Modify arguments of c2s_auth_result hook

The hook now accepts `true | {false, Reason :: binary()}` arguments
instead of just `true | false`

diff --git a/src/ejabberd_c2s.erl b/src/ejabberd_c2s.erl
index 25e6ee4d738e9ed73306cce35cf435adc9ba2822..492e2d89339585f2f44f638a2f9d3bec0364b14e 100644 (file)
--- a/src/ejabberd_c2s.erl
+++ b/src/ejabberd_c2s.erl
@@ -42,7 +42,7 @@
         handle_auth_success/4, handle_auth_failure/4, handle_send/3,
         handle_recv/3, handle_cdata/2, handle_unbinded_packet/2]).
 %% Hooks
--export([handle_unexpected_cast/2,
+-export([handle_unexpected_cast/2, process_auth_result/3,
         reject_unauthenticated_packet/2, process_closed/2,
         process_terminated/2, process_info/2]).
 %% API
@@ -159,6 +159,8 @@ host_up(Host) ->
                       reject_unauthenticated_packet, 100),
     ejabberd_hooks:add(c2s_handle_info, Host, ?MODULE,
                       process_info, 100),
+    ejabberd_hooks:add(c2s_auth_result, Host, ?MODULE,
+                      process_auth_result, 100),
     ejabberd_hooks:add(c2s_handle_cast, Host, ?MODULE,
                       handle_unexpected_cast, 100).
 
@@ -171,6 +173,8 @@ host_down(Host) ->
                          reject_unauthenticated_packet, 100),
     ejabberd_hooks:delete(c2s_handle_info, Host, ?MODULE,
                          process_info, 100),
+    ejabberd_hooks:delete(c2s_auth_result, Host, ?MODULE,
+                         process_auth_result, 100),
     ejabberd_hooks:delete(c2s_handle_cast, Host, ?MODULE,
                          handle_unexpected_cast, 100).
 
@@ -257,6 +261,25 @@ reject_unauthenticated_packet(State, _Pkt) ->
     Err = xmpp:serr_not_authorized(),
     send(State, Err).
 
+process_auth_result(#{sasl_mech := Mech, auth_module := AuthModule,
+                     socket := Socket, ip := IP, lserver := LServer} = State,
+                   true, User) ->
+    ?INFO_MSG("(~s) Accepted c2s ~s authentication for ~s@~s by ~s backend from ~s",
+              [xmpp_socket:pp(Socket), Mech, User, LServer,
+               ejabberd_auth:backend_type(AuthModule),
+               ejabberd_config:may_hide_data(misc:ip_to_list(IP))]),
+    State;
+process_auth_result(#{sasl_mech := Mech,
+                     socket := Socket, ip := IP, lserver := LServer} = State,
+                   {false, Reason}, User) ->
+    ?WARNING_MSG("(~s) Failed c2s ~s authentication ~sfrom ~s: ~s",
+                 [xmpp_socket:pp(Socket), Mech,
+                  if User /= <<"">> -> ["for ", User, "@", LServer, " "];
+                     true -> ""
+                  end,
+                  ejabberd_config:may_hide_data(misc:ip_to_list(IP)), Reason]),
+    State.
+
 process_closed(State, Reason) ->
     stop(State#{stop_reason => Reason}).
 
@@ -436,26 +459,14 @@ handle_stream_end(Reason, #{lserver := LServer} = State) ->
     State1 = State#{stop_reason => Reason},
     ejabberd_hooks:run_fold(c2s_closed, LServer, State1, [Reason]).
 
-handle_auth_success(User, Mech, AuthModule,
-                   #{socket := Socket,
-                     ip := IP, lserver := LServer} = State) ->
-    ?INFO_MSG("(~s) Accepted c2s ~s authentication for ~s@~s by ~s backend from ~s",
-             [xmpp_socket:pp(Socket), Mech, User, LServer,
-              ejabberd_auth:backend_type(AuthModule),
-              ejabberd_config:may_hide_data(misc:ip_to_list(IP))]),
+handle_auth_success(User, _Mech, AuthModule,
+                   #{lserver := LServer} = State) ->
     State1 = State#{auth_module => AuthModule},
     ejabberd_hooks:run_fold(c2s_auth_result, LServer, State1, [true, User]).
 
-handle_auth_failure(User, Mech, Reason,
-                   #{socket := Socket,
-                     ip := IP, lserver := LServer} = State) ->
-    ?WARNING_MSG("(~s) Failed c2s ~s authentication ~sfrom ~s: ~s",
-                [xmpp_socket:pp(Socket), Mech,
-                 if User /= <<"">> -> ["for ", User, "@", LServer, " "];
-                    true -> ""
-                 end,
-                 ejabberd_config:may_hide_data(misc:ip_to_list(IP)), Reason]),
-    ejabberd_hooks:run_fold(c2s_auth_result, LServer, State, [false, User]).
+handle_auth_failure(User, _Mech, Reason,
+                   #{lserver := LServer} = State) ->
+    ejabberd_hooks:run_fold(c2s_auth_result, LServer, State, [{false, Reason}, User]).
 
 handle_unbinded_packet(Pkt, #{lserver := LServer} = State) ->
     ejabberd_hooks:run_fold(c2s_unbinded_packet, LServer, State, [Pkt]).

diff --git a/src/mod_fail2ban.erl b/src/mod_fail2ban.erl
index 3e3d7c578694014ae3487cd92f6473199e5c6244..7c59fefcb8ec60f560d92d5cae5503f1a10bae89 100644 (file)
--- a/src/mod_fail2ban.erl
+++ b/src/mod_fail2ban.erl
@@ -1,7 +1,7 @@
 %%%-------------------------------------------------------------------
 %%% File    : mod_fail2ban.erl
 %%% Author  : Evgeny Khramtsov <ekhramtsov@process-one.net>
-%%% Purpose : 
+%%% Purpose :
 %%% Created : 15 Aug 2014 by Evgeny Khramtsov <ekhramtsov@process-one.net>
 %%%
 %%%
@@ -51,9 +51,9 @@
 %%%===================================================================
 %%% API
 %%%===================================================================
--spec c2s_auth_result(ejabberd_c2s:state(), boolean(), binary())
+-spec c2s_auth_result(ejabberd_c2s:state(), true | {false, binary()}, binary())
       -> ejabberd_c2s:state() | {stop, ejabberd_c2s:state()}.
-c2s_auth_result(#{ip := {Addr, _}, lserver := LServer} = State, false, _User) ->
+c2s_auth_result(#{ip := {Addr, _}, lserver := LServer} = State, {false, _}, _User) ->
     case is_whitelisted(LServer, Addr) of
        true ->
            State;