diff --git a/doc/configuration/s2s.md b/doc/configuration/s2s.md index 2fe95175815..5fe5e624b66 100644 --- a/doc/configuration/s2s.md +++ b/doc/configuration/s2s.md @@ -123,7 +123,7 @@ Specifies the order of IP address families to try when establishing an outgoing * **Default:** `10_000` * **Example:** `outgoing.connection_timeout = 5000` -Timeout (in seconds) for establishing an outgoing S2S connection. +Timeout (in milliseconds) for establishing an outgoing S2S connection. ### `s2s.dns.timeout` * **Scope:** local diff --git a/src/config/mongoose_config_spec.erl b/src/config/mongoose_config_spec.erl index f60c5310e9a..6f8d0e0862d 100644 --- a/src/config/mongoose_config_spec.erl +++ b/src/config/mongoose_config_spec.erl @@ -30,7 +30,6 @@ process_riak_credentials/1, process_iqdisc/1, process_acl_condition/1, - process_s2s_address_family/1, process_s2s_host_policy/1, process_s2s_address/1, process_domain_cert/1]). @@ -149,7 +148,7 @@ host_config() -> <<"modules">> => modules(), <<"acl">> => acl(), <<"access">> => access(), - <<"s2s">> => s2s() + <<"s2s">> => host_s2s() }, wrap = none }. @@ -868,39 +867,54 @@ access_rule_item() -> format_items = map }. -%% path: (host_config[].)s2s +%% path: s2s s2s() -> #section{ - items = #{<<"dns">> => s2s_dns(), - <<"outgoing">> => s2s_outgoing(), - <<"use_starttls">> => #option{type = atom, - validate = {enum, [false, optional, required, - required_trusted]}, - wrap = {global_config, s2s_use_starttls}}, - <<"certfile">> => #option{type = string, - validate = non_empty, - wrap = {global_config, s2s_certfile}}, - <<"default_policy">> => #option{type = atom, - validate = {enum, [allow, deny]}, - wrap = {host_config, s2s_default_policy}}, - <<"host_policy">> => #list{items = s2s_host_policy(), - format_items = map, - wrap = {host_config, s2s_host_policy}}, - <<"address">> => #list{items = s2s_address(), - format_items = map, - wrap = {global_config, s2s_address}}, - <<"ciphers">> => #option{type = string, - wrap = {global_config, s2s_ciphers}}, - <<"shared">> => #option{type = binary, - validate = non_empty, - wrap = {host_config, s2s_shared}}, - <<"max_retry_delay">> => #option{type = integer, - validate = positive, - wrap = {host_config, s2s_max_retry_delay}} - }, + items = maps:merge(s2s_global_items(), s2s_host_items()), + defaults = #{<<"address">> => #{}}, + include = always, wrap = none }. +%% path: host_config[].s2s +host_s2s() -> + #section{ + items = s2s_host_items(), + wrap = none + }. + +s2s_host_items() -> + #{<<"default_policy">> => #option{type = atom, + validate = {enum, [allow, deny]}, + wrap = {host_config, s2s_default_policy}}, + <<"host_policy">> => #list{items = s2s_host_policy(), + format_items = map, + wrap = {host_config, s2s_host_policy}}, + <<"shared">> => #option{type = binary, + validate = non_empty, + wrap = {host_config, s2s_shared}}, + <<"max_retry_delay">> => #option{type = integer, + validate = positive, + wrap = {host_config, s2s_max_retry_delay}} + }. + +s2s_global_items() -> + #{<<"dns">> => s2s_dns(), + <<"outgoing">> => s2s_outgoing(), + <<"use_starttls">> => #option{type = atom, + validate = {enum, [false, optional, required, + required_trusted]}, + wrap = {global_config, s2s_use_starttls}}, + <<"certfile">> => #option{type = string, + validate = non_empty, + wrap = {global_config, s2s_certfile}}, + <<"address">> => #list{items = s2s_address(), + format_items = map, + wrap = {global_config, s2s_address}}, + <<"ciphers">> => #option{type = string, + wrap = {global_config, s2s_ciphers}} + }. + %% path: (host_config[].)s2s.dns s2s_dns() -> #section{ @@ -908,26 +922,31 @@ s2s_dns() -> validate = positive}, <<"retries">> => #option{type = integer, validate = positive}}, - wrap = {global_config, s2s_dns_options} + format_items = map, + include = always, + defaults = #{<<"timeout">> => 10, + <<"retries">> => 2}, + wrap = {global_config, s2s_dns} }. %% path: (host_config[].)s2s.outgoing s2s_outgoing() -> #section{ items = #{<<"port">> => #option{type = integer, - validate = port, - wrap = {global_config, outgoing_s2s_port}}, + validate = port}, <<"ip_versions">> => #list{items = #option{type = integer, - validate = {enum, [4, 6]}, - process = fun ?MODULE:process_s2s_address_family/1}, - validate = unique_non_empty, - wrap = {global_config, outgoing_s2s_families}}, + validate = {enum, [4, 6]}}, + validate = unique_non_empty}, <<"connection_timeout">> => #option{type = int_or_infinity, - validate = positive, - wrap = {global_config, outgoing_s2s_timeout}} + validate = positive} }, - wrap = none + format_items = map, + include = always, + defaults = #{<<"port">> => 5269, + <<"ip_versions">> => [4, 6], + <<"connection_timeout">> => 10000}, + wrap = {global_config, s2s_outgoing} }. %% path: (host_config[].)s2s.host_policy[] @@ -1230,16 +1249,11 @@ process_acl_condition(Value) -> Node -> Node end. -process_s2s_address_family(4) -> ipv4; -process_s2s_address_family(6) -> ipv6. - process_s2s_host_policy(#{host := S2SHost, policy := Policy}) -> {S2SHost, Policy}. -process_s2s_address(#{host := S2SHost, ip_address := IPAddr, port := Port}) -> - {S2SHost, {IPAddr, Port}}; -process_s2s_address(#{host := S2SHost, ip_address := IPAddr}) -> - {S2SHost, IPAddr}. +process_s2s_address(M) -> + maps:take(host, M). process_domain_cert(#{domain := Domain, certfile := Certfile}) -> {Domain, Certfile}. diff --git a/src/ejabberd_s2s_out.erl b/src/ejabberd_s2s_out.erl index 6562c988074..dd929ba5bed 100644 --- a/src/ejabberd_s2s_out.erl +++ b/src/ejabberd_s2s_out.erl @@ -51,13 +51,11 @@ handle_info/3, terminate/3, print_state/1, - code_change/4, - test_get_addr_port/1, - get_addr_port/1]). + code_change/4]). --ignore_xref([get_addr_port/1, open_socket/2, print_state/1, relay_to_bridge/2, +-ignore_xref([open_socket/2, print_state/1, relay_to_bridge/2, reopen_socket/2, start_link/3, stream_established/2, - test_get_addr_port/1, wait_before_retry/2, wait_for_auth_result/2, + wait_before_retry/2, wait_for_auth_result/2, wait_for_features/2, wait_for_starttls_proceed/2, wait_for_stream/2, wait_for_stream/2, wait_for_validation/2]). @@ -97,6 +95,11 @@ -type fsm_return() :: {'stop', Reason :: 'normal', state()} | {'next_state', statename(), state()} | {'next_state', statename(), state(), Timeout :: integer()}. + +-type addr() :: #{ip_tuple := inet:ip_adress(), + port := inet:port_number(), + type := inet | inet6}. + %%-define(DBGFSM, true). -ifdef(DBGFSM). @@ -245,10 +248,10 @@ open_socket(init, StateData) -> new => StateData#state.new, verify => StateData#state.verify}), AddrList = get_addr_list(StateData#state.server), - case lists:foldl(fun({_Addr, _Port}, {ok, Socket}) -> + case lists:foldl(fun(_, {ok, Socket}) -> {ok, Socket}; - ({Addr, Port}, _Acc) -> - open_socket1(Addr, Port) + (#{ip_tuple := Addr, port := Port, type := Type}, _) -> + open_socket2(Type, Addr, Port) end, ?SOCKET_DEFAULT_RESULT, AddrList) of {ok, Socket} -> Version = case StateData#state.use_v10 of @@ -285,30 +288,7 @@ open_socket(timeout, StateData) -> open_socket(_, StateData) -> {next_state, open_socket, StateData}. -%%---------------------------------------------------------------------- -%% IPv4 --spec open_socket1(Host :: binary() | inet:ip_address(), - Port :: inet:port_number()) -> {'error', _} | {'ok', _}. -open_socket1({_, _, _, _} = Addr, Port) -> - open_socket2(inet, Addr, Port); -%% IPv6 -open_socket1({_, _, _, _, _, _, _, _} = Addr, Port) -> - open_socket2(inet6, Addr, Port); -%% Hostname -open_socket1(Host, Port) -> - lists:foldl(fun(_Family, {ok, _Socket} = R) -> - R; - (Family, _) -> - Addrs = get_addrs(Host, Family), - lists:foldl(fun(_Addr, {ok, _Socket} = R) -> - R; - (Addr, _) -> - open_socket1(Addr, Port) - end, ?SOCKET_DEFAULT_RESULT, Addrs) - end, ?SOCKET_DEFAULT_RESULT, outgoing_s2s_families()). - - --spec open_socket2(Type :: 'inet' | 'inet6', +-spec open_socket2(Type :: inet | inet6, Addr :: inet:ip_address(), Port :: inet:port_number()) -> {'error', _} | {'ok', _}. open_socket2(Type, Addr, Port) -> @@ -972,36 +952,41 @@ is_verify_res(_) -> -include_lib("kernel/include/inet.hrl"). --spec get_addr_port(jid:server()) -> [{inet:ip_address(), inet:port_number()}]. -get_addr_port(Server) -> +-spec lookup_services(jid:server()) -> [addr()]. +lookup_services(Server) -> + case ejabberd_s2s:domain_utf8_to_ascii(Server) of + false -> []; + ASCIIAddr -> do_lookup_services(ASCIIAddr) + end. + +-spec do_lookup_services(jid:server()) -> [addr()]. +do_lookup_services(Server) -> Res = srv_lookup(Server), case Res of {error, Reason} -> ?LOG_DEBUG(#{what => s2s_srv_lookup_failed, reason => Reason, server => Server}), - [{Server, outgoing_s2s_port()}]; - {ok, #hostent{h_addr_list = AddrList}} -> + []; + {ok, #hostent{h_addr_list = AddrList, h_addrtype = Type}} -> %% Probabilities are not exactly proportional to weights %% for simplicity (higher weights are overvalued) case (catch lists:map(fun calc_addr_index/1, AddrList)) of {'EXIT', _Reason} -> - [{Server, outgoing_s2s_port()}]; - SortedList -> - List = lists:keysort(1, SortedList), - List2 = remove_addr_index(List), + []; + IndexedAddrs -> + Addrs = [#{ip_tuple => Addr, port => Port, type => Type} + || {_Index, Addr, Port} <- lists:keysort(1, IndexedAddrs)], ?LOG_DEBUG(#{what => s2s_srv_lookup_success, - addresses => List2, server => Server}), - List2 + addresses => Addrs, server => Server}), + Addrs end end. -spec srv_lookup(jid:server()) -> {'error', atom()} | {'ok', inet:hostent()}. srv_lookup(Server) -> - Options = mongoose_config:get_opt(s2s_dns_options, []), - TimeoutMs = timer:seconds(proplists:get_value(timeout, Options, 10)), - Retries = proplists:get_value(retries, Options, 2), - srv_lookup(Server, TimeoutMs, Retries). + #{timeout := TimeoutSec, retries := Retries} = mongoose_config:get_opt(s2s_dns), + srv_lookup(Server, timer:seconds(TimeoutSec), Retries). %% @doc XXX - this behaviour is suboptimal in the case that the domain @@ -1030,51 +1015,37 @@ srv_lookup(Server, Timeout, Retries) -> {ok, _HEnt} = R -> R end. - -test_get_addr_port(Server) -> - lists:foldl( - fun(_, Acc) -> - [HostPort | _] = get_addr_port(Server), - case lists:keysearch(HostPort, 1, Acc) of - false -> - [{HostPort, 1} | Acc]; - {value, {_, Num}} -> - lists:keyreplace(HostPort, 1, Acc, {HostPort, Num + 1}) - end - end, [], lists:seq(1, 100000)). - - --spec get_addrs(Host :: atom() | binary() | string(), - Family :: 'inet4' | 'inet6' | 'ipv4' | 'ipv6' - ) -> [inet:ip_address()]. -get_addrs(Host, Family) when is_binary(Host) -> - get_addrs(binary_to_list(Host), Family); -get_addrs(Host, Family) -> - Type = case Family of - inet4 -> inet; - ipv4 -> inet; - inet6 -> inet6; - ipv6 -> inet6 - end, - case inet:gethostbyname(Host, Type) of +-spec lookup_addrs(jid:server()) -> [addr()]. +lookup_addrs(Server) -> + Port = outgoing_s2s_port(), + lists:foldl(fun(Type, []) -> + [#{ip_tuple => Addr, port => Port, type => Type} + || Addr <- lookup_addrs(Server, Type)]; + (_Type, Addrs) -> + Addrs + end, [], outgoing_s2s_types()). + +-spec lookup_addrs(jid:lserver(), inet | inet6) -> [inet:ip_address()]. +lookup_addrs(Server, Type) -> + case inet:gethostbyname(binary_to_list(Server), Type) of {ok, #hostent{h_addr_list = Addrs}} -> ?LOG_DEBUG(#{what => s2s_srv_resolve_success, - type => Type, server => Host, addresses => Addrs}), + type => Type, server => Server, addresses => Addrs}), Addrs; {error, Reason} -> ?LOG_DEBUG(#{what => s2s_srv_resolve_failed, - type => Type, server => Host, reason => Reason}), + type => Type, server => Server, reason => Reason}), [] end. --spec outgoing_s2s_port() -> integer(). +-spec outgoing_s2s_port() -> inet:port_number(). outgoing_s2s_port() -> - mongoose_config:get_opt(outgoing_s2s_port, 5269). + mongoose_config:get_opt([s2s_outgoing, port]). --spec outgoing_s2s_families() -> ['ipv4' | 'ipv6', ...]. -outgoing_s2s_families() -> +-spec outgoing_s2s_types() -> [inet | inet6, ...]. +outgoing_s2s_types() -> %% DISCUSSION: Why prefer IPv4 first? %% %% IPv4 connectivity will be available for everyone for @@ -1086,11 +1057,14 @@ outgoing_s2s_families() -> %% AAAA records for their sites due to the mentioned %% quality of current IPv6 connectivity. Making IPv6 the a %% `fallback' may avoid these problems elegantly. - mongoose_config:get_opt(outgoing_s2s_families, [ipv4, ipv6]). + [ip_version_to_type(V) || V <- mongoose_config:get_opt([s2s_outgoing, ip_versions])]. + +ip_version_to_type(4) -> inet; +ip_version_to_type(6) -> inet6. -spec outgoing_s2s_timeout() -> non_neg_integer() | infinity. outgoing_s2s_timeout() -> - mongoose_config:get_opt(outgoing_s2s_timeout, 10000). + mongoose_config:get_opt([s2s_outgoing, connection_timeout], 10000). %% @doc Human readable S2S logging: Log only new outgoing connections as INFO %% Do not log dialback @@ -1170,45 +1144,31 @@ fsm_limit_opts() -> [] end. - --spec get_addr_list(jid:server()) -> [{inet:ip_address(), inet:port_number()}]. +-spec get_addr_list(jid:server()) -> [addr()]. get_addr_list(Server) -> - case get_predefined_addresses(Server) of - [] -> - case ejabberd_s2s:domain_utf8_to_ascii(Server) of - false -> []; - ASCIIAddr -> get_addr_port(ASCIIAddr) - end; - - Addrs -> - Addrs - end. - + lists:foldl(fun(F, []) -> F(Server); + (_, Result) -> Result + end, [], [fun get_predefined_addresses/1, + fun lookup_services/1, + fun lookup_addrs/1]). %% @doc Get IPs predefined for a given s2s domain in the configuration --spec get_predefined_addresses(jid:server()) -> [{inet:ip_address(), inet:port_number()}]. +-spec get_predefined_addresses(jid:server()) -> [addr()]. get_predefined_addresses(Server) -> case mongoose_config:lookup_opt([s2s_address, Server]) of - {error, not_found} -> []; - {ok, S2SAddr} -> do_get_predefined_addresses(S2SAddr) + {ok, #{ip_address := IPAddress} = M} -> + {ok, IPTuple} = inet:parse_address(IPAddress), + Port = get_predefined_port(M), + [#{ip_tuple => IPTuple, port => Port, type => addr_type(IPTuple)}]; + {error, not_found} -> + [] end. --spec do_get_predefined_addresses(string() | inet:ip_address() | - {string() | inet:ip_address(), non_neg_integer()}) -> - [{inet:ip_address(), non_neg_integer()}]. -do_get_predefined_addresses({{_, _, _, _}, Port} = IP4Port) when is_integer(Port) -> - [IP4Port]; -do_get_predefined_addresses({{_, _, _, _, _, _, _, _}, Port} = IP6Port) when is_integer(Port) -> - [IP6Port]; -do_get_predefined_addresses({_, _, _, _} = IP4) -> - [{IP4, outgoing_s2s_port()}]; -do_get_predefined_addresses({_, _, _, _, _, _, _, _} = IP6) -> - [{IP6, outgoing_s2s_port()}]; -do_get_predefined_addresses({List, Port}) when is_list(List), is_integer(Port) -> - {ok, Addr} = inet:parse_strict_address(List), - do_get_predefined_addresses({Addr, Port}); -do_get_predefined_addresses(List) when is_list(List) -> - do_get_predefined_addresses({List, outgoing_s2s_port()}). +get_predefined_port(#{port := Port}) -> Port; +get_predefined_port(_) -> outgoing_s2s_port(). + +addr_type(Addr) when tuple_size(Addr) =:= 4 -> inet; +addr_type(Addr) when tuple_size(Addr) =:= 8 -> inet6. send_event(<<"valid">>, Pid, StateData) -> p1_fsm:send_event( @@ -1268,12 +1228,6 @@ calc_addr_index({Priority, Weight, Port, Host}) -> end, {Priority * 65536 - N, Host, Port}. -remove_addr_index(List) -> - lists:map( - fun({_, Host, Port}) -> - {Host, Port} - end, List). - handle_parsed_features({false, false, _, StateData = #state{authenticated = true}}) -> send_queue(StateData, StateData#state.queue), ?LOG_INFO(#{what => s2s_out_connected, diff --git a/test/config_parser_SUITE.erl b/test/config_parser_SUITE.erl index 6503f1de1c4..6558a75e047 100644 --- a/test/config_parser_SUITE.erl +++ b/test/config_parser_SUITE.erl @@ -1431,27 +1431,32 @@ access_merge_host_and_global(_Config) -> %% tests: s2s s2s_dns_timeout(_Config) -> - ?cfg(s2s_dns_options, [{timeout, 5}], #{<<"s2s">> => #{<<"dns">> => #{<<"timeout">> => 5}}}), + ?cfg([s2s_dns, timeout], 10, #{}), % default + ?cfg([s2s_dns, timeout], 5, #{<<"s2s">> => #{<<"dns">> => #{<<"timeout">> => 5}}}), ?err(#{<<"s2s">> => #{<<"dns">> => #{<<"timeout">> => 0}}}). s2s_dns_retries(_Config) -> - ?cfg(s2s_dns_options, [{retries, 1}], #{<<"s2s">> => #{<<"dns">> => #{<<"retries">> => 1}}}), + ?cfg([s2s_dns, retries], 2, #{}), % default + ?cfg([s2s_dns, retries], 1, #{<<"s2s">> => #{<<"dns">> => #{<<"retries">> => 1}}}), ?err(#{<<"s2s">> => #{<<"dns">> => #{<<"retries">> => 0}}}). s2s_outgoing_port(_Config) -> - ?cfg(outgoing_s2s_port, 5270, #{<<"s2s">> => #{<<"outgoing">> => #{<<"port">> => 5270}}}), + ?cfg([s2s_outgoing, port], 5269, #{}), % default + ?cfg([s2s_outgoing, port], 5270, #{<<"s2s">> => #{<<"outgoing">> => #{<<"port">> => 5270}}}), ?err(#{<<"s2s">> => #{<<"outgoing">> => #{<<"port">> => <<"http">>}}}). s2s_outgoing_ip_versions(_Config) -> - ?cfg(outgoing_s2s_families, [ipv6, ipv4], + ?cfg([s2s_outgoing, ip_versions], [4, 6], #{}), % default + ?cfg([s2s_outgoing, ip_versions], [6, 4], #{<<"s2s">> => #{<<"outgoing">> => #{<<"ip_versions">> => [6, 4]}}}), ?err(#{<<"s2s">> => #{<<"outgoing">> => #{<<"ip_versions">> => []}}}), ?err(#{<<"s2s">> => #{<<"outgoing">> => #{<<"ip_versions">> => [<<"http">>]}}}). s2s_outgoing_timeout(_Config) -> - ?cfg(outgoing_s2s_timeout, 5, - #{<<"s2s">> => #{<<"outgoing">> => #{<<"connection_timeout">> => 5}}}), - ?cfg(outgoing_s2s_timeout, infinity, + ?cfg([s2s_outgoing, connection_timeout], 10000, #{}), % default + ?cfg([s2s_outgoing, connection_timeout], 5000, + #{<<"s2s">> => #{<<"outgoing">> => #{<<"connection_timeout">> => 5000}}}), + ?cfg([s2s_outgoing, connection_timeout], infinity, #{<<"s2s">> => #{<<"outgoing">> => #{<<"connection_timeout">> => <<"infinity">>}}}), ?err(#{<<"s2s">> => #{<<"outgoing">> => #{<<"connection_timeout">> => 0}}}). @@ -1487,9 +1492,10 @@ s2s_address(_Config) -> Addr = #{<<"host">> => <<"host1">>, <<"ip_address">> => <<"192.168.1.2">>, <<"port">> => 5321}, - ?cfg(s2s_address, #{<<"host1">> => {"192.168.1.2", 5321}}, + ?cfg(s2s_address, #{}, #{}),% default + ?cfg(s2s_address, #{<<"host1">> => #{ip_address => "192.168.1.2", port => 5321}}, #{<<"s2s">> => #{<<"address">> => [Addr]}}), - ?cfg(s2s_address, #{<<"host1">> => "192.168.1.2"}, + ?cfg(s2s_address, #{<<"host1">> => #{ip_address => "192.168.1.2"}}, #{<<"s2s">> => #{<<"address">> => [maps:without([<<"port">>], Addr)]}}), ?err(#{<<"s2s">> => #{<<"address">> => [maps:without([<<"host">>], Addr)]}}), ?err(#{<<"s2s">> => #{<<"address">> => [maps:without([<<"ip_address">>], Addr)]}}), @@ -3218,8 +3224,6 @@ compare_nodes([{auth_method, _}], V1, V2) when is_atom(V1) -> ?eq([V1], V2); compare_nodes([{s2s_addr, _}], {_, _, _, _} = IP1, IP2) -> ?eq(inet:ntoa(IP1), IP2); -compare_nodes([s2s_dns_options], V1, V2) -> - compare_unordered_lists(V1, V2); compare_nodes([{modules, _}, mod_extdisco], V1, V2) -> compare_ordered_lists(V1, V2, fun compare_unordered_lists/2); compare_nodes([{modules, _}, _Module], V1, V2) -> diff --git a/test/config_parser_SUITE_data/s2s_only.toml b/test/config_parser_SUITE_data/s2s_only.toml index 5343e54ba1c..8631250a733 100644 --- a/test/config_parser_SUITE_data/s2s_only.toml +++ b/test/config_parser_SUITE_data/s2s_only.toml @@ -11,8 +11,8 @@ default_policy = "allow" ciphers = "TLSv1.2:TLSv1.3" outgoing.port = 5299 - outgoing.connection_timeout = 10000 - outgoing.ip_versions = [4, 6] + outgoing.connection_timeout = 4_000 + outgoing.ip_versions = [6, 4] dns.timeout = 30 dns.retries = 1 shared = "shared secret" diff --git a/test/config_parser_helper.erl b/test/config_parser_helper.erl index df09295f5c4..6a94c88256e 100644 --- a/test/config_parser_helper.erl +++ b/test/config_parser_helper.erl @@ -22,6 +22,9 @@ options("host_types") -> {registration_timeout, 600}, {routing_modules, mongoose_router:default_routing_modules()}, {sm_backend, {mnesia, []}}, + {s2s_address, #{}}, + {s2s_dns, default_s2s_dns()}, + {s2s_outgoing, default_s2s_outgoing()}, {{auth, <<"another host type">>}, auth_with_methods(#{})}, {{auth, <<"localhost">>}, auth_with_methods(#{rdbms => #{users_number_estimate => false}})}, @@ -79,6 +82,9 @@ options("miscellaneous") -> {periodic_report, 10800000}, report, {tracking_id, "UA-123456789"}]}]}, + {s2s_address, #{}}, + {s2s_dns, default_s2s_dns()}, + {s2s_outgoing, default_s2s_outgoing()}, {sm_backend, {mnesia, []}}, {{auth, <<"anonymous.localhost">>}, custom_auth()}, {{auth, <<"localhost">>}, custom_auth()}, @@ -101,6 +107,9 @@ options("modules") -> {rdbms_server_type, generic}, {registration_timeout, 600}, {routing_modules, mongoose_router:default_routing_modules()}, + {s2s_address, #{}}, + {s2s_dns, default_s2s_dns()}, + {s2s_outgoing, default_s2s_outgoing()}, {sm_backend, {mnesia, []}}, {{auth, <<"dummy_host">>}, default_auth()}, {{auth, <<"localhost">>}, default_auth()}, @@ -229,11 +238,13 @@ options("mongooseim-pgsql") -> {server_name_indication, disable}, {verify, verify_peer}]}]}}]}, {redis, <<"localhost">>, global_distrib, [{workers, 10}], []}]}, - {outgoing_s2s_port, 5299}, {rdbms_server_type, generic}, {registration_timeout, infinity}, {routing_modules, mongoose_router:default_routing_modules()}, + {s2s_address, #{<<"fed1">> => #{ip_address => "127.0.0.1"}}}, {s2s_certfile, "tools/ssl/mongooseim/server.pem"}, + {s2s_dns, default_s2s_dns()}, + {s2s_outgoing, (default_s2s_outgoing())#{port => 5299}}, {s2s_use_starttls, optional}, {services, [{service_admin_extra, @@ -265,7 +276,6 @@ options("mongooseim-pgsql") -> {{replaced_wait_timeout, <<"anonymous.localhost">>}, 2000}, {{replaced_wait_timeout, <<"localhost">>}, 2000}, {{replaced_wait_timeout, <<"localhost.bis">>}, 2000}, - {s2s_address, #{<<"fed1">> => "127.0.0.1"}}, {{s2s_default_policy, <<"anonymous.localhost">>}, allow}, {{s2s_default_policy, <<"localhost">>}, allow}, {{s2s_default_policy, <<"localhost.bis">>}, allow}, @@ -345,6 +355,9 @@ options("outgoing_pools") -> {rdbms_server_type, generic}, {registration_timeout, 600}, {routing_modules, mongoose_router:default_routing_modules()}, + {s2s_address, #{}}, + {s2s_dns, default_s2s_dns()}, + {s2s_outgoing, default_s2s_outgoing()}, {sm_backend, {mnesia, []}}, {{auth, <<"anonymous.localhost">>}, default_auth()}, {{auth, <<"localhost">>}, default_auth()}, @@ -365,15 +378,11 @@ options("s2s_only") -> {listen, []}, {loglevel, warning}, {mongooseimctl_access_commands, []}, - {outgoing_s2s_families, [ipv4, ipv6]}, - {outgoing_s2s_port, 5299}, - {outgoing_s2s_timeout, 10000}, {rdbms_server_type, generic}, {registration_timeout, 600}, {routing_modules, mongoose_router:default_routing_modules()}, {s2s_certfile, "tools/ssl/mongooseim/server.pem"}, {s2s_ciphers, "TLSv1.2:TLSv1.3"}, - {s2s_dns_options, [{retries, 1}, {timeout, 30}]}, {s2s_use_starttls, optional}, {sm_backend, {mnesia, []}}, {{auth, <<"dummy_host">>}, default_auth()}, @@ -382,8 +391,12 @@ options("s2s_only") -> {{modules, <<"localhost">>}, #{}}, {{replaced_wait_timeout, <<"dummy_host">>}, 2000}, {{replaced_wait_timeout, <<"localhost">>}, 2000}, - {s2s_address, #{<<"fed1">> => "127.0.0.1", - <<"fed2">> => {"127.0.0.1", 8765}}}, + {s2s_address, #{<<"fed1">> => #{ip_address => "127.0.0.1"}, + <<"fed2">> => #{ip_address => "127.0.0.1", port => 8765}}}, + {s2s_dns, #{retries => 1, timeout => 30}}, + {s2s_outgoing, #{connection_timeout => 4000, + ip_versions => [6, 4], + port => 5299}}, {{s2s_default_policy, <<"dummy_host">>}, allow}, {{s2s_default_policy, <<"localhost">>}, allow}, {{s2s_max_retry_delay, <<"dummy_host">>}, 30}, @@ -705,6 +718,15 @@ default_auth() -> sasl_external => [standard], sasl_mechanisms => cyrsasl:default_modules()}. +default_s2s_dns() -> + #{retries => 2, + timeout => 10}. + +default_s2s_outgoing() -> + #{connection_timeout => 10000, + ip_versions => [4, 6], + port => 5269}. + pgsql_access() -> #{c2s => [#{acl => blocked, value => deny}, #{acl => all, value => allow}], diff --git a/test/mongoose_config_SUITE.erl b/test/mongoose_config_SUITE.erl index 44adb8e5569..eb8f0b4d414 100644 --- a/test/mongoose_config_SUITE.erl +++ b/test/mongoose_config_SUITE.erl @@ -184,6 +184,9 @@ minimal_config_opts() -> {rdbms_server_type, generic}, {registration_timeout, 600}, {routing_modules, mongoose_router:default_routing_modules()}, + {s2s_address, #{}}, + {s2s_dns, config_parser_helper:default_s2s_dns()}, + {s2s_outgoing, config_parser_helper:default_s2s_outgoing()}, {sm_backend, {mnesia, []}}, {{auth, <<"localhost">>}, config_parser_helper:default_auth()}, {{modules, <<"localhost">>}, #{}},