.net>
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -17,10 +17,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 
@@ -84,7 +83,12 @@ get_closest_node(Name) ->
 %%--------------------------------------------------------------------
 init([]) ->
     {FE, BE} =
-	case ejabberd_config:get_local_option(node_type, fun(N) -> N end) of
+	case ejabberd_config:get_option(
+               node_type,
+               fun(frontend) -> frontend;
+                  (backend) -> backend;
+                  (generic) -> generic
+               end, generic) of
 	    frontend ->
 		{true, false};
 	    backend ->

src/ejabberd_odbc.erl

@@ -5,7 +5,7 @@
 %%% Created :  8 Dec 2004 by Alexey Shchepin <alexey@process-one.net>
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -17,10 +17,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 
@@ -71,12 +70,12 @@
 
 -define(TOP_LEVEL_TXN, 0).
 
--define(MAX_TRANSACTION_RESTARTS, 10).
-
 -define(PGSQL_PORT, 5432).
 
 -define(MYSQL_PORT, 3306).
 
+-define(MAX_TRANSACTION_RESTARTS, 10).
+
 -define(TRANSACTION_TIMEOUT, 60000).
 
 -define(KEEPALIVE_TIMEOUT, 60000).
@@ -141,9 +140,12 @@ sql_bloc(Host, F) -> sql_call(Host, {sql_bloc, F}).
 sql_call(Host, Msg) ->
     case get(?STATE_KEY) of
       undefined ->
-	  (?GEN_FSM):sync_send_event(ejabberd_odbc_sup:get_random_pid(Host),
-				     {sql_cmd, Msg, now()},
-				     ?TRANSACTION_TIMEOUT);
+        case ejabberd_odbc_sup:get_random_pid(Host) of
+          none -> {error, <<"Unknown Host">>};
+          Pid ->
+            (?GEN_FSM):sync_send_event(Pid,{sql_cmd, Msg, now()},
+                                       ?TRANSACTION_TIMEOUT)
+          end;
       _State -> nested_op(Msg)
     end.
 
@@ -201,7 +203,7 @@ decode_term(Bin) ->
 %%% Callback functions from gen_fsm
 %%%----------------------------------------------------------------------
 init([Host, StartInterval]) ->
-    case ejabberd_config:get_local_option(
+    case ejabberd_config:get_option(
            {odbc_keepalive_interval, Host},
            fun(I) when is_integer(I), I>0 -> I end) of
         undefined ->
@@ -325,7 +327,7 @@ handle_info(Info, StateName, State) ->
 terminate(_Reason, _StateName, State) ->
     ejabberd_odbc_sup:remove_pid(State#state.host, self()),
     case State#state.db_type of
-      mysql -> catch mysql_conn:stop(State#state.db_ref);
+      mysql -> catch p1_mysql_conn:stop(State#state.db_ref);
       _ -> ok
     end,
     ok.
@@ -447,9 +449,9 @@ sql_query_internal(Query) ->
 	    mysql ->
 		?DEBUG("MySQL, Send query~n~p~n", [Query]),  
 		%%squery to be able to specify result_type = binary
-		%%[Query] because mysql_conn expect query to be a list (elements can be binaries, or iolist)
-		%%        but doesn't accept just a binary 
-		R = mysql_to_odbc(mysql_conn:squery(State#state.db_ref,
+		%%[Query] because p1_mysql_conn expect query to be a list (elements can be binaries, or iolist)
+		%%        but doesn't accept just a binary
+		R = mysql_to_odbc(p1_mysql_conn:squery(State#state.db_ref,
 						   [Query], self(),
 						   [{timeout, (?TRANSACTION_TIMEOUT) - 1000},
 						    {result_type, binary}])),
@@ -484,7 +486,7 @@ abort_on_driver_error(Reply, From) ->
 %% Open an ODBC database connection
 odbc_connect(SQLServer) ->
     ejabberd:start_app(odbc),
-    odbc:connect(SQLServer, [{scrollable_cursors, off}]).
+    odbc:connect(binary_to_list(SQLServer), [{scrollable_cursors, off}]).
 
 %% == Native PostgreSQL code
 
@@ -515,6 +517,9 @@ pgsql_to_odbc({ok, PGSQLResult}) ->
 pgsql_item_to_odbc({<<"SELECT", _/binary>>, Rows,
 		    Recs}) ->
     {selected, [element(1, Row) || Row <- Rows], Recs};
+pgsql_item_to_odbc({<<"FETCH", _/binary>>, Rows,
+		    Recs}) ->
+    {selected, [element(1, Row) || Row <- Rows], Recs};
 pgsql_item_to_odbc(<<"INSERT ", OIDN/binary>>) ->
     [_OID, N] = str:tokens(OIDN, <<" ">>),
     {updated, jlib:binary_to_integer(N)};
@@ -530,12 +535,12 @@ pgsql_item_to_odbc(_) -> {updated, undefined}.
 %% part of init/1
 %% Open a database connection to MySQL
 mysql_connect(Server, Port, DB, Username, Password) ->
-    case mysql_conn:start(binary_to_list(Server), Port,
+    case p1_mysql_conn:start(binary_to_list(Server), Port,
                           binary_to_list(Username), binary_to_list(Password),
 			  binary_to_list(DB), fun log/3)
 	of
       {ok, Ref} ->
-	  mysql_conn:fetch(Ref, [<<"set names 'utf8';">>],
+	  p1_mysql_conn:fetch(Ref, [<<"set names 'utf8';">>],
 			   self()),
 	  {ok, Ref};
       Err -> Err
@@ -543,15 +548,21 @@ mysql_connect(Server, Port, DB, Username, Password) ->
 
 %% Convert MySQL query result to Erlang ODBC result formalism
 mysql_to_odbc({updated, MySQLRes}) ->
-    {updated, mysql:get_result_affected_rows(MySQLRes)};
+    {updated, p1_mysql:get_result_affected_rows(MySQLRes)};
 mysql_to_odbc({data, MySQLRes}) ->
-    mysql_item_to_odbc(mysql:get_result_field_info(MySQLRes),
-		       mysql:get_result_rows(MySQLRes));
+    mysql_item_to_odbc(p1_mysql:get_result_field_info(MySQLRes),
+		       p1_mysql:get_result_rows(MySQLRes));
 mysql_to_odbc({error, MySQLRes})
-    when is_binary(MySQLRes) ->
+  when is_binary(MySQLRes) ->
     {error, MySQLRes};
+mysql_to_odbc({error, MySQLRes})
+  when is_list(MySQLRes) ->
+    {error, list_to_binary(MySQLRes)};
 mysql_to_odbc({error, MySQLRes}) ->
-    {error, mysql:get_result_reason(MySQLRes)}.
+    {error, p1_mysql:get_result_reason(MySQLRes)};
+mysql_to_odbc(ok) ->
+    ok.
+
 
 %% When tabular data is returned, convert it to the ODBC formalism
 mysql_item_to_odbc(Columns, Recs) ->
@@ -570,39 +581,39 @@ log(Level, Format, Args) ->
     end.
 
 db_opts(Host) ->
-    case ejabberd_config:get_local_option(
-           {odbc_server, Host},
-           fun({Type, Server, DB, User, Pass}) ->
-                   {Type,
-                    iolist_to_binary(Server),
-                    case Type of
-                        mysql -> ?MYSQL_PORT;
-                        pgsql -> ?PGSQL_PORT
-                    end,
-                    iolist_to_binary(DB),
-                    iolist_to_binary(User),
-                    iolist_to_binary(Pass)};
-              ({Type, Server, Port, DB, User, Pass})
-                 when ((Type == mysql) or (Type == pgsql))
-                      and (is_integer(Port) and ((Port > 0)
-                                                 and (Port < 65536))) ->
-                   {Type,
-                    iolist_to_binary(Server),
-                    Port,
-                    iolist_to_binary(DB),
-                    iolist_to_binary(User),
-                    iolist_to_binary(Pass)};
-              (S) ->
-                   iolist_to_binary(S)
-           end, <<"localhost">>) of
-        {Type, Server, Port, DB, User, Pass} ->
-            [Type, Server, Port, DB, User, Pass];
-        SQLServer ->
-            [odbc, SQLServer]
+    Type = ejabberd_config:get_option({odbc_type, Host},
+                                      fun(mysql) -> mysql;
+                                         (pgsql) -> pgsql;
+                                         (odbc) -> odbc
+                                      end, odbc),
+    Server = ejabberd_config:get_option({odbc_server, Host},
+                                        fun iolist_to_binary/1,
+                                        <<"localhost">>),
+    case Type of
+        odbc ->
+            [odbc, Server];
+        _ ->
+            Port = ejabberd_config:get_option(
+                     {odbc_port, Host},
+                     fun(P) when is_integer(P), P > 0, P < 65536 -> P end,
+                     case Type of
+                         mysql -> ?MYSQL_PORT;
+                         pgsql -> ?PGSQL_PORT
+                     end),
+            DB = ejabberd_config:get_option({odbc_database, Host},
+                                            fun iolist_to_binary/1,
+                                            <<"ejabberd">>),
+            User = ejabberd_config:get_option({odbc_username, Host},
+                                              fun iolist_to_binary/1,
+                                              <<"ejabberd">>),
+            Pass = ejabberd_config:get_option({odbc_password, Host},
+                                              fun iolist_to_binary/1,
+                                              <<"">>),
+            [Type, Server, Port, DB, User, Pass]
     end.
 
 max_fsm_queue() ->
-    ejabberd_config:get_local_option(
+    ejabberd_config:get_option(
       max_fsm_queue,
       fun(N) when is_integer(N), N > 0 -> N end).
 

src/ejabberd_odbc_sup.erl

@@ -5,7 +5,7 @@
 %%% Created : 22 Dec 2004 by Alexey Shchepin <alexey@process-one.net>
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -17,10 +17,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 
@@ -30,11 +29,15 @@
 
 %% API
 -export([start_link/1, init/1, add_pid/2, remove_pid/2,
-	 get_pids/1, get_random_pid/1]).
+	 get_pids/1, get_random_pid/1, transform_options/1]).
 
 -include("ejabberd.hrl").
 -include("logger.hrl").
 
+-define(PGSQL_PORT, 5432).
+
+-define(MYSQL_PORT, 3306).
+
 -define(DEFAULT_POOL_SIZE, 10).
 
 -define(DEFAULT_ODBC_START_INTERVAL, 30).
@@ -56,11 +59,11 @@ start_link(Host) ->
 			  ?MODULE, [Host]).
 
 init([Host]) ->
-    PoolSize = ejabberd_config:get_local_option(
+    PoolSize = ejabberd_config:get_option(
                  {odbc_pool_size, Host},
                  fun(I) when is_integer(I), I>0 -> I end,
                  ?DEFAULT_POOL_SIZE),
-    StartInterval = ejabberd_config:get_local_option(
+    StartInterval = ejabberd_config:get_option(
                       {odbc_start_interval, Host},
                       fun(I) when is_integer(I), I>0 -> I end,
                       ?DEFAULT_ODBC_START_INTERVAL),
@@ -79,8 +82,10 @@ get_pids(Host) ->
     [R#sql_pool.pid || R <- Rs].
 
 get_random_pid(Host) ->
-    Pids = get_pids(Host),
-    lists:nth(erlang:phash(now(), length(Pids)), Pids).
+    case get_pids(Host) of
+      [] -> none;
+      Pids -> lists:nth(erlang:phash(now(), length(Pids)), Pids)
+    end.
 
 add_pid(Host, Pid) ->
     F = fun () ->
@@ -93,3 +98,20 @@ remove_pid(Host, Pid) ->
 		mnesia:delete_object(#sql_pool{host = Host, pid = Pid})
 	end,
     mnesia:ets(F).
+
+transform_options(Opts) ->
+    lists:foldl(fun transform_options/2, [], Opts).
+
+transform_options({odbc_server, {Type, Server, Port, DB, User, Pass}}, Opts) ->
+    [{odbc_type, Type},
+     {odbc_server, Server},
+     {odbc_port, Port},
+     {odbc_database, DB},
+     {odbc_username, User},
+     {odbc_password, Pass}|Opts];
+transform_options({odbc_server, {mysql, Server, DB, User, Pass}}, Opts) ->
+    transform_options({odbc_server, {mysql, Server, ?MYSQL_PORT, DB, User, Pass}}, Opts);
+transform_options({odbc_server, {pgsql, Server, DB, User, Pass}}, Opts) ->
+    transform_options({odbc_server, {pgsql, Server, ?PGSQL_PORT, DB, User, Pass}}, Opts);
+transform_options(Opt, Opts) ->
+    [Opt|Opts].

src/ejabberd_piefxis.erl

@@ -9,7 +9,7 @@
 %%% @doc
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -21,10 +21,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 

src/ejabberd_rdbms.erl

@@ -5,7 +5,7 @@
 %%% Created : 31 Jan 2003 by Alexey Shchepin <alexey@process-one.net>
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -17,10 +17,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 
@@ -34,7 +33,8 @@
 -include("logger.hrl").
 
 start() ->
-    case lists:any(fun needs_odbc/1, ?MYHOSTS) of
+    case lists:any(fun(H) -> needs_odbc(H) /= false end,
+                   ?MYHOSTS) of
         true ->
             start_hosts();
         false ->
@@ -45,14 +45,15 @@ start() ->
 start_hosts() ->
     lists:foreach(fun (Host) ->
 			  case needs_odbc(Host) of
-			    true -> start_odbc(Host);
+			    {true, App} -> start_odbc(Host, App);
 			    false -> ok
 			  end
 		  end,
 		  ?MYHOSTS).
 
 %% Start the ODBC module on the given host
-start_odbc(Host) ->
+start_odbc(Host, App) ->
+    ejabberd:start_app(App),
     Supervisor_name = gen_mod:get_module_proc(Host,
 					      ejabberd_odbc_sup),
     ChildSpec = {Supervisor_name,
@@ -64,11 +65,19 @@ start_odbc(Host) ->
 	  ?ERROR_MSG("Start of supervisor ~p failed:~n~p~nRetrying."
 		     "..~n",
 		     [Supervisor_name, _Error]),
-	  start_odbc(Host)
+	  start_odbc(Host, App)
     end.
 
-%% Returns true if we have configured odbc_server for the given host
+%% Returns {true, App} if we have configured odbc for the given host
 needs_odbc(Host) ->
     LHost = jlib:nameprep(Host),
-    ejabberd_config:get_local_option(
-      {odbc_server, LHost}, fun(_) -> true end, false).
+    case ejabberd_config:get_option({odbc_type, LHost},
+                                    fun(mysql) -> mysql;
+                                       (pgsql) -> pgsql;
+                                       (odbc) -> odbc
+                                    end, undefined) of
+        mysql -> {true, p1_mysql};
+        pgsql -> {true, p1_pgsql};
+        odbc -> {true, odbc};
+        undefined -> false
+    end.

src/ejabberd_receiver.erl

@@ -5,7 +5,7 @@
 %%% Created : 10 Nov 2003 by Alexey Shchepin <alexey@process-one.net>
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -17,10 +17,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 

src/ejabberd_regexp.erl

@@ -5,7 +5,7 @@
 %%% Created : 8 Dec 2011 by Badlop
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -17,10 +17,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 

src/ejabberd_riak.erl

@@ -0,0 +1,554 @@
+%%%-------------------------------------------------------------------
+%%% @author Alexey Shchepin <alexey@process-one.net>
+%%% @doc
+%%% Interface for Riak database
+%%% @end
+%%% Created : 29 Dec 2011 by Alexey Shchepin <alexey@process-one.net>
+%%% @copyright (C) 2002-2014   ProcessOne
+%%%
+%%% This program is free software; you can redistribute it and/or
+%%% modify it under the terms of the GNU General Public License as
+%%% published by the Free Software Foundation; either version 2 of the
+%%% License, or (at your option) any later version.
+%%%
+%%% This program is distributed in the hope that it will be useful,
+%%% but WITHOUT ANY WARRANTY; without even the implied warranty of
+%%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+%%% General Public License for more details.
+%%%
+%%% You should have received a copy of the GNU General Public License
+%%% along with this program; if not, write to the Free Software
+%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+%%% 02111-1307 USA
+%%%
+%%%-------------------------------------------------------------------
+-module(ejabberd_riak).
+
+-behaviour(gen_server).
+
+%% API
+-export([start_link/4, get_proc/1, make_bucket/1, put/2, put/3,
+         get/2, get/3, get_by_index/4, delete/1, delete/2,
+         count_by_index/3, get_by_index_range/5,
+         get_keys/1, get_keys_by_index/3, is_connected/0,
+         count/1, delete_by_index/3]).
+%% For debugging
+-export([get_tables/0]).
+%% map/reduce exports
+-export([map_key/3]).
+
+%% gen_server callbacks
+-export([init/1, handle_call/3, handle_cast/2, handle_info/2,
+         terminate/2, code_change/3]).
+
+-include("ejabberd.hrl").
+-include("logger.hrl").
+
+-record(state, {pid = self() :: pid()}).
+
+-type index() :: {binary(), any()}.
+
+-type index_info() :: [{i, any()} | {'2i', [index()]}].
+
+%% The `record_schema()' is just a tuple:
+%% {record_info(fields, some_record), #some_record{}}
+
+-type record_schema() :: {[atom()], tuple()}.
+
+%% The `index_info()' is used in put/delete functions:
+%% `i' defines a primary index, `` '2i' '' defines secondary indexes.
+%% There must be only one primary index. If `i' is not specified,
+%% the first element of the record is assumed as a primary index,
+%% i.e. `i' = element(2, Record).
+
+-export_types([index_info/0]).
+
+%%%===================================================================
+%%% API
+%%%===================================================================
+%% @private
+start_link(Num, Server, Port, _StartInterval) ->
+    gen_server:start_link({local, get_proc(Num)}, ?MODULE, [Server, Port], []).
+
+%% @private
+is_connected() ->
+    catch riakc_pb_socket:is_connected(get_random_pid()).
+
+%% @private
+get_proc(I) ->
+    jlib:binary_to_atom(
+      iolist_to_binary(
+	[atom_to_list(?MODULE), $_, integer_to_list(I)])).
+
+-spec make_bucket(atom()) -> binary().
+%% @doc Makes a bucket from a table name
+%% @private
+make_bucket(Table) ->
+    erlang:atom_to_binary(Table, utf8).
+
+-spec put(tuple(), record_schema()) -> ok | {error, any()}.
+%% @equiv put(Record, [])
+put(Record, RecFields) ->
+    ?MODULE:put(Record, RecFields, []).
+
+-spec put(tuple(), record_schema(), index_info()) -> ok | {error, any()}.
+%% @doc Stores a record `Rec' with indexes described in ``IndexInfo''
+put(Rec, RecSchema, IndexInfo) ->
+    Key = encode_key(proplists:get_value(i, IndexInfo, element(2, Rec))),
+    SecIdxs = [encode_index_key(K, V) ||
+                  {K, V} <- proplists:get_value('2i', IndexInfo, [])],
+    Table = element(1, Rec),
+    Value = encode_record(Rec, RecSchema),
+    case put_raw(Table, Key, Value, SecIdxs) of
+        ok ->
+            ok;
+        {error, _} = Error ->
+            log_error(Error, put, [{record, Rec},
+                                   {index_info, IndexInfo}]),
+            Error
+    end.
+
+put_raw(Table, Key, Value, Indexes) ->
+    Bucket = make_bucket(Table),
+    Obj = riakc_obj:new(Bucket, Key, Value, "application/x-erlang-term"),
+    Obj1 = if Indexes /= [] ->
+                   MetaData = dict:store(<<"index">>, Indexes, dict:new()),
+                   riakc_obj:update_metadata(Obj, MetaData);
+              true ->
+                   Obj
+           end,
+    catch riakc_pb_socket:put(get_random_pid(), Obj1).
+
+get_object_raw(Table, Key) ->
+    Bucket = make_bucket(Table),
+    catch riakc_pb_socket:get(get_random_pid(), Bucket, Key).
+
+-spec get(atom(), record_schema()) -> {ok, [any()]} | {error, any()}.
+%% @doc Returns all objects from table `Table'
+get(Table, RecSchema) ->
+    Bucket = make_bucket(Table),
+    case catch riakc_pb_socket:mapred(
+		 get_random_pid(),
+		 Bucket,
+		 [{map, {modfun, riak_kv_mapreduce, map_object_value},
+		   none, true}]) of
+        {ok, [{_, Objs}]} ->
+            {ok, lists:flatmap(
+                   fun(Obj) ->
+                           case catch decode_record(Obj, RecSchema) of
+                               {'EXIT', _} ->
+                                   Error = {error, make_invalid_object(Obj)},
+                                   log_error(Error, get,
+                                             [{table, Table}]),
+                                   [];
+                               Term ->
+                                   [Term]
+                           end
+                   end, Objs)};
+	{ok, []} ->
+	    {ok, []};
+        {error, notfound} ->
+            {ok, []};
+        {error, _} = Error ->
+            Error
+    end.
+
+-spec get(atom(), record_schema(), any()) -> {ok, any()} | {error, any()}.
+%% @doc Reads record by `Key' from table `Table'
+get(Table, RecSchema, Key) ->
+    case get_raw(Table, encode_key(Key)) of
+        {ok, Val} ->
+            case catch decode_record(Val, RecSchema) of
+                {'EXIT', _} ->
+                    Error = {error, make_invalid_object(Val)},
+                    log_error(Error, get, [{table, Table}, {key, Key}]),
+                    {error, notfound};
+                Term ->
+                    {ok, Term}
+            end;
+        {error, _} = Error ->
+            log_error(Error, get, [{table, Table},
+                                   {key, Key}]),
+            Error
+    end.
+
+-spec get_by_index(atom(), record_schema(), binary(), any()) ->
+			  {ok, [any()]} | {error, any()}.
+%% @doc Reads records by `Index' and value `Key' from `Table' 
+get_by_index(Table, RecSchema, Index, Key) ->
+    {NewIndex, NewKey} = encode_index_key(Index, Key),
+    case get_by_index_raw(Table, NewIndex, NewKey) of
+        {ok, Vals} ->
+            {ok, lists:flatmap(
+                   fun(Val) ->
+                           case catch decode_record(Val, RecSchema) of
+                               {'EXIT', _} ->
+                                   Error = {error, make_invalid_object(Val)},
+                                   log_error(Error, get_by_index,
+                                             [{table, Table},
+                                              {index, Index},
+                                              {key, Key}]),
+                                   [];
+                               Term ->
+                                   [Term]
+                           end
+                   end, Vals)};
+        {error, notfound} ->
+            {ok, []};
+        {error, _} = Error ->
+            log_error(Error, get_by_index,
+                      [{table, Table},
+                       {index, Index},
+                       {key, Key}]),
+            Error
+    end.
+
+-spec get_by_index_range(atom(), record_schema(), binary(), any(), any()) ->
+                                {ok, [any()]} | {error, any()}.
+%% @doc Reads records by `Index' in the range `FromKey'..`ToKey' from `Table'
+get_by_index_range(Table, RecSchema, Index, FromKey, ToKey) ->
+    {NewIndex, NewFromKey} = encode_index_key(Index, FromKey),
+    {NewIndex, NewToKey} = encode_index_key(Index, ToKey),
+    case get_by_index_range_raw(Table, NewIndex, NewFromKey, NewToKey) of
+        {ok, Vals} ->
+            {ok, lists:flatmap(
+                   fun(Val) ->
+                           case catch decode_record(Val, RecSchema) of
+                               {'EXIT', _} ->
+                                   Error = {error, make_invalid_object(Val)},
+                                   log_error(Error, get_by_index_range,
+                                             [{table, Table},
+                                              {index, Index},
+                                              {start_key, FromKey},
+                                              {end_key, ToKey}]),
+                                   [];
+                               Term ->
+                                   [Term]
+                           end
+                   end, Vals)};
+        {error, notfound} ->
+            {ok, []};
+        {error, _} = Error ->
+            log_error(Error, get_by_index_range,
+                      [{table, Table}, {index, Index},
+                       {start_key, FromKey}, {end_key, ToKey}]),
+            Error
+    end.
+
+get_raw(Table, Key) ->
+    case get_object_raw(Table, Key) of
+        {ok, Obj} ->
+            {ok, riakc_obj:get_value(Obj)};
+        {error, _} = Error ->
+            Error
+    end.
+
+-spec get_keys(atom()) -> {ok, [any()]} | {error, any()}.
+%% @doc Returns a list of index values
+get_keys(Table) ->
+    Bucket = make_bucket(Table),
+    case catch riakc_pb_socket:mapred(
+		 get_random_pid(),
+		 Bucket,
+		 [{map, {modfun, ?MODULE, map_key}, none, true}]) of
+        {ok, [{_, Keys}]} ->
+            {ok, Keys};
+	{ok, []} ->
+	    {ok, []};
+        {error, _} = Error ->
+            log_error(Error, get_keys, [{table, Table}]),
+            Error
+    end.
+
+-spec get_keys_by_index(atom(), binary(),
+                        any()) -> {ok, [any()]} | {error, any()}.
+%% @doc Returns a list of primary keys of objects indexed by `Key'.
+get_keys_by_index(Table, Index, Key) ->
+    {NewIndex, NewKey} = encode_index_key(Index, Key),
+    Bucket = make_bucket(Table),
+    case catch riakc_pb_socket:mapred(
+		 get_random_pid(),
+		 {index, Bucket, NewIndex, NewKey},
+		 [{map, {modfun, ?MODULE, map_key}, none, true}]) of
+        {ok, [{_, Keys}]} ->
+            {ok, Keys};
+	{ok, []} ->
+	    {ok, []};
+        {error, _} = Error ->
+            log_error(Error, get_keys_by_index, [{table, Table},
+                                                 {index, Index},
+                                                 {key, Key}]),
+            Error
+    end.
+
+%% @hidden
+get_tables() ->
+    catch riakc_pb_socket:list_buckets(get_random_pid()).
+
+get_by_index_raw(Table, Index, Key) ->
+    Bucket = make_bucket(Table),
+    case riakc_pb_socket:mapred(
+           get_random_pid(),
+           {index, Bucket, Index, Key},
+           [{map, {modfun, riak_kv_mapreduce, map_object_value},
+             none, true}]) of
+        {ok, [{_, Objs}]} ->
+            {ok, Objs};
+	{ok, []} ->
+	    {ok, []};
+        {error, _} = Error ->
+            Error
+    end.
+
+get_by_index_range_raw(Table, Index, FromKey, ToKey) ->
+    Bucket = make_bucket(Table),
+    case catch riakc_pb_socket:mapred(
+		 get_random_pid(),
+		 {index, Bucket, Index, FromKey, ToKey},
+		 [{map, {modfun, riak_kv_mapreduce, map_object_value},
+		   none, true}]) of
+        {ok, [{_, Objs}]} ->
+            {ok, Objs};
+	{ok, []} ->
+	    {ok, []};
+        {error, _} = Error ->
+            Error
+    end.
+
+-spec count(atom()) -> {ok, non_neg_integer()} | {error, any()}.
+%% @doc Returns the number of objects in the `Table'
+count(Table) ->
+    Bucket = make_bucket(Table),
+    case catch riakc_pb_socket:mapred(
+		 get_random_pid(),
+		 Bucket,
+		 [{reduce, {modfun, riak_kv_mapreduce, reduce_count_inputs},
+		   none, true}]) of
+        {ok, [{_, [Cnt]}]} ->
+            {ok, Cnt};
+        {error, _} = Error ->
+            log_error(Error, count, [{table, Table}]),
+            Error
+    end.
+
+-spec count_by_index(atom(), binary(), any()) ->
+                            {ok, non_neg_integer()} | {error, any()}.
+%% @doc Returns the number of objects in the `Table' by index
+count_by_index(Tab, Index, Key) ->
+    {NewIndex, NewKey} = encode_index_key(Index, Key),
+    case count_by_index_raw(Tab, NewIndex, NewKey) of
+        {ok, Cnt} ->
+            {ok, Cnt};
+        {error, notfound} ->
+            {ok, 0};
+        {error, _} = Error ->
+            log_error(Error, count_by_index,
+                      [{table, Tab},
+                       {index, Index},
+                       {key, Key}]),
+            Error
+    end.
+
+count_by_index_raw(Table, Index, Key) ->
+    Bucket = make_bucket(Table),
+    case catch riakc_pb_socket:mapred(
+		 get_random_pid(),
+		 {index, Bucket, Index, Key},
+		 [{reduce, {modfun, riak_kv_mapreduce, reduce_count_inputs},
+		   none, true}]) of
+        {ok, [{_, [Cnt]}]} ->
+            {ok, Cnt};
+        {error, _} = Error ->
+            Error
+    end.
+
+-spec delete(tuple() | atom()) -> ok | {error, any()}.
+%% @doc Same as delete(T, []) when T is record.
+%% Or deletes all elements from table if T is atom.
+delete(Rec) when is_tuple(Rec) ->
+    delete(Rec, []);
+delete(Table) when is_atom(Table) ->
+    try
+        {ok, Keys} = ?MODULE:get_keys(Table),
+        lists:foreach(
+          fun(K) ->
+                  ok = delete(Table, K)
+          end, Keys)
+    catch _:{badmatch, Err} ->
+            Err
+    end.
+
+-spec delete(tuple() | atom(), index_info() | any()) -> ok | {error, any()}.
+%% @doc Delete an object
+delete(Rec, Opts) when is_tuple(Rec) ->
+    Table = element(1, Rec),
+    Key = proplists:get_value(i, Opts, element(2, Rec)),
+    delete(Table, Key);
+delete(Table, Key) when is_atom(Table) ->
+    case delete_raw(Table, encode_key(Key)) of
+        ok ->
+            ok;
+        Err ->
+            log_error(Err, delete, [{table, Table}, {key, Key}]),
+            Err
+    end.
+
+delete_raw(Table, Key) ->
+    Bucket = make_bucket(Table),
+    catch riakc_pb_socket:delete(get_random_pid(), Bucket, Key).
+
+-spec delete_by_index(atom(), binary(), any()) -> ok | {error, any()}.
+%% @doc Deletes objects by index
+delete_by_index(Table, Index, Key) ->
+    try
+        {ok, Keys} = get_keys_by_index(Table, Index, Key),
+        lists:foreach(
+          fun(K) ->
+                  ok = delete(Table, K)
+          end, Keys)
+    catch _:{badmatch, Err} ->
+            Err
+    end.
+
+%%%===================================================================
+%%% map/reduce functions
+%%%===================================================================
+%% @private
+map_key(Obj, _, _) ->
+    [case riak_object:key(Obj) of
+         <<"b_", B/binary>> ->
+             B;
+         <<"i_", B/binary>> ->
+             list_to_integer(binary_to_list(B));
+         B ->
+             erlang:binary_to_term(B)
+     end].
+
+%%%===================================================================
+%%% gen_server API
+%%%===================================================================
+%% @private
+init([Server, Port]) ->
+    case riakc_pb_socket:start(
+           Server, Port,
+           [auto_reconnect]) of
+        {ok, Pid} ->
+            erlang:monitor(process, Pid),
+            {ok, #state{pid = Pid}};
+        Err ->
+            {stop, Err}
+    end.
+
+%% @private
+handle_call(get_pid, _From, #state{pid = Pid} = State) ->
+    {reply, {ok, Pid}, State};
+handle_call(_Request, _From, State) ->
+    Reply = ok,
+    {reply, Reply, State}.
+
+%% @private
+handle_cast(_Msg, State) ->
+    {noreply, State}.
+
+%% @private
+handle_info({'DOWN', _MonitorRef, _Type, _Object, _Info}, State) ->
+    {stop, normal, State};
+handle_info(_Info, State) ->
+    ?ERROR_MSG("unexpected info: ~p", [_Info]),
+    {noreply, State}.
+
+%% @private
+terminate(_Reason, _State) ->
+    ok.
+
+%% @private
+code_change(_OldVsn, State, _Extra) ->
+    {ok, State}.
+
+%%%===================================================================
+%%% Internal functions
+%%%===================================================================
+encode_index_key(Idx, Key) when is_integer(Key) ->
+    {<<Idx/binary, "_int">>, Key};
+encode_index_key(Idx, Key) ->
+    {<<Idx/binary, "_bin">>, encode_key(Key)}.
+
+encode_key(Bin) when is_binary(Bin) ->
+    <<"b_", Bin/binary>>;
+encode_key(Int) when is_integer(Int) ->
+    <<"i_", (list_to_binary(integer_to_list(Int)))/binary>>;
+encode_key(Term) ->
+    erlang:term_to_binary(Term).
+
+log_error({error, notfound}, _, _) ->
+    ok;
+log_error({error, Why} = Err, Function, Opts) ->
+    Txt = lists:map(
+            fun({table, Table}) ->
+                    io_lib:fwrite("** Table: ~p~n", [Table]);
+               ({key, Key}) ->
+                    io_lib:fwrite("** Key: ~p~n", [Key]);
+               ({index, Index}) ->
+                    io_lib:fwrite("** Index = ~p~n", [Index]);
+               ({start_key, Key}) ->
+                    io_lib:fwrite("** Start Key: ~p~n", [Key]);
+               ({end_key, Key}) ->
+                    io_lib:fwrite("** End Key: ~p~n", [Key]);
+               ({record, Rec}) ->
+                    io_lib:fwrite("** Record = ~p~n", [Rec]);
+               ({index_info, IdxInfo}) ->
+                    io_lib:fwrite("** Index info = ~p~n", [IdxInfo]);
+               (_) ->
+                    ""
+            end, Opts),
+    ErrTxt = if is_binary(Why) ->
+                     io_lib:fwrite("** Error: ~s", [Why]);
+                true ->
+                     io_lib:fwrite("** Error: ~p", [Err])
+             end,
+    ?ERROR_MSG("database error:~n** Function: ~p~n~s~s",
+               [Function, Txt, ErrTxt]);
+log_error(_, _, _) ->
+    ok.
+
+make_invalid_object(Val) ->
+    list_to_binary(io_lib:fwrite("Invalid object: ~p", [Val])).
+
+get_random_pid() ->
+    PoolPid = ejabberd_riak_sup:get_random_pid(),
+    case catch gen_server:call(PoolPid, get_pid) of
+	{ok, Pid} ->
+	    Pid;
+	{'EXIT', {timeout, _}} ->
+	    throw({error, timeout});
+	{'EXIT', Err} ->
+	    throw({error, Err})
+    end.
+
+encode_record(Rec, {Fields, DefRec}) ->
+    term_to_binary(encode_record(Rec, Fields, DefRec, 2)).
+
+encode_record(Rec, [FieldName|Fields], DefRec, Pos) ->
+    Value = element(Pos, Rec),
+    DefValue = element(Pos, DefRec),
+    if Value == DefValue ->
+	    encode_record(Rec, Fields, DefRec, Pos+1);
+       true ->
+	    [{FieldName, Value}|encode_record(Rec, Fields, DefRec, Pos+1)]
+    end;
+encode_record(_, [], _, _) ->
+    [].
+
+decode_record(Bin, {Fields, DefRec}) ->
+    decode_record(binary_to_term(Bin), Fields, DefRec, 2).
+
+decode_record(KeyVals, [FieldName|Fields], Rec, Pos) ->
+    case lists:keyfind(FieldName, 1, KeyVals) of
+	{_, Value} ->
+	    NewRec = setelement(Pos, Rec, Value),
+	    decode_record(KeyVals, Fields, NewRec, Pos+1);
+	false ->
+	    decode_record(KeyVals, Fields, Rec, Pos+1)
+    end;
+decode_record(_, [], Rec, _) ->
+    Rec.

src/ejabberd_riak_sup.erl

@@ -0,0 +1,161 @@
+%%%----------------------------------------------------------------------
+%%% File    : ejabberd_riak_sup.erl
+%%% Author  : Alexey Shchepin <alexey@process-one.net>
+%%% Purpose : Riak connections supervisor
+%%% Created : 29 Dec 2011 by Alexey Shchepin <alexey@process-one.net>
+%%%
+%%%
+%%% ejabberd, Copyright (C) 2002-2011   ProcessOne
+%%%
+%%% This program is free software; you can redistribute it and/or
+%%% modify it under the terms of the GNU General Public License as
+%%% published by the Free Software Foundation; either version 2 of the
+%%% License, or (at your option) any later version.
+%%%
+%%% This program is distributed in the hope that it will be useful,
+%%% but WITHOUT ANY WARRANTY; without even the implied warranty of
+%%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+%%% General Public License for more details.
+%%%
+%%% You should have received a copy of the GNU General Public License
+%%% along with this program; if not, write to the Free Software
+%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+%%% 02111-1307 USA
+%%%
+%%%----------------------------------------------------------------------
+
+-module(ejabberd_riak_sup).
+-author('alexey@process-one.net').
+
+%% API
+-export([start/0,
+         start_link/0,
+	 init/1,
+	 get_pids/0,
+         transform_options/1,
+	 get_random_pid/0,
+	 get_random_pid/1
+	]).
+
+-include("ejabberd.hrl").
+-include("logger.hrl").
+
+-define(DEFAULT_POOL_SIZE, 10).
+-define(DEFAULT_RIAK_START_INTERVAL, 30). % 30 seconds
+-define(DEFAULT_RIAK_HOST, "127.0.0.1").
+-define(DEFAULT_RIAK_PORT, 8087).
+
+% time to wait for the supervisor to start its child before returning
+% a timeout error to the request
+-define(CONNECT_TIMEOUT, 500). % milliseconds
+
+start() ->
+    case lists:any(
+	   fun(Host) ->
+		   is_riak_configured(Host)
+	   end, ?MYHOSTS) of
+	true ->
+	    ejabberd:start_app(riakc),
+            do_start();
+	false ->
+	    ok
+    end.
+
+is_riak_configured(Host) ->
+    ServerConfigured = ejabberd_config:get_option(
+			 {riak_server, Host},
+			 fun(_) -> true end, false),
+    PortConfigured = ejabberd_config:get_option(
+		       {riak_port, Host},
+		       fun(_) -> true end, false),
+    AuthConfigured = lists:member(
+		       ejabberd_auth_riak,
+		       ejabberd_auth:auth_modules(Host)),
+    Modules = ejabberd_config:get_option(
+		{modules, Host},
+		fun(L) when is_list(L) -> L end, []),
+    ModuleWithRiakDBConfigured = lists:any(
+				   fun({_Module, Opts}) ->
+					   gen_mod:db_type(Opts) == riak
+				   end, Modules),
+    ServerConfigured or PortConfigured
+	or AuthConfigured or ModuleWithRiakDBConfigured.
+
+do_start() ->
+    SupervisorName = ?MODULE,
+    ChildSpec =
+	{SupervisorName,
+	 {?MODULE, start_link, []},
+	 transient,
+	 infinity,
+	 supervisor,
+	 [?MODULE]},
+    case supervisor:start_child(ejabberd_sup, ChildSpec) of
+	{ok, _PID} ->
+	    ok;
+	_Error ->
+	    ?ERROR_MSG("Start of supervisor ~p failed:~n~p~nRetrying...~n",
+                       [SupervisorName, _Error]),
+            timer:sleep(5000),
+	    start()
+    end.
+
+start_link() ->
+    supervisor:start_link({local, ?MODULE}, ?MODULE, []).
+
+init([]) ->
+    PoolSize = get_pool_size(),
+    StartInterval = get_start_interval(),
+    Server = get_riak_server(),
+    Port = get_riak_port(),
+    {ok, {{one_for_one, PoolSize*10, 1},
+	  lists:map(
+	    fun(I) ->
+		    {ejabberd_riak:get_proc(I),
+		     {ejabberd_riak, start_link,
+                      [I, Server, Port, StartInterval*1000]},
+		     transient, 2000, worker, [?MODULE]}
+	    end, lists:seq(1, PoolSize))}}.
+
+get_start_interval() ->
+    ejabberd_config:get_option(
+      riak_start_interval,
+      fun(N) when is_integer(N), N >= 1 -> N end,
+      ?DEFAULT_RIAK_START_INTERVAL).
+
+get_pool_size() ->
+    ejabberd_config:get_option(
+      riak_pool_size,
+      fun(N) when is_integer(N), N >= 1 -> N end,
+      ?DEFAULT_POOL_SIZE).
+
+get_riak_server() ->
+    ejabberd_config:get_option(
+      riak_server,
+      fun(S) ->
+	      binary_to_list(iolist_to_binary(S))
+      end, ?DEFAULT_RIAK_HOST).
+
+get_riak_port() ->
+    ejabberd_config:get_option(
+      riak_port,
+      fun(P) when is_integer(P), P > 0, P < 65536 -> P end,
+      ?DEFAULT_RIAK_PORT).
+
+get_pids() ->
+    [ejabberd_riak:get_proc(I) || I <- lists:seq(1, get_pool_size())].
+
+get_random_pid() ->
+    get_random_pid(now()).
+
+get_random_pid(Term) ->
+    I = erlang:phash2(Term, get_pool_size()) + 1,
+    ejabberd_riak:get_proc(I).
+
+transform_options(Opts) ->
+    lists:foldl(fun transform_options/2, [], Opts).
+
+transform_options({riak_server, {S, P}}, Opts) ->
+    [{riak_server, S}, {riak_port, P}|Opts];
+transform_options(Opt, Opts) ->
+    [Opt|Opts].

src/ejabberd_router.erl

@@ -5,7 +5,7 @@
 %%% Created : 27 Nov 2002 by Alexey Shchepin <alexey@process-one.net>
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -17,10 +17,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 
@@ -387,20 +386,17 @@ do_route(OrigFrom, OrigTo, OrigPacket) ->
     end.
 
 get_component_number(LDomain) ->
-    case
-      ejabberd_config:get_local_option({domain_balancing_component_number,
-					LDomain}, fun(D) -> D end)
-	of
-      N when is_integer(N), N > 1 -> N;
-      _ -> undefined
-    end.
-
+    ejabberd_config:get_option(
+      {domain_balancing_component_number, LDomain},
+      fun(N) when is_integer(N), N > 1 -> N end,
+      undefined).
 
 update_tables() ->
     case catch mnesia:table_info(route, attributes) of
       [domain, node, pid] -> mnesia:delete_table(route);
       [domain, pid] -> mnesia:delete_table(route);
       [domain, pid, local_hint] -> ok;
+      [domain, pid, local_hint|_] -> mnesia:delete_table(route);
       {'EXIT', _} -> ok
     end,
     case lists:member(local_route,

src/ejabberd_s2s.erl

@@ -5,7 +5,7 @@
 %%% Created :  7 Dec 2002 by Alexey Shchepin <alexey@process-one.net>
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -17,10 +17,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 
@@ -38,14 +37,15 @@
 	 incoming_s2s_number/0, outgoing_s2s_number/0,
 	 clean_temporarily_blocked_table/0,
 	 list_temporarily_blocked_hosts/0,
-	 external_host_overloaded/1, is_temporarly_blocked/1]).
+	 external_host_overloaded/1, is_temporarly_blocked/1,
+	 check_peer_certificate/3]).
 
 %% gen_server callbacks
 -export([init/1, handle_call/3, handle_cast/2,
 	 handle_info/2, terminate/2, code_change/3]).
 
 %% ejabberd API
--export([get_info_s2s_connections/1]).
+-export([get_info_s2s_connections/1, transform_options/1]).
 
 -include("ejabberd.hrl").
 -include("logger.hrl").
@@ -54,6 +54,14 @@
 
 -include("ejabberd_commands.hrl").
 
+-include_lib("public_key/include/public_key.hrl").
+
+-define(PKIXEXPLICIT, 'OTP-PUB-KEY').
+
+-define(PKIXIMPLICIT, 'OTP-PUB-KEY').
+
+-include("XmppAddr.hrl").
+
 -define(DEFAULT_MAX_S2S_CONNECTIONS_NUMBER, 1).
 
 -define(DEFAULT_MAX_S2S_CONNECTIONS_NUMBER_PER_NODE, 1).
@@ -208,6 +216,31 @@ try_register(FromTo) ->
 dirty_get_connections() ->
     mnesia:dirty_all_keys(s2s).
 
+check_peer_certificate(SockMod, Sock, Peer) ->
+    case SockMod:get_peer_certificate(Sock) of
+      {ok, Cert} ->
+	  case SockMod:get_verify_result(Sock) of
+	    0 ->
+		case idna:domain_utf8_to_ascii(Peer) of
+		  false ->
+		      {error, <<"Cannot decode remote server name">>};
+		  AsciiPeer ->
+		      case
+			lists:any(fun(D) -> match_domain(AsciiPeer, D) end,
+				  get_cert_domains(Cert)) of
+			true ->
+			    {ok, <<"Verification successful">>};
+			false ->
+			    {error, <<"Certificate host name mismatch">>}
+		      end
+		end;
+	    VerifyRes ->
+		{error, p1_tls:get_cert_verify_string(VerifyRes, Cert)}
+	  end;
+      error ->
+	  {error, <<"Cannot get peer certificate">>}
+    end.
+
 %%====================================================================
 %% gen_server callbacks
 %%====================================================================
@@ -461,12 +494,12 @@ needed_connections_number(Ls, MaxS2SConnectionsNumber,
 %% --------------------------------------------------------------------
 is_service(From, To) ->
     LFromDomain = From#jid.lserver,
-    case ejabberd_config:get_local_option(
+    case ejabberd_config:get_option(
            {route_subdomains, LFromDomain},
-           fun(s2s) -> s2s end) of
+           fun(s2s) -> s2s; (local) -> local end, local) of
       s2s -> % bypass RFC 3920 10.3
 	  false;
-      undefined ->
+      local ->
 	  Hosts = (?MYHOSTS),
 	  P = fun (ParentDomain) ->
 		      lists:member(ParentDomain, Hosts)
@@ -548,34 +581,50 @@ allow_host2(MyServer, S2SHost) ->
     end.
 
 allow_host1(MyHost, S2SHost) ->
-    case ejabberd_config:get_local_option(
-           {{s2s_host, S2SHost}, MyHost},
-           fun(deny) -> deny; (allow) -> allow end)
-	of
-      deny -> false;
-      allow -> true;
-      undefined ->
-	  case ejabberd_config:get_local_option(
-                 {s2s_default_policy, MyHost},
-                 fun(deny) -> deny; (allow) -> allow end)
-	      of
-	    deny -> false;
-	    _ ->
-		case ejabberd_hooks:run_fold(s2s_allow_host, MyHost,
-					     allow, [MyHost, S2SHost])
-		    of
-		  deny -> false;
-		  allow -> true;
-		  _ -> true
-		end
-	  end
+    Rule = ejabberd_config:get_option(
+             s2s_access,
+             fun(A) when is_atom(A) -> A end,
+             all),
+    JID = jlib:make_jid(<<"">>, S2SHost, <<"">>),
+    case acl:match_rule(MyHost, Rule, JID) of
+        deny -> false;
+        allow ->
+            case ejabberd_hooks:run_fold(s2s_allow_host, MyHost,
+                                         allow, [MyHost, S2SHost]) of
+                deny -> false;
+                allow -> true;
+                _ -> true
+            end
     end.
 
+transform_options(Opts) ->
+    lists:foldl(fun transform_options/2, [], Opts).
+
+transform_options({{s2s_host, Host}, Action}, Opts) ->
+    ?WARNING_MSG("Option 's2s_host' is deprecated. "
+                 "The option is still supported but it is better to "
+                 "fix your config: use access rules instead.", []),
+    ACLName = jlib:binary_to_atom(
+                iolist_to_binary(["s2s_access_", Host])),
+    [{acl, ACLName, {server, Host}},
+     {access, s2s, [{Action, ACLName}]},
+     {s2s_access, s2s} |
+     Opts];
+transform_options({s2s_default_policy, Action}, Opts) ->
+    ?WARNING_MSG("Option 's2s_default_policy' is deprecated. "
+                 "The option is still supported but it is better to "
+                 "fix your config: "
+                 "use 's2s_access' with an access rule.", []),
+    [{access, s2s, [{Action, all}]},
+     {s2s_access, s2s} |
+     Opts];
+transform_options(Opt, Opts) ->
+    [Opt|Opts].
+
 %% Get information about S2S connections of the specified type.
 %% @spec (Type) -> [Info]
 %% where Type = in | out
 %%       Info = [{InfoName::atom(), InfoValue::any()}]
-
 get_info_s2s_connections(Type) ->
     ChildType = case Type of
 		  in -> ejabberd_s2s_in_sup;
@@ -604,3 +653,121 @@ get_s2s_state(S2sPid) ->
 	      {badrpc, _} -> [{status, error}]
 	    end,
     [{s2s_pid, S2sPid} | Infos].
+
+get_cert_domains(Cert) ->
+    {rdnSequence, Subject} =
+	(Cert#'Certificate'.tbsCertificate)#'TBSCertificate'.subject,
+    Extensions =
+	(Cert#'Certificate'.tbsCertificate)#'TBSCertificate'.extensions,
+    lists:flatmap(fun (#'AttributeTypeAndValue'{type =
+						    ?'id-at-commonName',
+						value = Val}) ->
+			  case 'OTP-PUB-KEY':decode('X520CommonName', Val) of
+			    {ok, {_, D1}} ->
+				D = if is_binary(D1) -> D1;
+				       is_list(D1) -> list_to_binary(D1);
+				       true -> error
+				    end,
+				if D /= error ->
+				       case jlib:string_to_jid(D) of
+					 #jid{luser = <<"">>, lserver = LD,
+					      lresource = <<"">>} ->
+					     [LD];
+					 _ -> []
+				       end;
+				   true -> []
+				end;
+			    _ -> []
+			  end;
+		      (_) -> []
+		  end,
+		  lists:flatten(Subject))
+      ++
+      lists:flatmap(fun (#'Extension'{extnID =
+					  ?'id-ce-subjectAltName',
+				      extnValue = Val}) ->
+			    BVal = if is_list(Val) -> list_to_binary(Val);
+				      true -> Val
+				   end,
+			    case 'OTP-PUB-KEY':decode('SubjectAltName', BVal)
+				of
+			      {ok, SANs} ->
+				  lists:flatmap(fun ({otherName,
+						      #'AnotherName'{'type-id' =
+									 ?'id-on-xmppAddr',
+								     value =
+									 XmppAddr}}) ->
+							case
+							  'XmppAddr':decode('XmppAddr',
+									    XmppAddr)
+							    of
+							  {ok, D}
+							      when
+								is_binary(D) ->
+							      case
+								jlib:string_to_jid((D))
+								  of
+								#jid{luser =
+									 <<"">>,
+								     lserver =
+									 LD,
+								     lresource =
+									 <<"">>} ->
+								    case
+								      idna:domain_utf8_to_ascii(LD)
+									of
+								      false ->
+									  [];
+								      PCLD ->
+									  [PCLD]
+								    end;
+								_ -> []
+							      end;
+							  _ -> []
+							end;
+						    ({dNSName, D})
+							when is_list(D) ->
+							case
+							  jlib:string_to_jid(list_to_binary(D))
+							    of
+							  #jid{luser = <<"">>,
+							       lserver = LD,
+							       lresource =
+								   <<"">>} ->
+							      [LD];
+							  _ -> []
+							end;
+						    (_) -> []
+						end,
+						SANs);
+			      _ -> []
+			    end;
+			(_) -> []
+		    end,
+		    Extensions).
+
+match_domain(Domain, Domain) -> true;
+match_domain(Domain, Pattern) ->
+    DLabels = str:tokens(Domain, <<".">>),
+    PLabels = str:tokens(Pattern, <<".">>),
+    match_labels(DLabels, PLabels).
+
+match_labels([], []) -> true;
+match_labels([], [_ | _]) -> false;
+match_labels([_ | _], []) -> false;
+match_labels([DL | DLabels], [PL | PLabels]) ->
+    case lists:all(fun (C) ->
+			   $a =< C andalso C =< $z orelse
+			     $0 =< C andalso C =< $9 orelse
+			       C == $- orelse C == $*
+		   end,
+		   binary_to_list(PL))
+	of
+      true ->
+	  Regexp = ejabberd_regexp:sh_to_awk(PL),
+	  case ejabberd_regexp:run(DL, Regexp) of
+	    match -> match_labels(DLabels, PLabels);
+	    nomatch -> false
+	  end;
+      false -> false
+    end.

src/ejabberd_s2s_in.erl

@@ -5,7 +5,7 @@
 %%% Created :  6 Dec 2002 by Alexey Shchepin <alexey@process-one.net>
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -17,10 +17,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 
@@ -31,8 +30,7 @@
 -behaviour(p1_fsm).
 
 %% External exports
--export([start/2, start_link/2, match_domain/2,
-	 socket_type/0]).
+-export([start/2, start_link/2, socket_type/0]).
 
 %% gen_fsm callbacks
 -export([init/1, wait_for_stream/2,
@@ -45,14 +43,6 @@
 
 -include("jlib.hrl").
 
--include_lib("public_key/include/public_key.hrl").
-
--define(PKIXEXPLICIT, 'OTP-PUB-KEY').
-
--define(PKIXIMPLICIT, 'OTP-PUB-KEY').
-
--include("XmppAddr.hrl").
-
 -define(DICT, dict).
 
 -record(state,
@@ -88,7 +78,7 @@
 
 -define(SUPERVISOR_START,
 	p1_fsm:start(ejabberd_s2s_in, [SockData, Opts],
-                     ?FSMOPTS ++ fsm_limit_opts(Opts)).
+                     ?FSMOPTS ++ fsm_limit_opts(Opts))).
 
 -else.
 
@@ -149,7 +139,7 @@ init([{SockMod, Socket}, Opts]) ->
 	       _ -> none
 	     end,
     {StartTLS, TLSRequired, TLSCertverify} =
-        case ejabberd_config:get_local_option(
+        case ejabberd_config:get_option(
                s2s_use_starttls,
                fun(false) -> false;
                   (true) -> true;
@@ -171,12 +161,33 @@ init([{SockMod, Socket}, Opts]) ->
             required_trusted ->
                 {true, true, true}
         end,
-    TLSOpts = case ejabberd_config:get_local_option(
+    TLSOpts1 = case ejabberd_config:get_option(
                      s2s_certfile,
                      fun iolist_to_binary/1) of
                   undefined -> [];
                   CertFile -> [{certfile, CertFile}]
 	      end,
+    TLSOpts2 = case ejabberd_config:get_option(
+                      s2s_ciphers, fun iolist_to_binary/1) of
+                   undefined -> TLSOpts1;
+                   Ciphers -> [{ciphers, Ciphers} | TLSOpts1]
+               end,
+    TLSOpts3 = case ejabberd_config:get_option(
+                      s2s_protocol_options,
+                      fun (Options) ->
+                              [_|O] = lists:foldl(
+                                           fun(X, Acc) -> X ++ Acc end, [],
+                                           [["|" | binary_to_list(Opt)] || Opt <- Options, is_binary(Opt)]
+                                          ),
+                              iolist_to_binary(O)
+                      end) of
+                   undefined -> TLSOpts2;
+                   ProtocolOpts -> [{protocol_options, ProtocolOpts} | TLSOpts2]
+               end,
+    TLSOpts = case proplists:get_bool(tls_compression, Opts) of
+                  false -> [compression_none | TLSOpts3];
+                  true -> TLSOpts3
+              end,
     Timer = erlang:start_timer(?S2STIMEOUT, self(), []),
     {ok, wait_for_stream,
      #state{socket = Socket, sockmod = SockMod,
@@ -204,34 +215,21 @@ wait_for_stream({xmlstreamstart, _Name, Attrs},
 		 not StateData#state.authenticated ->
 	  send_text(StateData,
 		    ?STREAM_HEADER(<<" version='1.0'">>)),
-	  SASL = if StateData#state.tls_enabled ->
-			case
-			  (StateData#state.sockmod):get_peer_certificate(StateData#state.socket)
-			    of
-			  {ok, Cert} ->
-			      case
-				(StateData#state.sockmod):get_verify_result(StateData#state.socket)
-				  of
-				0 ->
-				    [#xmlel{name = <<"mechanisms">>,
-					    attrs = [{<<"xmlns">>, ?NS_SASL}],
-					    children =
-						[#xmlel{name = <<"mechanism">>,
-							attrs = [],
-							children =
-							    [{xmlcdata,
-							      <<"EXTERNAL">>}]}]}];
-				CertVerifyRes ->
-				    case StateData#state.tls_certverify of
-				      true ->
-					  {error_cert_verif, CertVerifyRes,
-					   Cert};
-				      false -> []
-				    end
-			      end;
-			  error -> []
+	  Auth = if StateData#state.tls_enabled ->
+			case jlib:nameprep(xml:get_attr_s(<<"from">>, Attrs)) of
+			  From when From /= <<"">>, From /= error ->
+			      {Result, Message} =
+				  ejabberd_s2s:check_peer_certificate(StateData#state.sockmod,
+								      StateData#state.socket,
+								      From),
+			      {Result, From, Message};
+			  _ ->
+			      {error, <<"(unknown)">>,
+			       <<"Got no valid 'from' attribute">>}
 			end;
-		    true -> []
+		    true ->
+			{no_verify, <<"(unknown)">>,
+			 <<"TLS not (yet) enabled">>}
 		 end,
 	  StartTLS = if StateData#state.tls_enabled -> [];
 			not StateData#state.tls_enabled and
@@ -247,26 +245,36 @@ wait_for_stream({xmlstreamstart, _Name, Attrs},
 					[#xmlel{name = <<"required">>,
 						attrs = [], children = []}]}]
 		     end,
-	  case SASL of
-	    {error_cert_verif, CertVerifyResult, Certificate} ->
-		CertError = p1_tls:get_cert_verify_string(CertVerifyResult,
-						       Certificate),
-		RemoteServer = xml:get_attr_s(<<"from">>, Attrs),
+	  case Auth of
+	    {error, RemoteServer, CertError}
+		when StateData#state.tls_certverify ->
 		?INFO_MSG("Closing s2s connection: ~s <--> ~s (~s)",
 			  [StateData#state.server, RemoteServer, CertError]),
 		send_text(StateData,
-			  xml:element_to_binary(?SERRT_POLICY_VIOLATION(<<"en">>,
-									CertError))),
-		{atomic, Pid} =
-		    ejabberd_s2s:find_connection(jlib:make_jid(<<"">>,
-							       Server, <<"">>),
-						 jlib:make_jid(<<"">>,
-							       RemoteServer,
-							       <<"">>)),
-		ejabberd_s2s_out:stop_connection(Pid),
+			  <<(xml:element_to_binary(?SERRT_POLICY_VIOLATION(<<"en">>,
+									   CertError)))/binary,
+			    (?STREAM_TRAILER)/binary>>),
 		{stop, normal, StateData};
-	    _ ->
-		send_element(StateData,
+	    {VerifyResult, RemoteServer, Msg} ->
+		{SASL, NewStateData} = case VerifyResult of
+					 ok ->
+					     {[#xmlel{name = <<"mechanisms">>,
+						      attrs = [{<<"xmlns">>, ?NS_SASL}],
+						      children =
+							  [#xmlel{name = <<"mechanism">>,
+								  attrs = [],
+								  children =
+								      [{xmlcdata,
+									<<"EXTERNAL">>}]}]}],
+					      StateData#state{auth_domain = RemoteServer}};
+					 error ->
+					     ?DEBUG("Won't accept certificate of ~s: ~s",
+						    [RemoteServer, Msg]),
+					     {[], StateData};
+					 no_verify ->
+					     {[], StateData}
+				       end,
+		send_element(NewStateData,
 			     #xmlel{name = <<"stream:features">>, attrs = [],
 				    children =
 					SASL ++
@@ -275,7 +283,7 @@ wait_for_stream({xmlstreamstart, _Name, Attrs},
 								    Server, [],
 								    [Server])}),
 		{next_state, wait_for_feature_request,
-		 StateData#state{server = Server}}
+		 NewStateData#state{server = Server}}
 	  end;
       {<<"jabber:server">>, _, Server, true}
 	  when StateData#state.authenticated ->
@@ -289,7 +297,9 @@ wait_for_stream({xmlstreamstart, _Name, Attrs},
 							  [Server])}),
 	  {next_state, stream_established, StateData};
       {<<"jabber:server">>, <<"jabber:server:dialback">>,
-       _Server, _} ->
+       _Server, _} when
+	      (StateData#state.tls_required and StateData#state.tls_enabled)
+	      or (not StateData#state.tls_required) ->
 	  send_text(StateData, ?STREAM_HEADER(<<"">>)),
 	  {next_state, stream_established, StateData};
       _ ->
@@ -308,7 +318,7 @@ wait_for_stream(closed, StateData) ->
 
 wait_for_feature_request({xmlstreamelement, El},
 			 StateData) ->
-    #xmlel{name = Name, attrs = Attrs, children = Els} = El,
+    #xmlel{name = Name, attrs = Attrs} = El,
     TLS = StateData#state.tls,
     TLSEnabled = StateData#state.tls_enabled,
     SockMod =
@@ -319,8 +329,8 @@ wait_for_feature_request({xmlstreamelement, El},
 	       SockMod == gen_tcp ->
 	  ?DEBUG("starttls", []),
 	  Socket = StateData#state.socket,
-	  TLSOpts = case
-		      ejabberd_config:get_local_option(
+	  TLSOpts1 = case
+		      ejabberd_config:get_option(
                         {domain_certfile, StateData#state.server},
                         fun iolist_to_binary/1) of
 		      undefined -> StateData#state.tls_options;
@@ -328,6 +338,14 @@ wait_for_feature_request({xmlstreamelement, El},
 			  [{certfile, CertFile} | lists:keydelete(certfile, 1,
 								  StateData#state.tls_options)]
 		    end,
+          TLSOpts = case ejabberd_config:get_option(
+                           {s2s_tls_compression, StateData#state.server},
+                           fun(true) -> true;
+                              (false) -> false
+                           end, true) of
+                        true -> lists:delete(compression_none, TLSOpts1);
+                        false -> [compression_none | TLSOpts1]
+                    end,
 	  TLSSocket = (StateData#state.sockmod):starttls(Socket,
 							 TLSOpts,
 							 xml:element_to_binary(#xmlel{name
@@ -346,52 +364,23 @@ wait_for_feature_request({xmlstreamelement, El},
       {?NS_SASL, <<"auth">>} when TLSEnabled ->
 	  Mech = xml:get_attr_s(<<"mechanism">>, Attrs),
 	  case Mech of
-	    <<"EXTERNAL">> ->
-		Auth = jlib:decode_base64(xml:get_cdata(Els)),
-		AuthDomain = jlib:nameprep(Auth),
-		AuthRes = case
-			    (StateData#state.sockmod):get_peer_certificate(StateData#state.socket)
-			      of
-			    {ok, Cert} ->
-				case
-				  (StateData#state.sockmod):get_verify_result(StateData#state.socket)
-				    of
-				  0 ->
-				      case AuthDomain of
-					error -> false;
-					_ ->
-					    case
-					      idna:domain_utf8_to_ascii(AuthDomain)
-						of
-					      false -> false;
-					      PCAuthDomain ->
-						  lists:any(fun (D) ->
-								    match_domain(PCAuthDomain,
-										 D)
-							    end,
-							    get_cert_domains(Cert))
-					    end
-				      end;
-				  _ -> false
-				end;
-			    error -> false
-			  end,
+	    <<"EXTERNAL">> when StateData#state.auth_domain /= <<"">> ->
+		AuthDomain = StateData#state.auth_domain,
 		AllowRemoteHost = ejabberd_s2s:allow_host(<<"">>,
 							  AuthDomain),
-		if AuthRes andalso AllowRemoteHost ->
+		if AllowRemoteHost ->
 		       (StateData#state.sockmod):reset_stream(StateData#state.socket),
 		       send_element(StateData,
 				    #xmlel{name = <<"success">>,
 					   attrs = [{<<"xmlns">>, ?NS_SASL}],
 					   children = []}),
-		       ?DEBUG("(~w) Accepted s2s authentication for ~s",
-			      [StateData#state.socket, AuthDomain]),
+		       ?INFO_MSG("Accepted s2s EXTERNAL authentication for ~s (TLS=~p)",
+				 [AuthDomain, StateData#state.tls_enabled]),
 		       change_shaper(StateData, <<"">>,
 				     jlib:make_jid(<<"">>, AuthDomain, <<"">>)),
 		       {next_state, wait_for_stream,
 			StateData#state{streamid = new_id(),
-					authenticated = true,
-					auth_domain = AuthDomain}};
+					authenticated = true}};
 		   true ->
 		       send_element(StateData,
 				    #xmlel{name = <<"failure">>,
@@ -526,6 +515,8 @@ stream_established({valid, From, To}, StateData) ->
 			    [{<<"from">>, To}, {<<"to">>, From},
 			     {<<"type">>, <<"valid">>}],
 			children = []}),
+    ?INFO_MSG("Accepted s2s dialback authentication for ~s (TLS=~p)",
+	      [From, StateData#state.tls_enabled]),
     LFrom = jlib:nameprep(From),
     LTo = jlib:nameprep(To),
     NSD = StateData#state{connections =
@@ -708,130 +699,11 @@ is_key_packet(#xmlel{name = Name, attrs = Attrs,
      xml:get_attr_s(<<"id">>, Attrs), xml:get_cdata(Els)};
 is_key_packet(_) -> false.
 
-get_cert_domains(Cert) ->
-    {rdnSequence, Subject} =
-	(Cert#'Certificate'.tbsCertificate)#'TBSCertificate'.subject,
-    Extensions =
-	(Cert#'Certificate'.tbsCertificate)#'TBSCertificate'.extensions,
-    lists:flatmap(fun (#'AttributeTypeAndValue'{type =
-						    ?'id-at-commonName',
-						value = Val}) ->
-			  case 'OTP-PUB-KEY':decode('X520CommonName', Val) of
-			    {ok, {_, D1}} ->
-				D = if is_binary(D1) -> D1;
-				       is_binary(D1) -> (D1);
-				       true -> error
-				    end,
-				if D /= error ->
-				       case jlib:string_to_jid(D) of
-					 #jid{luser = <<"">>, lserver = LD,
-					      lresource = <<"">>} ->
-					     [LD];
-					 _ -> []
-				       end;
-				   true -> []
-				end;
-			    _ -> []
-			  end;
-		      (_) -> []
-		  end,
-		  lists:flatten(Subject))
-      ++
-      lists:flatmap(fun (#'Extension'{extnID =
-					  ?'id-ce-subjectAltName',
-				      extnValue = Val}) ->
-			    BVal = if is_binary(Val) -> iolist_to_binary(Val);
-				      is_binary(Val) -> Val;
-				      true -> Val
-				   end,
-			    case 'OTP-PUB-KEY':decode('SubjectAltName', BVal)
-				of
-			      {ok, SANs} ->
-				  lists:flatmap(fun ({otherName,
-						      #'AnotherName'{'type-id' =
-									 ?'id-on-xmppAddr',
-								     value =
-									 XmppAddr}}) ->
-							case
-							  'XmppAddr':decode('XmppAddr',
-									    XmppAddr)
-							    of
-							  {ok, D}
-							      when
-								is_binary(D) ->
-							      case
-								jlib:string_to_jid((D))
-								  of
-								#jid{luser =
-									 <<"">>,
-								     lserver =
-									 LD,
-								     lresource =
-									 <<"">>} ->
-								    case
-								      idna:domain_utf8_to_ascii(LD)
-									of
-								      false ->
-									  [];
-								      PCLD ->
-									  [PCLD]
-								    end;
-								_ -> []
-							      end;
-							  _ -> []
-							end;
-						    ({dNSName, D})
-							when is_binary(D) ->
-							case
-							  jlib:string_to_jid(D)
-							    of
-							  #jid{luser = <<"">>,
-							       lserver = LD,
-							       lresource =
-								   <<"">>} ->
-							      [LD];
-							  _ -> []
-							end;
-						    (_) -> []
-						end,
-						SANs);
-			      _ -> []
-			    end;
-			(_) -> []
-		    end,
-		    Extensions).
-
-match_domain(Domain, Domain) -> true;
-match_domain(Domain, Pattern) ->
-    DLabels = str:tokens(Domain, <<".">>),
-    PLabels = str:tokens(Pattern, <<".">>),
-    match_labels(DLabels, PLabels).
-
-match_labels([], []) -> true;
-match_labels([], [_ | _]) -> false;
-match_labels([_ | _], []) -> false;
-match_labels([DL | DLabels], [PL | PLabels]) ->
-    case lists:all(fun (C) ->
-			   $a =< C andalso C =< $z orelse
-			     $0 =< C andalso C =< $9 orelse
-			       C == $- orelse C == $*
-		   end,
-		   binary_to_list(PL))
-	of
-      true ->
-	  Regexp = ejabberd_regexp:sh_to_awk(PL),
-	  case ejabberd_regexp:run(DL, Regexp) of
-	    match -> match_labels(DLabels, PLabels);
-	    nomatch -> false
-	  end;
-      false -> false
-    end.
-
 fsm_limit_opts(Opts) ->
     case lists:keysearch(max_fsm_queue, 1, Opts) of
       {value, {_, N}} when is_integer(N) -> [{max_queue, N}];
       _ ->
-	  case ejabberd_config:get_local_option(
+	  case ejabberd_config:get_option(
                  max_fsm_queue,
                  fun(I) when is_integer(I), I > 0 -> I end) of
             undefined -> [];

src/ejabberd_s2s_out.erl

@@ -5,7 +5,7 @@
 %%% Created :  6 Dec 2002 by Alexey Shchepin <alexey@process-one.net>
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -17,10 +17,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 
@@ -35,7 +34,8 @@
 	 start_link/3,
 	 start_connection/1,
 	 terminate_if_waiting_delay/2,
-	 stop_connection/1]).
+	 stop_connection/1,
+         transform_options/1]).
 
 %% p1_fsm callbacks (same as gen_fsm)
 -export([init/1,
@@ -69,6 +69,7 @@
          use_v10 = true                   :: boolean(),
          tls = false                      :: boolean(),
 	 tls_required = false             :: boolean(),
+	 tls_certverify = false           :: boolean(),
          tls_enabled = false              :: boolean(),
 	 tls_options = [connect]          :: list(),
          authenticated = false            :: boolean(),
@@ -160,36 +161,60 @@ stop_connection(Pid) -> p1_fsm:send_event(Pid, closed).
 init([From, Server, Type]) ->
     process_flag(trap_exit, true),
     ?DEBUG("started: ~p", [{From, Server, Type}]),
-    {TLS, TLSRequired} = case
-			   ejabberd_config:get_local_option(
-                             s2s_use_starttls,
-                             fun(true) -> true;
-                                (false) -> false;
-                                (optional) -> optional;
-                                (required) -> required;
-                                (required_trusted) -> required_trusted
-                             end)
-			     of
-			   UseTls
-			       when (UseTls == undefined) or
-				      (UseTls == false) ->
-			       {false, false};
-			   UseTls
-			       when (UseTls == true) or (UseTls == optional) ->
-			       {true, false};
-			   UseTls
-			       when (UseTls == required) or
-				      (UseTls == required_trusted) ->
-			       {true, true}
-			 end,
+    {TLS, TLSRequired, TLSCertverify} =
+	case ejabberd_config:get_option(
+	       s2s_use_starttls,
+	       fun(true) -> true;
+		  (false) -> false;
+		  (optional) -> optional;
+		  (required) -> required;
+		  (required_trusted) -> required_trusted
+	       end)
+	    of
+	  UseTls
+	      when (UseTls == undefined) or (UseTls == false) ->
+	      {false, false, false};
+	  UseTls
+	      when (UseTls == true) or (UseTls == optional) ->
+	      {true, false, false};
+	  required ->
+	      {true, true, false};
+	  required_trusted ->
+	      {true, true, true}
+	end,
     UseV10 = TLS,
-    TLSOpts = case
-		ejabberd_config:get_local_option(
+    TLSOpts1 = case
+		ejabberd_config:get_option(
                   s2s_certfile, fun iolist_to_binary/1)
 		  of
 		undefined -> [connect];
 		CertFile -> [{certfile, CertFile}, connect]
 	      end,
+    TLSOpts2 = case ejabberd_config:get_option(
+                      s2s_ciphers, fun iolist_to_binary/1) of
+                   undefined -> TLSOpts1;
+                   Ciphers -> [{ciphers, Ciphers} | TLSOpts1]
+               end,
+    TLSOpts3 = case ejabberd_config:get_option(
+                      s2s_protocol_options,
+                      fun (Options) ->
+                              [_|O] = lists:foldl(
+                                           fun(X, Acc) -> X ++ Acc end, [],
+                                           [["|" | binary_to_list(Opt)] || Opt <- Options, is_binary(Opt)]
+                                          ),
+                              iolist_to_binary(O)
+                      end) of
+                   undefined -> TLSOpts2;
+                   ProtocolOpts -> [{protocol_options, ProtocolOpts} | TLSOpts2]
+               end,
+    TLSOpts = case ejabberd_config:get_option(
+                     {s2s_tls_compression, From},
+                     fun(true) -> true;
+                        (false) -> false
+                     end, true) of
+                  false -> [compression_none | TLSOpts3];
+                  true -> TLSOpts3
+              end,
     {New, Verify} = case Type of
 		      {new, Key} -> {Key, false};
 		      {verify, Pid, Key, SID} ->
@@ -198,9 +223,9 @@ init([From, Server, Type]) ->
     Timer = erlang:start_timer(?S2STIMEOUT, self(), []),
     {ok, open_socket,
      #state{use_v10 = UseV10, tls = TLS,
-	    tls_required = TLSRequired, tls_options = TLSOpts,
-	    queue = queue:new(), myname = From, server = Server,
-	    new = New, verify = Verify, timer = Timer}}.
+	    tls_required = TLSRequired, tls_certverify = TLSCertverify,
+	    tls_options = TLSOpts, queue = queue:new(), myname = From,
+	    server = Server, new = New, verify = Verify, timer = Timer}}.
 
 %%----------------------------------------------------------------------
 %% Func: StateName/2
@@ -320,35 +345,57 @@ open_socket2(Type, Addr, Port) ->
 
 wait_for_stream({xmlstreamstart, _Name, Attrs},
 		StateData) ->
+    {CertCheckRes, CertCheckMsg, NewStateData} =
+	if StateData#state.tls_certverify, StateData#state.tls_enabled ->
+	       {Res, Msg} =
+		   ejabberd_s2s:check_peer_certificate(ejabberd_socket,
+						       StateData#state.socket,
+						       StateData#state.server),
+	       ?DEBUG("Certificate verification result for ~s: ~s",
+		      [StateData#state.server, Msg]),
+	       {Res, Msg, StateData#state{tls_certverify = false}};
+	   true ->
+	       {no_verify, <<"Not verified">>, StateData}
+	end,
     case {xml:get_attr_s(<<"xmlns">>, Attrs),
 	  xml:get_attr_s(<<"xmlns:db">>, Attrs),
 	  xml:get_attr_s(<<"version">>, Attrs) == <<"1.0">>}
 	of
+      _ when CertCheckRes == error ->
+	  send_text(NewStateData,
+		    <<(xml:element_to_binary(?SERRT_POLICY_VIOLATION(<<"en">>,
+								     CertCheckMsg)))/binary,
+		      (?STREAM_TRAILER)/binary>>),
+	  ?INFO_MSG("Closing s2s connection: ~s -> ~s (~s)",
+		    [NewStateData#state.myname,
+		     NewStateData#state.server,
+		     CertCheckMsg]),
+	  {stop, normal, NewStateData};
       {<<"jabber:server">>, <<"jabber:server:dialback">>,
        false} ->
-	  send_db_request(StateData);
+	  send_db_request(NewStateData);
       {<<"jabber:server">>, <<"jabber:server:dialback">>,
        true}
-	  when StateData#state.use_v10 ->
-	  {next_state, wait_for_features, StateData, ?FSMTIMEOUT};
+	  when NewStateData#state.use_v10 ->
+	  {next_state, wait_for_features, NewStateData, ?FSMTIMEOUT};
       %% Clause added to handle Tigase's workaround for an old ejabberd bug:
       {<<"jabber:server">>, <<"jabber:server:dialback">>,
        true}
-	  when not StateData#state.use_v10 ->
-	  send_db_request(StateData);
+	  when not NewStateData#state.use_v10 ->
+	  send_db_request(NewStateData);
       {<<"jabber:server">>, <<"">>, true}
-	  when StateData#state.use_v10 ->
+	  when NewStateData#state.use_v10 ->
 	  {next_state, wait_for_features,
-	   StateData#state{db_enabled = false}, ?FSMTIMEOUT};
+	   NewStateData#state{db_enabled = false}, ?FSMTIMEOUT};
       {NSProvided, DB, _} ->
-	  send_text(StateData, ?INVALID_NAMESPACE_ERR),
+	  send_text(NewStateData, ?INVALID_NAMESPACE_ERR),
 	  ?INFO_MSG("Closing s2s connection: ~s -> ~s (invalid "
 		    "namespace).~nNamespace provided: ~p~nNamespac"
 		    "e expected: \"jabber:server\"~nxmlns:db "
 		    "provided: ~p~nAll attributes: ~p",
-		    [StateData#state.myname, StateData#state.server,
+		    [NewStateData#state.myname, NewStateData#state.server,
 		     NSProvided, DB, Attrs]),
-	  {stop, normal, StateData}
+	  {stop, normal, NewStateData}
     end;
 wait_for_stream({xmlstreamerror, _}, StateData) ->
     send_text(StateData,
@@ -545,15 +592,19 @@ wait_for_features({xmlstreamelement, El}, StateData) ->
 	  if not SASLEXT and not StartTLS and
 	       StateData#state.authenticated ->
 		 send_queue(StateData, StateData#state.queue),
-		 ?INFO_MSG("Connection established: ~s -> ~s",
-			   [StateData#state.myname, StateData#state.server]),
+		 ?INFO_MSG("Connection established: ~s -> ~s with "
+			   "SASL EXTERNAL and TLS=~p",
+			   [StateData#state.myname, StateData#state.server,
+			    StateData#state.tls_enabled]),
 		 ejabberd_hooks:run(s2s_connect_hook,
 				    [StateData#state.myname,
 				     StateData#state.server]),
 		 {next_state, stream_established,
 		  StateData#state{queue = queue:new()}};
 	     SASLEXT and StateData#state.try_auth and
-	       (StateData#state.new /= false) ->
+	       (StateData#state.new /= false) and
+		 (StateData#state.tls_enabled or
+		   not StateData#state.tls_required) ->
 		 send_element(StateData,
 			      #xmlel{name = <<"auth">>,
 				     attrs =
@@ -694,7 +745,7 @@ wait_for_starttls_proceed({xmlstreamelement, El},
 		       [{StateData#state.myname, StateData#state.server}]),
 		Socket = StateData#state.socket,
 		TLSOpts = case
-			    ejabberd_config:get_local_option(
+			    ejabberd_config:get_option(
                               {domain_certfile, StateData#state.myname},
                               fun iolist_to_binary/1)
 			      of
@@ -711,8 +762,8 @@ wait_for_starttls_proceed({xmlstreamelement, El},
 					       tls_options = TLSOpts},
 		send_text(NewStateData,
 			  io_lib:format(?STREAM_HEADER,
-					[StateData#state.myname,
-					 StateData#state.server,
+					[NewStateData#state.myname,
+					 NewStateData#state.server,
 					 <<" version='1.0'">>])),
 		{next_state, wait_for_stream, NewStateData,
 		 ?FSMTIMEOUT};
@@ -1134,16 +1185,15 @@ get_addr_port(Server) ->
     end.
 
 srv_lookup(Server) ->
-    Options = case
-		ejabberd_config:get_local_option(
-                  s2s_dns_options, fun(L) when is_list(L) -> L end)
-		  of
-                undefined -> [];
-                L -> L
-	      end,
-    TimeoutMs = timer:seconds(proplists:get_value(timeout,
-						  Options, 10)),
-    Retries = proplists:get_value(retries, Options, 2),
+    TimeoutMs = timer:seconds(
+                  ejabberd_config:get_option(
+                    s2s_dns_timeout,
+                    fun(I) when is_integer(I), I>=0 -> I end,
+                    10)),
+    Retries = ejabberd_config:get_option(
+                s2s_dns_retries,
+                fun(I) when is_integer(I), I>=0 -> I end,
+                2),
     srv_lookup(binary_to_list(Server), TimeoutMs, Retries).
 
 %% XXX - this behaviour is suboptimal in the case that the domain
@@ -1203,15 +1253,15 @@ get_addrs(Host, Family) ->
     end.
 
 outgoing_s2s_port() ->
-    ejabberd_config:get_local_option(
+    ejabberd_config:get_option(
       outgoing_s2s_port,
       fun(I) when is_integer(I), I > 0, I =< 65536 -> I end,
       5269).
 
 outgoing_s2s_families() ->
-    ejabberd_config:get_local_option(
-      outgoing_s2s_options,
-      fun({Families, _}) ->
+    ejabberd_config:get_option(
+      outgoing_s2s_families,
+      fun(Families) ->
               true = lists:all(
                        fun(ipv4) -> true;
                           (ipv6) -> true
@@ -1220,14 +1270,43 @@ outgoing_s2s_families() ->
       end, [ipv4, ipv6]).
 
 outgoing_s2s_timeout() ->
-    ejabberd_config:get_local_option(
-      outgoing_s2s_options,
-      fun({_, TimeOut}) when is_integer(TimeOut), TimeOut > 0 ->
+    ejabberd_config:get_option(
+      outgoing_s2s_timeout,
+      fun(TimeOut) when is_integer(TimeOut), TimeOut > 0 ->
               TimeOut;
-         ({_, infinity}) ->
+         (infinity) ->
               infinity
       end, 10000).
 
+transform_options(Opts) ->
+    lists:foldl(fun transform_options/2, [], Opts).
+
+transform_options({outgoing_s2s_options, Families, Timeout}, Opts) ->
+    ?WARNING_MSG("Option 'outgoing_s2s_options' is deprecated. "
+                 "The option is still supported "
+                 "but it is better to fix your config: "
+                 "use 'outgoing_s2s_timeout' and "
+                 "'outgoing_s2s_families' instead.", []),
+    [{outgoing_s2s_families, Families},
+     {outgoing_s2s_timeout, Timeout}
+     | Opts];
+transform_options({s2s_dns_options, S2SDNSOpts}, AllOpts) ->
+    ?WARNING_MSG("Option 's2s_dns_options' is deprecated. "
+                 "The option is still supported "
+                 "but it is better to fix your config: "
+                 "use 's2s_dns_timeout' and "
+                 "'s2s_dns_retries' instead", []),
+    lists:foldr(
+      fun({timeout, T}, AccOpts) ->
+              [{s2s_dns_timeout, T}|AccOpts];
+         ({retries, R}, AccOpts) ->
+              [{s2s_dns_retries, R}|AccOpts];
+         (_, AccOpts) ->
+              AccOpts
+      end, AllOpts, S2SDNSOpts);
+transform_options(Opt, Opts) ->
+    [Opt|Opts].
+
 %% Human readable S2S logging: Log only new outgoing connections as INFO
 %% Do not log dialback
 log_s2s_out(false, _, _, _) -> ok;
@@ -1270,7 +1349,7 @@ wait_before_reconnect(StateData) ->
 		     queue = queue:new()}}.
 
 get_max_retry_delay() ->
-    case ejabberd_config:get_local_option(
+    case ejabberd_config:get_option(
            s2s_max_retry_delay,
            fun(I) when is_integer(I), I > 0 -> I end) of
         undefined -> ?MAX_RETRY_DELAY;
@@ -1287,7 +1366,7 @@ terminate_if_waiting_delay(From, To) ->
 		  Pids).
 
 fsm_limit_opts() ->
-    case ejabberd_config:get_local_option(
+    case ejabberd_config:get_option(
            max_fsm_queue,
            fun(I) when is_integer(I), I > 0 -> I end) of
         undefined -> [];

src/ejabberd_service.erl

@@ -5,7 +5,7 @@
 %%% Created :  6 Dec 2002 by Alexey Shchepin <alexey@process-one.net>
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -17,10 +17,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 
@@ -34,7 +33,7 @@
 
 %% External exports
 -export([start/2, start_link/2, send_text/2,
-	 send_element/2, socket_type/0]).
+	 send_element/2, socket_type/0, transform_listen_option/2]).
 
 %% gen_fsm callbacks
 -export([init/1, wait_for_stream/2,
@@ -124,29 +123,18 @@ init([{SockMod, Socket}, Opts]) ->
 	       {value, {_, A}} -> A;
 	       _ -> all
 	     end,
-    {Hosts, Password} = case lists:keysearch(hosts, 1, Opts)
-			    of
-			  {value, {_, Hs, HOpts}} ->
-			      case lists:keysearch(password, 1, HOpts) of
-				{value, {_, P}} -> {Hs, P};
-				_ ->
-				    % TODO: generate error
-				    false
-			      end;
-			  _ ->
-			      case lists:keysearch(host, 1, Opts) of
-				{value, {_, H, HOpts}} ->
-				    case lists:keysearch(password, 1, HOpts) of
-				      {value, {_, P}} -> {[H], P};
-				      _ ->
-					  % TODO: generate error
-					  false
-				    end;
-				_ ->
-				    % TODO: generate error
-				    false
-			      end
-			end,
+    %% This should be improved probably
+    {Hosts, HostOpts} = case lists:keyfind(hosts, 1, Opts) of
+                            {_, HOpts} ->
+                                {[H || {H, _} <- HOpts],
+                                 lists:flatten(
+                                   [O || {_, O} <- HOpts])};
+                            _ ->
+                                {[], []}
+                        end,
+    Password = gen_mod:get_opt(password, HostOpts,
+                               fun iolist_to_binary/1,
+                               p1_sha:sha(crypto:rand_bytes(20))),
     Shaper = case lists:keysearch(shaper_rule, 1, Opts) of
 	       {value, {_, S}} -> S;
 	       _ -> none
@@ -384,12 +372,30 @@ send_element(StateData, El) ->
 
 new_id() -> randoms:get_string().
 
+transform_listen_option({hosts, Hosts, O}, Opts) ->
+    case lists:keyfind(hosts, 1, Opts) of
+        {_, PrevHostOpts} ->
+            NewHostOpts =
+                lists:foldl(
+                  fun(H, Acc) ->
+                          dict:append_list(H, O, Acc)
+                  end, dict:from_list(PrevHostOpts), Hosts),
+            [{hosts, dict:to_list(NewHostOpts)}|
+             lists:keydelete(hosts, 1, Opts)];
+        _ ->
+            [{hosts, [{H, O} || H <- Hosts]}|Opts]
+    end;
+transform_listen_option({host, Host, Os}, Opts) ->
+    transform_listen_option({hosts, [Host], Os}, Opts);
+transform_listen_option(Opt, Opts) ->
+    [Opt|Opts].
+
 fsm_limit_opts(Opts) ->
     case lists:keysearch(max_fsm_queue, 1, Opts) of
         {value, {_, N}} when is_integer(N) ->
             [{max_queue, N}];
         _ ->
-            case ejabberd_config:get_local_option(
+            case ejabberd_config:get_option(
                    max_fsm_queue,
                    fun(I) when is_integer(I), I > 0 -> I end) of
                 undefined -> [];

src/ejabberd_sm.erl

@@ -5,7 +5,7 @@
 %%% Created : 24 Nov 2002 by Alexey Shchepin <alexey@process-one.net>
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -17,10 +17,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 
@@ -33,11 +32,14 @@
 %% API
 -export([start_link/0,
 	 route/3,
-	 open_session/5, close_session/4,
+	 open_session/5,
+	 open_session/6,
+	 close_session/4,
 	 check_in_subscription/6,
 	 bounce_offline_message/3,
 	 disconnect_removed_user/2,
 	 get_user_resources/2,
+	 get_user_present_resources/2,
 	 set_presence/7,
 	 unset_presence/6,
 	 close_session_unset_presence/5,
@@ -52,9 +54,12 @@
 	 connected_users/0,
 	 connected_users_number/0,
 	 user_resources/2,
+	 kick_user/2,
 	 get_session_pid/3,
 	 get_user_info/3,
 	 get_user_ip/3,
+	 get_max_user_sessions/2,
+	 get_all_pids/0,
 	 is_existing_resource/3
 	]).
 
@@ -68,7 +73,7 @@
 -include("jlib.hrl").
 
 -include("ejabberd_commands.hrl").
-
+-include_lib("stdlib/include/ms_transform.hrl").
 -include("mod_privacy.hrl").
 
 -record(session, {sid, usr, us, priority, info}).
@@ -107,10 +112,10 @@ route(From, To, Packet) ->
       _ -> ok
     end.
 
--spec open_session(sid(), binary(), binary(), binary(), info()) -> ok.
+-spec open_session(sid(), binary(), binary(), binary(), prio(), info()) -> ok.
 
-open_session(SID, User, Server, Resource, Info) ->
-    set_session(SID, User, Server, Resource, undefined, Info),
+open_session(SID, User, Server, Resource, Priority, Info) ->
+    set_session(SID, User, Server, Resource, Priority, Info),
     mnesia:dirty_update_counter(session_counter,
 				jlib:nameprep(Server), 1),
     check_for_sessions_to_replace(User, Server, Resource),
@@ -118,6 +123,11 @@ open_session(SID, User, Server, Resource, Info) ->
     ejabberd_hooks:run(sm_register_connection_hook,
 		       JID#jid.lserver, [SID, JID, Info]).
 
+-spec open_session(sid(), binary(), binary(), binary(), info()) -> ok.
+
+open_session(SID, User, Server, Resource, Info) ->
+    open_session(SID, User, Server, Resource, undefined, Info).
+
 -spec close_session(sid(), binary(), binary(), binary()) -> ok.
 
 close_session(SID, User, Server, Resource) ->
@@ -167,6 +177,20 @@ get_user_resources(User, Server) ->
 	    [element(3, S#session.usr) || S <- clean_session_list(Ss)]
     end.
 
+-spec get_user_present_resources(binary(), binary()) -> [tuple()].
+
+get_user_present_resources(LUser, LServer) ->
+    US = {LUser, LServer},
+    case catch mnesia:dirty_index_read(session, US,
+				       #session.us)
+	of
+      {'EXIT', _Reason} -> [];
+      Ss ->
+	  [{S#session.priority, element(3, S#session.usr)}
+	   || S <- clean_session_list(Ss),
+	      is_integer(S#session.priority)]
+    end.
+
 -spec get_user_ip(binary(), binary(), binary()) -> ip().
 
 get_user_ip(User, Server, Resource) ->
@@ -260,13 +284,23 @@ dirty_get_my_sessions_list() ->
 	[{'==', {node, '$1'}, node()}],
 	['$_']}]).
 
+-spec get_vh_session_list(binary()) -> [ljid()].
+
 get_vh_session_list(Server) ->
     LServer = jlib:nameprep(Server),
     mnesia:dirty_select(session,
 			[{#session{usr = '$1', _ = '_'},
 			  [{'==', {element, 2, '$1'}, LServer}], ['$1']}]).
 
--spec get_vh_session_list(binary()) -> [ljid()].
+-spec get_all_pids() -> [pid()].
+
+get_all_pids() ->
+    mnesia:dirty_select(
+      session,
+      ets:fun2ms(
+        fun(#session{sid = {_, Pid}}) ->
+		Pid
+        end)).
 
 get_vh_session_number(Server) ->
     LServer = jlib:nameprep(Server),
@@ -670,20 +704,6 @@ clean_session_list([S1, S2 | Rest], Res) ->
 
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 
-get_user_present_resources(LUser, LServer) ->
-    US = {LUser, LServer},
-    case catch mnesia:dirty_index_read(session, US,
-				       #session.us)
-	of
-      {'EXIT', _Reason} -> [];
-      Ss ->
-	  [{S#session.priority, element(3, S#session.usr)}
-	   || S <- clean_session_list(Ss),
-	      is_integer(S#session.priority)]
-    end.
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-
 %% On new session, check if some existing connections need to be replace
 check_for_sessions_to_replace(User, Server, Resource) ->
     LUser = jlib:nodeprep(User),
@@ -800,8 +820,14 @@ commands() ->
 			tags = [session],
 			desc = "List user's connected resources",
 			module = ?MODULE, function = user_resources,
-			args = [{user, string}, {host, string}],
-			result = {resources, {list, {resource, string}}}}].
+			args = [{user, binary}, {host, binary}],
+			result = {resources, {list, {resource, string}}}},
+     #ejabberd_commands{name = kick_user,
+			tags = [session],
+			desc = "Disconnect user's active sessions",
+			module = ?MODULE, function = kick_user,
+			args = [{user, binary}, {host, binary}],
+			result = {num_resources, integer}}].
 
 -spec connected_users() -> [binary()].
 
@@ -818,6 +844,14 @@ user_resources(User, Server) ->
     Resources = get_user_resources(User, Server),
     lists:sort(Resources).
 
+kick_user(User, Server) ->
+    Resources = get_user_resources(User, Server),
+    lists:foreach(
+	fun(Resource) ->
+		PID = get_session_pid(User, Server, Resource),
+		PID ! kick
+	end, Resources),
+    length(Resources).
 
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %%% Update Mnesia tables
@@ -827,6 +861,7 @@ update_tables() ->
       [ur, user, node] -> mnesia:delete_table(session);
       [ur, user, pid] -> mnesia:delete_table(session);
       [usr, us, pid] -> mnesia:delete_table(session);
+      [usr, us, sid, priority, info] -> mnesia:delete_table(session);
       [sid, usr, us, priority] ->
 	  mnesia:delete_table(session);
       [sid, usr, us, priority, info] -> ok;

src/ejabberd_socket.erl

@@ -5,7 +5,7 @@
 %%% Created : 23 Aug 2006 by Alexey Shchepin <alexey@process-one.net>
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -17,10 +17,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
 

src/ejabberd_stun.erl

@@ -0,0 +1,83 @@
+%%%-------------------------------------------------------------------
+%%% @author Evgeny Khramtsov <ekhramtsov@process-one.net>
+%%% @copyright (C) 2014, Evgeny Khramtsov
+%%% @doc
+%%%
+%%% @end
+%%% Created :  8 May 2014 by Evgeny Khramtsov <ekhramtsov@process-one.net>
+%%%-------------------------------------------------------------------
+-module(ejabberd_stun).
+
+%% API
+-export([tcp_init/2, udp_init/2, udp_recv/5, start/2, socket_type/0]).
+
+-include("ejabberd.hrl").
+-include("logger.hrl").
+
+%%%===================================================================
+%%% API
+%%%===================================================================
+tcp_init(Socket, Opts) ->
+    ejabberd:start_app(p1_stun),
+    stun:tcp_init(Socket, prepare_turn_opts(Opts)).
+
+udp_init(Socket, Opts) ->
+    ejabberd:start_app(p1_stun),
+    stun:udp_init(Socket, prepare_turn_opts(Opts)).
+
+udp_recv(Socket, Addr, Port, Packet, Opts) ->
+    stun:udp_recv(Socket, Addr, Port, Packet, Opts).
+
+start(Opaque, Opts) ->
+    stun:start(Opaque, Opts).
+
+socket_type() ->
+    raw.
+
+%%%===================================================================
+%%% Internal functions
+%%%===================================================================
+prepare_turn_opts(Opts) ->
+    UseTurn = proplists:get_bool(use_turn, Opts),
+    prepare_turn_opts(Opts, UseTurn).
+
+prepare_turn_opts(Opts, _UseTurn = false) ->
+    Opts;
+prepare_turn_opts(Opts, _UseTurn = true) ->
+    NumberOfMyHosts = length(?MYHOSTS),
+    case proplists:get_value(turn_ip, Opts) of
+	undefined ->
+	    ?WARNING_MSG("option 'turn_ip' is undefined, "
+			 "more likely the TURN relay won't be working "
+			 "properly", []);
+	_ ->
+	    ok
+    end,
+    AuthFun = fun ejabberd_auth:get_password_s/2,
+    Shaper = gen_mod:get_opt(shaper, Opts,
+			     fun(S) when is_atom(S) -> S end,
+			     none),
+    AuthType = gen_mod:get_opt(auth_type, Opts,
+			       fun(anonymous) -> anonymous;
+				  (user) -> user
+			       end, user),
+    Realm = case gen_mod:get_opt(auth_realm, Opts, fun iolist_to_binary/1) of
+		undefined when AuthType == user ->
+		    if NumberOfMyHosts > 1 ->
+			    ?WARNING_MSG("you have several virtual "
+					 "hosts configured, but option "
+					 "'auth_realm' is undefined and "
+					 "'auth_type' is set to 'user', "
+					 "more likely the TURN relay won't "
+					 "be working properly. Using ~s as "
+					 "a fallback", [?MYNAME]);
+		       true ->
+			    ok
+		    end,
+		    [{auth_realm, ?MYNAME}];
+		_ ->
+		    []
+	    end,
+    MaxRate = shaper:get_max_rate(Shaper),
+    Realm ++ [{auth_fun, AuthFun},{shaper, MaxRate} |
+	      lists:keydelete(shaper, 1, Opts)].

src/ejabberd_sup.erl

@@ -5,7 +5,7 @@
 %%% Created : 31 Jan 2003 by Alexey Shchepin <alexey@process-one.net>
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2013   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2014   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -17,10 +17,9 @@
 %%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 %%% General Public License for more details.
 %%%
-%%% You should have received a copy of the GNU General Public License
-%%% along with this program; if not, write to the Free Software
-%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
-%%% 02111-1307 USA
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------