head 1.10; access; symbols pkgsrc-2020Q4:1.9.0.24 pkgsrc-2020Q4-base:1.9 pkgsrc-2020Q3:1.9.0.22 pkgsrc-2020Q3-base:1.9 pkgsrc-2020Q2:1.9.0.20 pkgsrc-2020Q2-base:1.9 pkgsrc-2020Q1:1.9.0.16 pkgsrc-2020Q1-base:1.9 pkgsrc-2019Q4:1.9.0.18 pkgsrc-2019Q4-base:1.9 pkgsrc-2019Q3:1.9.0.14 pkgsrc-2019Q3-base:1.9 pkgsrc-2019Q2:1.9.0.12 pkgsrc-2019Q2-base:1.9 pkgsrc-2019Q1:1.9.0.10 pkgsrc-2019Q1-base:1.9 pkgsrc-2018Q4:1.9.0.8 pkgsrc-2018Q4-base:1.9 pkgsrc-2018Q3:1.9.0.6 pkgsrc-2018Q3-base:1.9 pkgsrc-2018Q2:1.9.0.4 pkgsrc-2018Q2-base:1.9 pkgsrc-2018Q1:1.9.0.2 pkgsrc-2018Q1-base:1.9 pkgsrc-2017Q4:1.8.0.20 pkgsrc-2017Q4-base:1.8 pkgsrc-2017Q3:1.8.0.18 pkgsrc-2017Q3-base:1.8 pkgsrc-2017Q2:1.8.0.14 pkgsrc-2017Q2-base:1.8 pkgsrc-2017Q1:1.8.0.12 pkgsrc-2017Q1-base:1.8 pkgsrc-2016Q4:1.8.0.10 pkgsrc-2016Q4-base:1.8 pkgsrc-2016Q3:1.8.0.8 pkgsrc-2016Q3-base:1.8 pkgsrc-2016Q2:1.8.0.6 pkgsrc-2016Q2-base:1.8 pkgsrc-2016Q1:1.8.0.4 pkgsrc-2016Q1-base:1.8 pkgsrc-2015Q4:1.8.0.2 pkgsrc-2015Q4-base:1.8 pkgsrc-2015Q3:1.7.0.16 pkgsrc-2015Q3-base:1.7 pkgsrc-2015Q2:1.7.0.14 pkgsrc-2015Q2-base:1.7 pkgsrc-2015Q1:1.7.0.12 pkgsrc-2015Q1-base:1.7 pkgsrc-2014Q4:1.7.0.10 pkgsrc-2014Q4-base:1.7 pkgsrc-2014Q3:1.7.0.8 pkgsrc-2014Q3-base:1.7 pkgsrc-2014Q2:1.7.0.6 pkgsrc-2014Q2-base:1.7 pkgsrc-2014Q1:1.7.0.4 pkgsrc-2014Q1-base:1.7 pkgsrc-2013Q4:1.7.0.2 pkgsrc-2013Q4-base:1.7 pkgsrc-2013Q3:1.6.0.20 pkgsrc-2013Q3-base:1.6 pkgsrc-2013Q2:1.6.0.18 pkgsrc-2013Q2-base:1.6 pkgsrc-2013Q1:1.6.0.16 pkgsrc-2013Q1-base:1.6 pkgsrc-2012Q4:1.6.0.14 pkgsrc-2012Q4-base:1.6 pkgsrc-2012Q3:1.6.0.12 pkgsrc-2012Q3-base:1.6 pkgsrc-2012Q2:1.6.0.10 pkgsrc-2012Q2-base:1.6 pkgsrc-2012Q1:1.6.0.8 pkgsrc-2012Q1-base:1.6 pkgsrc-2011Q4:1.6.0.6 pkgsrc-2011Q4-base:1.6 pkgsrc-2011Q3:1.6.0.4 pkgsrc-2011Q3-base:1.6 pkgsrc-2011Q2:1.6.0.2 pkgsrc-2011Q2-base:1.6 pkgsrc-2011Q1:1.5.0.10 pkgsrc-2011Q1-base:1.5 pkgsrc-2010Q4:1.5.0.8 pkgsrc-2010Q4-base:1.5 pkgsrc-2010Q3:1.5.0.6 pkgsrc-2010Q3-base:1.5 pkgsrc-2010Q2:1.5.0.4 pkgsrc-2010Q2-base:1.5 pkgsrc-2010Q1:1.5.0.2 pkgsrc-2010Q1-base:1.5 pkgsrc-2009Q4:1.4.0.2 pkgsrc-2009Q4-base:1.4 pkgsrc-2009Q3:1.3.0.6 pkgsrc-2009Q3-base:1.3 pkgsrc-2009Q2:1.3.0.4 pkgsrc-2009Q2-base:1.3 pkgsrc-2009Q1:1.3.0.2 pkgsrc-2009Q1-base:1.3 pkgsrc-2008Q4:1.2.0.2 pkgsrc-2008Q4-base:1.2 pkgsrc-2008Q3:1.1.1.1.0.10 pkgsrc-2008Q3-base:1.1.1.1 cube-native-xorg:1.1.1.1.0.8 cube-native-xorg-base:1.1.1.1 pkgsrc-2008Q2:1.1.1.1.0.6 pkgsrc-2008Q2-base:1.1.1.1 cwrapper:1.1.1.1.0.4 pkgsrc-2008Q1:1.1.1.1.0.2 pkgsrc-2008Q1-base:1.1.1.1 pkgsrc-base:1.1.1.1 TNF:1.1.1; locks; strict; comment @# @; 1.10 date 2021.01.16.20.24.33; author triaxx; state dead; branches; next 1.9; commitid l2iqIHTIXD7nvZDC; 1.9 date 2018.01.03.22.51.30; author fhajny; state Exp; branches; next 1.8; commitid prEAKXFtpxGRYtlA; 1.8 date 2015.11.05.12.23.50; author fhajny; state Exp; branches; next 1.7; commitid EccIBfcCNoZJTTHy; 1.7 date 2013.10.11.13.32.25; author fhajny; state Exp; branches; next 1.6; commitid LPqmqcxb1NwhxS8x; 1.6 date 2011.06.06.13.45.38; author fhajny; state Exp; branches; next 1.5; 1.5 date 2010.03.13.21.05.49; author fhajny; state Exp; branches; next 1.4; 1.4 date 2009.12.15.13.30.54; author fhajny; state Exp; branches 1.4.2.1; next 1.3; 1.3 date 2009.03.22.10.39.44; author martti; state Exp; branches; next 1.2; 1.2 date 2008.11.12.13.13.59; author martti; state Exp; branches 1.2.2.1; next 1.1; 1.1 date 2008.03.10.08.58.32; author martti; state Exp; branches 1.1.1.1; next ; 1.4.2.1 date 2010.03.15.10.21.58; author tron; state Exp; branches; next ; 1.2.2.1 date 2009.03.23.18.34.29; author tron; state Exp; branches; next ; 1.1.1.1 date 2008.03.10.08.58.32; author martti; state Exp; branches; next ; desc @@ 1.10 log @ejabberd: Update to 20.12 pkgsrc changes: --------------- * This update is mainly justified by the fact that OTS 23 breaks a lot of dependencies which are very old. upstream changes: ----------------- Version 20.12 Add support for SCRAM-SHA-{256,512}-{PLUS} authentication Don't use same value in cache for user don't exist and wrong password outgoing_s2s_ipv*_address: New options to set ipv4/ipv6 outbound s2s out interface s2s_send_packet: this hook now filters outgoing s2s stanzas start_room: new hook runs when a room process is started check_decoded_jwt: new hook to check decoded JWT after success authentication Admin Docker: Fix DB initialization New sql_odbc_driver option: choose the mssql ODBC driver Rebar3: Fully supported. Enable with ./configure --with-rebar=/path/to/rebar3 systemd: start ejabberd in foreground Modules: MAM: Make sure that jid used as base in mam xml_compress is bare MAM: Support for MAM Flipped Pages MUC: Always show MucSub subscribers nicks MUC: Don't forget not-persistent rooms in load_permanent_rooms MUC Admin: Better error reporting MUC Admin: Fix commands with hibernated rooms MUC Admin: Many improvements in rooms_unused_list/destroy MUC Admin: create_room_with_opts Store options only if room starts Pubsub: Remove 'dag' node plugin documentation Push: Fix API call return type on error Push: Support cache config changes on reload Register: Allow for account-removal-only setup again Roster: Make roster subscriptions work better with invalid roster state in db Vcard: Fix vCard search by User when using Mnesia WebAdmin: Allow vhost admins to view WebAdmin menus WebAdmin: Don't do double utf-8 conversion on translated strings WebAdmin: Mark dangerous buttons with CSS WebSocket: Make websocket send put back pressure on c2s process Version 20.07 Changes in this version Add support for using unix sockets in listeners. Make this version compatible with erlang R23 Make room permissions checks more strict for subscribers Fix problem with muc rooms crashing when using muc logger with some locales Limit stat calls that logger module issues Don't throw errors when using user_regexp acl rule and having non-matching host Fix problem with leaving old data when updating shared rosters Fix edge case that caused failure of resuming old sessions with stream management. Fix crash when room that was started with loging enabled was later changed to logging disabled Increase default shaper limits (this should help with delays for clients that are using jingle) Fix couple compatibility problems which prevented working on erlang R19 Fix sending presence unavailable when session terminates for clients that only send directed presences (helps with sometimes not leaving muc rooms on disconnect). Prevent supervisor errors for sockets that were closed before they were passed to handler modules Make stun module work better with ipv6 addresses Version 20.03 Changes in this version Add support of ssl connection when connection to mysql database (configured with sql_ssl: true option) Experimental support for cockroachdb when configured with postgres connector Add cache and optimize queries issued by mod_shared_roster, this should greatly improve performance of this module when used with sql backend Fix problem with accessing webadmin Make webadmin work even when url is missing trailing slash When compiling external modules with ext_mod, use flags that were detected during compilation of ejabberd Make config changed to ldap options be updated when issued reload_config command Fix room_empty_destory command Fix reporting errors in send_stanza command when xml passed to it couldn't be passed correctly Version 20.02 Changes in this version Fix problems when trying to use string format with unicode values directly in xmpp nodes Add missing oauth_client table declaration in lite.new.sql Improve compatibility with CocroachDB Fix importing of piefxis files that did use scram passwords Fix importing of piefxis files that had multiple includes in them Update jiffy dependency Allow storage of emojis when using mssql database (Thanks to Christoph Scholz) Make ejabberd_auth_http be able to use auth_opts Make custom_headers options in http modules correctly override built-in values Fix return value of reload_config and dump_config commands Version 20.01 New features Implement OAUTH authentication in mqtt Make logging infrastructure use new logger introduced in Erlang (requires OTP22) New configuration parser/validator Initial work on being able to use CockroachDB as database backend Add gc command Add option to disable using prepared statements on Postgresql Implement routine for converting password to SCRAM format for all backends not only SQL Add infrastructure for having module documentation directly in individual module source code Generate man page automaticaly Implement copy feature in mod_carboncopy Fixes Make webadmin work with configurable paths Fix handling of result in xmlrpc module Make webadmin work even when accessed through not declared domain Better error reporting in xmlrpc Limit ammount of results returned by disco queries to pubsub nodes Improve validation of configured JWT keys Fix race condition in Redis/SQL startup Fix loading order of third party modules Fix reloading of ACL rules Make account removal requests properly route response Improve handling of malformed inputs in send_message command Omit push notification if storing message in offline storage failed Fix crash in stream management when timeout was not set Version 19.09 Admin The minimum required Erlang/OTP version is now 19.3 Fix API call using OAuth (#2982) Rename MUC command arguments from Host to Service (#2976) Webadmin Don't treat 'Host' header as a virtual XMPP host (#2989) Fix some links to Guide in WebAdmin and add new ones (#3003) Use select fields to input host in WebAdmin Backup (#3000) Check account auth provided in WebAdmin is a local host (#3000) ACME Improve ACME implementation Fix IDA support in ACME requests Fix unicode formatting in ACME module Log an error message on IDNA failure Support IDN hostnames in ACME requests Don't attempt to create ACME directory on ejabberd startup Don't allow requesting certificates for localhost or IP-like domains Don't auto request certificate for localhost and IP-like domains Add listener for ACME challenge in example config Authentication JWT-only authentication for some users (#3012) MUC Apply default role after revoking admin affiliation (#3023) Custom exit message is not broadcast (#3004) Revert "Affiliations other than admin and owner cannot invite to members_only rooms" (#2987) When join new room with password, set pass and password_protected (#2668) Improve rooms_* commands to accept 'global' as MUC service argument (#2976) Rename MUC command arguments from Host to Service (#2976) SQL Fix transactions for Microsoft SQL Server (#2978) Spawn SQL connections on demand only Misc Add support for XEP-0328: JID Prep Added gsfonts for captcha Log Mnesia table type on creation Replicate Mnesia 'bosh' table when nodes are joined Fix certificate selection for s2s (#3015) Provide meaningful error when adding non-local users to shared roster (#3000) Websocket: don't treat 'Host' header as a virtual XMPP host (#2989) Fix sm ack related c2s error (#2984) Don't hide the reason why c2s connection has failed Unicode support Correctly handle unicode in log messages Fix unicode processing in ejabberd.yml Version 19.08 Administration Improve ejabberd halting procedure Process unexpected erlang messages uniformly: logging a warning mod_configure: Remove modules management Configuration Use new configuration validator ejabberd_http: Use correct virtual host when consulting trusted_proxies Fix Elixir modules detection in the configuration file Make option 'validate_stream' global Allow multiple definitions of host_config and append_host_config Introduce option 'captcha_url' mod_stream_mgmt: Allow flexible timeout format mod_mqtt: Allow flexible timeout format in session_expiry option Misc Fix SQL connections leakage New authentication method using JWT tokens extauth: Add 'certauth' command Improve SQL pool logic Add and improve type specs Improve extraction of translated strings Improve error handling/reporting when loading language translations Improve hooks validator and fix bugs related to hooks registration Gracefully close inbound s2s connections mod_mqtt: Fix usage of TLS mod_offline: Make count_offline_messages cache work when using mam for storage mod_privacy: Don't attempt to query 'undefined' active list mod_privacy: Fix race condition MUC Add code for hibernating inactive muc_room processes Improve handling of unexpected iq in mod_muc_room Attach mod_muc_room processes to a supervisor Restore room when receiving message or generic iq for not started room Distribute routing of MUC messages accross all CPU cores PubSub Fix pending nodes retrieval for SQL backend Check access_model when publishing PEP Remove deprecated pubsub plugins Expose access_model and publish_model in pubsub#metadata Version 19.05 Admin The minimum required Erlang/OTP version is now 19.1 Provide a suggestion when unknown command, module, option or request handler is detected Deprecate some listening options: captcha, register, web_admin, http_bind and xmlrpc Add commands to get Mnesia info: mnesia_info and mnesia_table_info Fix Register command to respect mod_register's Access option Fixes in Prosody import: privacy and rooms Remove TLS options from the example config Improve request_handlers validator Fix syntax in example Elixir config file Auth Correctly support cache tags in ejabberd_auth Don't process failed EXTERNAL authentication by mod_fail2ban Don't call to mod_register when it's not loaded Make anonymous auth don't {de}register user when there are other resources Developer Rename listening callback from start/2 to start/3 New hook called when room gets destroyed: room_destroyed New hooks for tracking mucsub subscriptions changes: muc_subscribed, muc_unsubscribed Make static hooks analyzer working again MUC Service admins are allowed to recreate room even if archiv is nonempty New option user_mucsub_from_muc_archive Avoid late arrival of get_disco_item response Handle get_subscribed_rooms call from mod_muc_room pid Fix room state cleanup from db on change of persistent option change Make get_subscribed_rooms work even for non-persistant rooms Allow non-moderator subscribers to get list of room subscribers Offline New option bounce_groupchat: make it not bounce mucsub/groupchat messages New option use_mam_for_storage: fetch data from mam instead of spool table When applying limit of max msgs in spool check only spool size Do not store mucsub wrapped messages with no-store hint in offline storage Always store ActivityMarker messages Don't issue count/message fetch queries for offline from mam when not needed Properly handle infinity as max number of message in mam offline storage Sort messages by stanza_id when using mam storage in mod_offline Return correct value from count_offline_messages with mam storage option Make mod_offline put msg ignored by mam in spool when mam storage is on SQL: Add SQL schemas for MQTT tables Report better errors on SQL terms decode failure Fix PostgreSQL compatibility in mod_offline_sql:remove_old_messages Fix handling of list arguments on pgsql Preliminary support for SQL in process_rosteritems command Tests Add tests for user mucsub mam from muc mam Add tests for offline with mam storage Add tests for offline use_mam_for_storage Initial Docker environment to run ejabberd test suite Test offline:use_mam_for_storage, mam:user_mucsub_from_muc_archive used together Websocket Add WebSockets support to mod_mqtt Return "Bad request" error when origin in websocket connection doesn't match Fix RFC6454 violation on websocket connection when validating Origin header Origin header validation on websocket connection Other modules mod_adhoc: Use xml:lang from stanza when it's missing in element mod_announce: Add 'sessionid' attribute when required mod_bosh: Don't put duplicate polling attribute in bosh payload mod_http_api: Improve argument error messages and log messages mod_http_upload: Feed whole image to eimp:identify/1 mod_http_upload: Log nicer warning on unknown host mod_http_upload: Case-insensitive host comparison mod_mqtt: Support other socket modules mod_push: Check for payload in encrypted messages Version 19.02 Admin Fix in configure.ac the Erlang/OTP version: from 17.5 to 19.0 reload_config command: Fix crash when sql_pool_size option is used reload_config command: Fix crash when SQL is not configured rooms_empty_destroy command: Several fixes to behave more conservative Fix serverhost->host parameter name for muc_(un)register_nick API Configuration Allow specifying tag for listener for api_permission purposes Change default ciphers to intermediate Define default ciphers/protocol_option in example config Don't crash on malformed 'modules' section mod_mam: New option clear_archive_on_room_destroy to prevent archive removal on room destroy mod_mam: New option access_preferences to restrict who can modify the MAM preferences mod_muc: New option access_mam to restrict who can modify that room option mod_offline: New option store_groupchat to allow storing group chat messages Core Add MQTT protocol support Fix (un)setting of priority Use OTP application startup infrastructure for starting dependencies Improve starting order of several dependencies MAM mod_mam_mnesia/sql: Improve check for empty archive disallow room creation if archive not empty and clear_archive_on_room_destroy is false allow check if archive is empty for or user or room Additional checks for database failures MUC Make sure that room_destroyed is called even when some code throws in terminate Update muc room state after adding extra access field to it MUC/Sub: Send mucsub subscriber notification events with from set to room jid Shared Roster Don't perform roster push for non-local contacts Handle versioning result when shared roster group has remote account Fix SQL queries Miscelanea CAPTCHA: Add no-store hint to CAPTCHA challenge stanzas HTTP: Reject http_api request with malformed Authentication header mod_carboncopy: Don't lose carbons on presence change or session resumption mod_mix: Fix submission-id and channel resource mod_ping: Fix ping IQ reply/timeout processing (17.x regression) mod_private: Hardcode item ID for PEP bookmarks mod_push: Improve notification error handling PIEFXIS: Fix user export when password is scrammed Prosody: Improve import of roster items, rooms and attributes Translations: fixed "make translations" WebAdmin: Fix support to restart module with new options Version 18.12 MAM data store compression Proxy protocol support (http://www.haproxy.org/download/1.8/doc/proxy-protocol.txt) MUC Self-Ping optimization (XEP-0410) Bookmarks conversion (XEP-0411) @ text @$NetBSD: patch-ad,v 1.9 2018/01/03 22:51:30 fhajny Exp $ Proper path to captcha script. --- ejabberd.yml.example.orig 2013-09-27 09:19:22.000000000 +0000 +++ ejabberd.yml.example @@@@ -490,7 +490,7 @@@@ language: "en" ## ## Full path to a script that generates the image. ## -## captcha_cmd: "/lib/ejabberd/priv/bin/captcha.sh" +## captcha_cmd: "@@PREFIX@@/lib/ejabberd/priv/bin/captcha.sh" ## ## Host for the URL and port where ejabberd listens for CAPTCHA requests. @ 1.9 log @Update chat/ejabberd to 17.12. pkgsrc - Change installation home for Erlang libs to prevent build conflicts with previous versions that may be present on the system, as encountered by @@gdt. Core - Rewrite ejabberd system monitor for efficiency - Fix incoming XMPP processing order - Use xmpp:try_subtag/2 wherever possible - Better process subtag decoding errors - Only allow compression after SASL as per XEP-0170 - Don't crash on unexpected XML events - Fix session mnesia table cleanup - Don't let privacy list prevent local roster update Encryption - Rely on Server Name Indication for incoming Direct-TLS connections - Speedup certificate chains creation and validation - Log warning on empty wildcard paths - Don't call pkix_is_self_signed/1 too frequently - Eat less memory during building certificates graph - Avoid infinite loop between self-signed certs - Fix function clause on filelib:wildcard/1 - Use ejabberd_pkix API in mod_sip - Move 'certfile' based options in a single place Groupchat - Don't crash on malformed IQ - Include x tag in presence errors related to nick change - Include 110 status on shutdown - Improve muc#roominfo and muc#roomconfig forms - mod_mam: Never store MUC messages in user archives PubSub - Fix num_subscribers on node metadata - Fix send last items on initial presence - Send last PEP items to owner on initial presence - Support pubsub#publish-options PRECONDITIONs - Add pubsub#multi-items to features list (Support XEP-0060 v1.14) - Add missing Nidx building records from sql result - Don't force RSM in get_items when max_items is not provided Admin - Introduce option 'ca_file' - Set executable permission on mac_listener when installing - Use /bin/sh as the explicit shell when using su in ejabberdctl. - Windows does not have /tmp, fallback to $HOME/conf for ODBC configuration files Logging - Change loglevel of TLS failures - Log a warning when a disk is almost full - Disable default alarm handler - Handle also process_memory_high_watermark alarm - Kill and restart lager when it's overloaded - Avoid excessive logging of SQL failures Commands - New muc_online_room_by_regex command - Fix race between join_cluster and ejabberd_mnesia - Fix commands rooms_unused_list and _destroy - send_direct_invitations accepts only user jids - ejabberd_sm: Fix get_session_sid/3 SQL - Add missing server_host column in pg.new.sql - Add new schema for MySQL and Sqlite - Fix SQL serialization Installer - MacOS installer is signed. You can now easily install ejabberd on your Mac. Build - Compile sql_pt early - Binary installer uses OTP 20.2 @ text @d1 1 a1 1 $NetBSD: patch-ad,v 1.8 2015/11/05 12:23:50 fhajny Exp $ @ 1.8 log @Update ejabberd to 15.10. Switch dependencies to use standalone packages for Erlang modules. Core - c2s: Let stop/1 close XEP-0198 sessions - c2s: Close socket when waiting for resume - s2s: Don't crash on certificates without extensions - xml: Optimizations in memory allocator - OAuth: Fix cyrsasl_oauth:mech_new call Modules - mod_http_upload: New HTTP File Upload module (XEP-0363) - mod_http_upload_quota: New module to support user quotas - mod_metrics: New simple metrics module for use with grapherl - mod_mam: Advertise XEP-0313 v0.4 support in room disco - mod_mam: Avoid MAM dups when routing to multiple resources Compilation - Make: Pass {C,CPP,LD}FLAGS used in main ./configure to deps - Use OTP directory structure for `make install` - mix.lock should be commited to ensure consistent builds - Code cosmetic cleanup Commands - Let modules_update_specs report failures - Fix problem with -auth - Fix unauthenticated calls to commands with policy=user - Improve access_commands option backward compatibility Configuration - ejabberdctl.cfg: New CONTRIB_MODULES_CONF_DIR - Be able to merge old style configs with {listen,...} - Fix support for macros - mod_ping: New option ping_ack_timeout @ text @d1 1 a1 1 $NetBSD: patch-ad,v 1.7 2013/10/11 13:32:25 fhajny Exp $ d4 1 d12 1 a12 1 +## captcha_cmd: "@@PREFIX@@/lib/erlang/lib/ejabberd/priv/bin/captcha.sh" @ 1.7 log @Update ejabberd to 13.10. Major changes since 2.1.13: * Huge improvements regarding performances * Optimized memory consumption * Clean code representation of xmlel records Release notes (yet?) unavailable, changelog points at bug tracker: https://support.process-one.net/secure/IssueNavigator.jspa?reset=true&jqlQuery=project+%3D+EJAB+AND+fixVersion+%3D+%22ejabberd+13.10%22 @ text @d1 1 a1 1 $NetBSD$ d11 1 a11 1 +## captcha_cmd: "@@PREFIX@@/lib/erlang/lib/@@DISTNAME@@/priv/bin/captcha.sh" @ 1.6 log @Updated chat/ejabberd to 2.1.7. Small list of changes: 2.1.7 * BOSH: Keep the order of stanzas when BOSH sends several * CAPTCHA in MUC: New whitelist option * CAPTCHA: New captcha_limit option * Core: Disable all entity expansions * Core: Do not accept XML with undefined prefixes * ejabberdctl: New DIST_USE_INTERFACE restricts IP erlang listen * ejabberdctl: New ERL_EPMD_ADDRESS that works since Erlang/OTP R14B03 * extauth: If script crashes, ejabberd should restart it * If a module start fails during server start, stop erlang * mod_blocking: New XEP-0191 Simple Communications Blocking * mod_pres_counter: Prevent subscription flood * mod_register: Access now also controls account unregistrations * mod_shared_roster: Fix support for anonymous accounts in @@all@@ * mod_shared_roster: New @@online@@ directive * New Indonesian translation * Pubsub: Apply filtered notification to PEP last items * Pubsub: Owner can delete any items from its own node 2.1.6 * BOSH: Fix rare loop, support vhosts, allow module restart * Config: Default configuration allows registrations only from localhost * Config: Support to change loglevel per module at runtime * Erlang/OTP: Fix compatibility from R10B-9 to R14B01 * ODBC: Compatibility with PostgreSQL 9.0 * Privacy lists: Fix to allow block by group and subscription again * Pubsub: Fix cross domain eventing * Register: Added CAPTCHA, password strength and ip_access to mod_register * Register: New mod_register_web, with CAPTCHA support * S2S: New options to require encryption, and verify certificates * Shared Rosters: Added mod_shared_roster_ldap * Bind listener ports early and start accepting connections later @ text @d3 9 a11 4 --- src/ejabberd.cfg.example.orig 2011-06-01 09:03:36.000000000 +0000 +++ src/ejabberd.cfg.example @@@@ -109,7 +109,6 @@@@ [ d13 2 a14 46 {5222, ejabberd_c2s, [ - %% %% If TLS is compiled in and you installed a SSL %% certificate, specify the full path to the @@@@ -125,12 +124,12 @@@@ %% %% To enable the old SSL connection method on port 5223: %% - %%{5223, ejabberd_c2s, [ - %% {access, c2s}, - %% {shaper, c2s_shaper}, - %% {certfile, "/path/to/ssl.pem"}, tls, - %% {max_stanza_size, 65536} - %% ]}, + {5223, ejabberd_c2s, [ + {access, c2s}, + {shaper, c2s_shaper}, + {certfile, "/path/to/ssl.pem"}, tls, + {max_stanza_size, 65536} + ]}, {5269, ejabberd_s2s_in, [ {shaper, s2s_shaper}, @@@@ -140,10 +139,10 @@@@ %% %% ejabberd_service: Interact with external components (transports, ...) %% - %%{8888, ejabberd_service, [ + %%{{8888, "127.0.0.1"}, + %% ejabberd_service, [ %% {access, all}, %% {shaper_rule, fast}, - %% {ip, {127, 0, 0, 1}}, %% {hosts, ["icq.example.org", "sms.example.org"], %% [{password, "secret"}] %% } @@@@ -472,7 +471,7 @@@@ %% %% Full path to a script that generates the image. %% -%%{captcha_cmd, "/lib/ejabberd/priv/bin/captcha.sh"}. +%%{captcha_cmd, "@@PREFIX@@/lib/erlang/lib/@@DISTNAME@@/priv/bin/captcha.sh"}. %% %% Host for the URL and port where ejabberd listens for CAPTCHA requests. @ 1.5 log @Updated chat/ejabberd to 2.1.3. Changes in ejabberd-2.1.3 Client connections * Avoid 'invalid' value in iq record * Avoid resending stream:error stanzas on terminate (EJAB-1180) * Close also legacy sessions that were half connected (EJAB-1165) * iq_query_info/1 now returns 'invalid' if XMLNS is invalid * New ejabberd_c2s option support: max_fsm_queue * Rewrite mnesia counter functions to use dirty_update_counter (EJAB-1177) * Run user_receive_packet also when sending offline messages (EJAB-1193) * Use p1_fsm behaviour in c2s FSM (EJAB-1173) Clustering * Fix cluster race condition in route read * New command to set master Mnesia node * Use mnesia:async_dirty when cleaning table from failed node Documentation * Add quotes in documentation of some erl arguments (EJAB-1191) * Add option access_from (EJAB-1187) * Add option max_fsm_queue (EJAB-1185) * Fix documentation installation, no need for executable permission (EJAB-1170) * Fix typo in EJABBERD_BIN_PATH (EJAB-891) * Fix typos in example config comments (EJAB-1192) ejabberdctl * Support concurrent connections with bound connection names * Add support for Jot in ctl and TTY in debug * Support help command names with old - characters * Fix to really use the variable ERL_PROCESSES Erlang compatibility * Don't call queue:filter/2 to keep compatibility with older Erlang versions * Use alternative of file:read_line/1 to not require R13B02 HTTP * Add new debugging hook to the http receiving process * Allow a request_handler to serve a file in root of HTTP HTTP-Bind (BOSH) * Cross-domain HTTP-Bind support (EJAB-1168) * Hibernate http-bind process after handling a request * Reduce verbosity of HTTP Binding log messages LDAP * Document ldap_dn_filter, fetch only needed attributes in search (EJAB-1204) * Use "%u" pattern as default for ldap_uids (EJAB-1203) Localization * Fix German translation (EJAB-1195) * Fix Russian translation ODBC * Fix MSSQL support, which was broken (EJAB-1201) * Improved SQL reconnect behaviour Pubsub, PEP and Caps * Add extended stanza addressing 'replyto' on PEP (EJAB-1198) * Add pubsub#purge_offline (EJAB-1186) * Fix pubsub#title option (EJAB-1190) * Fix remove_user for node subscriptions (EJAB-1172) * Optimizations in mod_caps Other * mod_register: Add new acl access_from, default is to deny * mod_sic: new module for the experimental XEP-0279 Server IP Check (EJAB-1205) * PIEFXIS: Catch errors when exporting to PIEFXIS file (EJAB-1178) * Proxy65: new option "hostname" (EJAB-838) * Roster: Fix resending authorization problem * Shared Roster Groups: get contacts nickname from vcard (EJAB-114) * S2S: Improved s2s connections clean up (EJAB-1202) Changes in ejabberd-2.1.2 Core * Close sessions that were half connected * Fix SASL PLAIN authentication message for RFC4616 compliance * Fix support for old Erlang/OTP R10 and R11 * Return proper error (not 'conflict') when register is forbidden by ACL * When ejabberd stops, send stream close to clients ejabberdctl * Check for EGID in ejabberdctl command * Command to stop ejabberd informing users, with grace period * If there's a problem in config file, display config lines and stop node MUC * Kick occupants with reason when room is stopped due to MUC shutdown * Write in room log when a room is created, destroyed, started, stopped PubSub and PEP * Don't call gen_server on internal event (improves performance and scalability) * Fix duplicate SHIM header in Pubsub message * Notification messages of Pubsub node config change contained a SHIM header * SubID SHIM header missing in Pubsub message with multiple subscriptions on the same node * PEP: last published item not sent from unavailable users when the subscription is implicit (XEP-0115) * pep_mapping not working due to Node type mismatch WebAdmin * If big offline message queue, show only subset on WebAdmin * Support in user list page of WebAdmin when mod_offline is disabled @ text @d3 1 a3 1 --- src/ejabberd.cfg.example.orig 2010-03-12 10:40:41.000000000 +0000 d45 1 a45 1 @@@@ -471,7 +470,7 @@@@ d53 1 a53 1 %% Host part of the URL sent to the user. @ 1.4 log @Update ejabberd to 2.1.0. Very brief list of additions: * Erlang/OTP R13 support * HTTP-Bind (BOSH) optimization and clean-up * LDAPS support * MUC rooms can require a CAPTCHA to join the room * PubSub: major improvements. Update to XEP version 1.12 * PEP and Caps: many improvements * Run commands with ejabberdctl or other frontends (XML-RPC, HTTP) * STUN server * XEPs like: XMPP Ping, Roster Versioning, Import/Export Format See full release note: http://www.process-one.net/en/ejabberd/release_notes/release_note_ejabberd_2.1.0 @ text @d1 1 a1 1 $NetBSD: patch-ad,v 1.3 2009/03/22 10:39:44 martti Exp $ d3 1 a3 1 --- src/ejabberd.cfg.example.orig 2009-11-06 19:53:19.000000000 +0000 d11 2 a12 2 %% If TLS is compiled and you installed a SSL %% certificate, put the correct path to the d15 1 a15 1 %% To enable the old SSL connection method in port 5223: d34 1 a34 1 %% ejabberd_service: Interact with external components (transports...) d45 1 a45 1 @@@@ -465,7 +464,7 @@@@ @ 1.4.2.1 log @Pullup ticket #3054 - requested by martti ejabberd: security update Revisions pulled up: - chat/ejabberd/Makefile 1.17-1.19 - chat/ejabberd/PLIST 1.11 - chat/ejabberd/distinfo 1.11-1.12 - chat/ejabberd/patches/patch-aa 1.6-1.7 - chat/ejabberd/patches/patch-ad 1.5 - chat/ejabberd/patches/patch-ae 1.5 --- Module Name: pkgsrc Committed By: dmcmahill Date: Mon Mar 8 17:30:23 UTC 2010 Modified Files: pkgsrc/chat/ejabberd: Makefile pkgsrc/chat/ejabberd/patches: patch-aa Log Message: use BSD_INSTALL_SCRIPT instead of BSD_INSTALL_DATA for a shell script --- Module Name: pkgsrc Committed By: spz Date: Thu Mar 11 06:33:04 UTC 2010 Modified Files: pkgsrc/chat/ejabberd: distinfo Log Message: updated patch -> distinfo needs an update too --- odule Name: pkgsrc Committed By: fhajny Date: Sat Mar 13 21:05:49 UTC 2010 Modified Files: pkgsrc/chat/ejabberd: Makefile PLIST distinfo pkgsrc/chat/ejabberd/patches: patch-aa patch-ad patch-ae Log Message: Updated chat/ejabberd to 2.1.3. Changes in ejabberd-2.1.3 Client connections * Avoid 'invalid' value in iq record * Avoid resending stream:error stanzas on terminate (EJAB-1180) * Close also legacy sessions that were half connected (EJAB-1165) * iq_query_info/1 now returns 'invalid' if XMLNS is invalid * New ejabberd_c2s option support: max_fsm_queue * Rewrite mnesia counter functions to use dirty_update_counter (EJAB-1177) * Run user_receive_packet also when sending offline messages (EJAB-1193) * Use p1_fsm behaviour in c2s FSM (EJAB-1173) Clustering * Fix cluster race condition in route read * New command to set master Mnesia node * Use mnesia:async_dirty when cleaning table from failed node Documentation * Add quotes in documentation of some erl arguments (EJAB-1191) * Add option access_from (EJAB-1187) * Add option max_fsm_queue (EJAB-1185) * Fix documentation installation, no need for executable permission (EJAB-1170) * Fix typo in EJABBERD_BIN_PATH (EJAB-891) * Fix typos in example config comments (EJAB-1192) ejabberdctl * Support concurrent connections with bound connection names * Add support for Jot in ctl and TTY in debug * Support help command names with old - characters * Fix to really use the variable ERL_PROCESSES Erlang compatibility * Don't call queue:filter/2 to keep compatibility with older Erlang versions * Use alternative of file:read_line/1 to not require R13B02 HTTP * Add new debugging hook to the http receiving process * Allow a request_handler to serve a file in root of HTTP HTTP-Bind (BOSH) * Cross-domain HTTP-Bind support (EJAB-1168) * Hibernate http-bind process after handling a request * Reduce verbosity of HTTP Binding log messages LDAP * Document ldap_dn_filter, fetch only needed attributes in search (EJAB-1204) * Use "%u" pattern as default for ldap_uids (EJAB-1203) Localization * Fix German translation (EJAB-1195) * Fix Russian translation ODBC * Fix MSSQL support, which was broken (EJAB-1201) * Improved SQL reconnect behaviour Pubsub, PEP and Caps * Add extended stanza addressing 'replyto' on PEP (EJAB-1198) * Add pubsub#purge_offline (EJAB-1186) * Fix pubsub#title option (EJAB-1190) * Fix remove_user for node subscriptions (EJAB-1172) * Optimizations in mod_caps Other * mod_register: Add new acl access_from, default is to deny * mod_sic: new module for the experimental XEP-0279 Server IP Check (EJAB-1205) * PIEFXIS: Catch errors when exporting to PIEFXIS file (EJAB-1178) * Proxy65: new option "hostname" (EJAB-838) * Roster: Fix resending authorization problem * Shared Roster Groups: get contacts nickname from vcard (EJAB-114) * S2S: Improved s2s connections clean up (EJAB-1202) Changes in ejabberd-2.1.2 Core * Close sessions that were half connected * Fix SASL PLAIN authentication message for RFC4616 compliance * Fix support for old Erlang/OTP R10 and R11 * Return proper error (not 'conflict') when register is forbidden by ACL * When ejabberd stops, send stream close to clients ejabberdctl * Check for EGID in ejabberdctl command * Command to stop ejabberd informing users, with grace period * If there's a problem in config file, display config lines and stop node MUC * Kick occupants with reason when room is stopped due to MUC shutdown * Write in room log when a room is created, destroyed, started, stopped PubSub and PEP * Don't call gen_server on internal event (improves performance and scalability) * Fix duplicate SHIM header in Pubsub message * Notification messages of Pubsub node config change contained a SHIM header * SubID SHIM header missing in Pubsub message with multiple subscriptions on the same node * PEP: last published item not sent from unavailable users when the subscription is implicit (XEP-0115) * pep_mapping not working due to Node type mismatch WebAdmin * If big offline message queue, show only subset on WebAdmin * Support in user list page of WebAdmin when mod_offline is disabled --- Module Name: pkgsrc Committed By: martti Date: Mon Mar 15 06:27:55 UTC 2010 Modified Files: pkgsrc/chat/ejabberd: Makefile Log Message: Reset MAINTAINER. @ text @d1 1 a1 1 $NetBSD$ d3 1 a3 1 --- src/ejabberd.cfg.example.orig 2010-03-12 10:40:41.000000000 +0000 d11 2 a12 2 %% If TLS is compiled in and you installed a SSL %% certificate, specify the full path to the d15 1 a15 1 %% To enable the old SSL connection method on port 5223: d34 1 a34 1 %% ejabberd_service: Interact with external components (transports, ...) d45 1 a45 1 @@@@ -471,7 +470,7 @@@@ @ 1.3 log @Updated chat/ejabberd to 2.0.4 This version is a maintenance release containing 20 bugfixes and improvements. http://secunia.com/advisories/34340/ @ text @d1 1 a1 1 $NetBSD: patch-ad,v 1.2 2008/11/12 13:13:59 martti Exp $ d3 3 a5 5 Modified to use IPv6/v4 patch (https://support.process-one.net/browse/EJAB-389) --- src/ejabberd.cfg.example.orig 2009-03-12 08:41:02.000000000 +0000 +++ src/ejabberd.cfg.example 2009-03-22 10:27:16.000000000 +0000 @@@@ -108,10 +108,9 @@@@ d12 2 a13 6 - %% certificate, put the correct path to the + %% certificate, put the correct path to the %% file and uncomment this line: %% %%{certfile, "/path/to/ssl.pem"}, starttls, @@@@ -124,12 +123,12 @@@@ d32 1 a32 1 @@@@ -139,14 +138,14 @@@@ a36 7 - %% {access, all}, - %% {shaper_rule, fast}, - %% {ip, {127, 0, 0, 1}}, - %% {hosts, ["icq.example.org", "sms.example.org"], - %% [{password, "secret"}] - %% } - %% ]}, d39 7 a45 22 + %% {access, all}, + %% {shaper_rule, fast}, + %% {hosts, ["icq.example.org", "sms.example.org"], + %% [{password, "secret"}] + %% } + %% ]}, {5280, ejabberd_http, [ http_poll, @@@@ -225,17 +224,26 @@@@ %% List of LDAP servers: %%{ldap_servers, ["localhost"]}. %% -%% LDAP attribute that holds user ID: -%%{ldap_uids, [{"mail", "%u@@mail.example.org"}]}. +%% Encryption of connection to LDAP servers: +%%{ldap_encrypt, tls}. %% -%% Search base of LDAP directory: -%%{ldap_base, "dc=example,dc=com"}. +%% Port connect to LDAP server: +%%{ldap_port, 636}. d47 1 a47 3 %% LDAP manager: -%%{ldap_rootdn, "dc=example,dc=com"}. +%%{ldap_rootdn, "dc=example,dc=com"}. d49 2 a50 12 %% Password to LDAP manager: -%%{ldap_password, "******"}. +%%{ldap_password, "******"}. +%% +%% Search base of LDAP directory: +%%{ldap_base, "dc=example,dc=com"}. +%% +%% LDAP attribute that holds user ID: +%%{ldap_uids, [{"mail", "%u@@mail.example.org"}]}. +%% +%% LDAP filter: +%%{ldap_filter, "(objectClass=shadowAccount)"}. d53 1 a53 1 %% Anonymous login support: @ 1.2 log @Updated chat/ejabberd to 2.0.2 (patch received from Fabrice Colliot) * Bug fixes * Patch #389 (https://support.process-one.net/browse/EJAB-389) applied instead of the old pkgsrc patch. You MUST modify your ejabberd.cfg! @ text @d1 1 a1 1 $NetBSD$ d5 3 a7 3 --- src/ejabberd.cfg.example.orig 2008-11-12 15:15:04.000000000 +0200 +++ src/ejabberd.cfg.example @@@@ -107,10 +107,9 @@@@ d19 1 a19 1 @@@@ -123,12 +122,12 @@@@ d38 1 a38 1 @@@@ -138,14 +137,14 @@@@ d61 1 a61 1 @@@@ -224,17 +223,26 @@@@ @ 1.2.2.1 log @Pullup ticket #2724 - requested by martti ejabberd: security update Revisions pulled up: chat/ejabberd/Makefile 1.8-1.9 chat/ejabberd/PLIST 1.5 chat/ejabberd/distinfo 1.6-1.7 chat/ejabberd/patches/patch-aa 1.4 chat/ejabberd/patches/patch-ac 1.4 chat/ejabberd/patches/patch-ad 1.3 chat/ejabberd/patches/patch-ah 1.2 chat/ejabberd/patches/patch-ai 1.2 --- Module Name: pkgsrc Committed By: joerg Date: Mon Feb 9 23:05:02 UTC 2009 Modified Files: pkgsrc/chat/ejabberd: Makefile distinfo pkgsrc/chat/ejabberd/patches: patch-aa Log Message: Don't create /var/spool/... at install time, the scripts will take care of it. Mark as user-destdir after that. --- Module Name: pkgsrc Committed By: martti Date: Sun Mar 22 10:39:44 UTC 2009 Modified Files: pkgsrc/chat/ejabberd: Makefile PLIST distinfo pkgsrc/chat/ejabberd/patches: patch-ac patch-ad patch-ah patch-ai Log Message: Updated chat/ejabberd to 2.0.4 This version is a maintenance release containing 20 bugfixes and improvements. http://secunia.com/advisories/34340/ @ text @d5 3 a7 3 --- src/ejabberd.cfg.example.orig 2009-03-12 08:41:02.000000000 +0000 +++ src/ejabberd.cfg.example 2009-03-22 10:27:16.000000000 +0000 @@@@ -108,10 +108,9 @@@@ d19 1 a19 1 @@@@ -124,12 +123,12 @@@@ d38 1 a38 1 @@@@ -139,14 +138,14 @@@@ d61 1 a61 1 @@@@ -225,17 +224,26 @@@@ @ 1.1 log @Initial revision @ text @d3 1 a3 2 Patch from Fabrice Colliot: support for multiple listeners on same port number (eg IPv4 and IPv6 simultaneously). d5 86 a90 134 --- src/ejabberd_listener.erl.orig 2008-01-16 12:33:27.000000000 +0200 +++ src/ejabberd_listener.erl 2008-02-14 15:25:12.000000000 +0200 @@@@ -27,12 +27,12 @@@@ -module(ejabberd_listener). -author('alexey@@process-one.net'). --export([start_link/0, init/1, start/3, - init/3, - init_ssl/4, - start_listener/3, +-export([start_link/0, init/1, start/4, + init/4, + init_ssl/5, + start_listener/4, stop_listener/1, - add_listener/3, + add_listener/4, delete_listener/1 ]). @@@@ -49,9 +49,9 @@@@ Ls -> {ok, {{one_for_one, 10, 1}, lists:map( - fun({Port, Module, Opts}) -> - {Port, - {?MODULE, start, [Port, Module, Opts]}, + fun({ListenerID, Port, Module, Opts}) -> + {ListenerID, + {?MODULE, start, [ListenerID, Port, Module, Opts]}, transient, brutal_kill, worker, @@@@ -60,7 +60,7 @@@@ end. -start(Port, Module, Opts) -> +start(ListenerID, Port, Module, Opts) -> SSLError = "There is a problem with your ejabberd configuration file: the option 'ssl' for listening sockets is no longer available. To get SSL encryption use the option 'tls'.", case lists:keysearch(ssl, 1, Opts) of {value, {ssl, _SSLOpts}} -> @@@@ -77,11 +77,11 @@@@ {error, SSLError}; false -> {ok, proc_lib:spawn_link(?MODULE, init, - [Port, Module, Opts])} + [ListenerID, Port, Module, Opts])} end end. -init(Port, Module, Opts) -> +init(ListenerID, Port, Module, Opts) -> SockOpts = lists:filter(fun({ip, _}) -> true; (inet6) -> true; (inet) -> true; @@@@ -100,7 +100,7 @@@@ accept(ListenSocket, Module, Opts); {error, Reason} -> ?ERROR_MSG("Failed to open socket for ~p: ~p", - [{Port, Module, Opts}, Reason]), + [{ListenerID, Port, Module, Opts}, Reason]), error end. @@@@ -128,7 +128,7 @@@@ end. -init_ssl(Port, Module, Opts, SSLOpts) -> +init_ssl(ListenerID, Port, Module, Opts, SSLOpts) -> SockOpts = lists:filter(fun({ip, _}) -> true; (inet6) -> true; (inet) -> true; @@@@ -151,7 +151,7 @@@@ accept_ssl(ListenSocket, Module, Opts); {error, Reason} -> ?ERROR_MSG("Failed to open socket for ~p: ~p", - [{Port, Module, Opts}, Reason]), + [{ListenerID, Port, Module, Opts}, Reason]), error end. @@@@ -178,8 +178,8 @@@@ end. -start_listener(Port, Module, Opts) -> - ChildSpec = {Port, +start_listener(ListenerID, Port, Module, Opts) -> + ChildSpec = {ListenerID, {?MODULE, start, [Port, Module, Opts]}, transient, brutal_kill, @@@@ -187,30 +187,30 @@@@ [?MODULE]}, supervisor:start_child(ejabberd_listeners, ChildSpec). -stop_listener(Port) -> - supervisor:terminate_child(ejabberd_listeners, Port), - supervisor:delete_child(ejabberd_listeners, Port). +stop_listener(ListenerID) -> + supervisor:terminate_child(ejabberd_listeners, ListenerID), + supervisor:delete_child(ejabberd_listeners, ListenerID). -add_listener(Port, Module, Opts) -> +add_listener(ListenerID, Port, Module, Opts) -> Ports = case ejabberd_config:get_local_option(listen) of undefined -> []; Ls -> Ls end, - Ports1 = lists:keydelete(Port, 1, Ports), - Ports2 = [{Port, Module, Opts} | Ports1], + Ports1 = lists:keydelete(ListenerID, 1, Ports), + Ports2 = [{ListenerID, Port, Module, Opts} | Ports1], ejabberd_config:add_local_option(listen, Ports2), - start_listener(Port, Module, Opts). + start_listener(ListenerID, Port, Module, Opts). -delete_listener(Port) -> +delete_listener(ListenerID) -> Ports = case ejabberd_config:get_local_option(listen) of undefined -> []; Ls -> Ls end, - Ports1 = lists:keydelete(Port, 1, Ports), + Ports1 = lists:keydelete(ListenerID, 1, Ports), ejabberd_config:add_local_option(listen, Ports1), - stop_listener(Port). + stop_listener(ListenerID). d92 2 @ 1.1.1.1 log @ejabberd is a Free and Open Source distributed fault-tolerant Jabber server. It is writen mostly in Erlang. @ text @@