Feed aggregator

ok, i killed the tls: true not really 2016-04-18 07:32:33.961 [info] <0.7.0> Application ejabberd started on node ejabberd< at >xmpp 2016-04-18 07:32:57.474 [info] <0.465.0>< at >ejabberd_listener:accept:299 (#Port<0.9382>) Accepted connection ::FFFF:178.39.154.249:17819 -> ::FFFF:147.28.0.6:5222 2016-04-18 07:33:11.279 [info] <0.465.0>< at >ejabberd_listener:accept:299 (#Port<0.9413>) Accepted connection ::FFFF:210.138.216.50:51529 -> ::FFFF:147.28.0.6:5222 2016-04-18 07:33:31.843 [info] <0.465.0>< at >ejabberd_listener:accept:299 (#Port<0.9415>) Accepted connection ::FFFF:210.138.216.50:51537 -> ::FFFF:147.28.0.6:5222 2016-04-18 07:33:36.555 [info] <0.466.0>< at >ejabberd_listener:accept:299 (#Port<0.9417>) Accepted connection ::FFFF:188.174.72.43:43181 -> ::FFFF:147.28.0.6:5269 2016-04-18 07:33:37.363 [info] <0.465.0>< at >ejabberd_listener:accept:299 (#Port<0.9421>) Accepted connection ::FFFF:210.138.216.50:51538 -> ::FFFF:147.28.0.6:5222 2016-04-18 07:33:37.629 [info] <0.478.0>< at >ejabberd_s2s_in:wait_for_feature_request:383 Accepted s2s EXTERNAL authentication for eggert.org (TLS=true) 2016-04-18 07:33:42.863 [info] <0.465.0>< at >ejabberd_listener:accept:299 (#Port<0.9528>) Accepted connection ::FFFF:210.138.216.50:51540 -> ::FFFF:147.28.0.6:5222 2016-04-18 07:33:43.843 [info] <0.466.0>< at >ejabberd_listener:accept:299 (#Port<0.9530>) Accepted connection ::FFFF:212.110.167.158:35522 -> ::FFFF:147.28.0.6:5269 2016-04-18 07:33:44.678 [info] <0.485.0>< at >ejabberd_s2s_in:wait_for_feature_request:383 Accepted s2s EXTERNAL authentication for jabber.isoc.org (TLS=true) 210.138.216.50 is my adium client failing and reporting Error: You require encryption, but it is not available on this server. and occasionally "host unknown" for some strange reason randy

* Randy Bush <randy< at >psg.com> [2016-04-18 12:57]: Yes, "tls: true" enables TLS-on-connect (as opposed to STARTTLS), so you don't want this here. Holger

* Randy Bush <randy< at >psg.com> [2016-04-18 12:06]: This is an HTTP connection on port 5280. Do you have any entries for port 5222? Do you have any [error] messages in the log? Holger

if i add tls: true ejabberd logs the following 2016-04-18 03:54:56.549 [error] <0.485.0>< at >ejabberd_receiver:handle_info:248 TLS error = SSL_do_handshake failed: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol i feel as if i am starting to throw <bleep> at the wall to see what will stick. time to stop, wait a bit for someone to hit me with a clue bat, and revert to old backup if not. randy

so i took the leap. and i converted to yaml, attached. but, adium tells me Error: you require encryption but it is not available on this server psi says Server does not support TLS encryption and the log gives no clue 2016-04-18 02:44:44.286 [info] <0.470.0>< at >ejabberd_listener:accept:299 (#Port<0.9573>) Accepted connection ::FFFF:210.138.216.50:60497 -> ::FFFF:147.28.0.6:5280 2016-04-18 02:44:44.286 [info] <0.538.0>< at >ejabberd_http:init:157 started: {gen_tcp,#Port<0.9573>} # egrep -v '(\#|^$)' /etc/ejabberd/ejabberd.yml loglevel: 4 log_rotate_size: 10485760 log_rotate_date: "" log_rotate_count: 1 log_rate_limit: 100 hosts: - "localhost" listen: - port: 5222 ip: "::" module: ejabberd_c2s certfile: "/etc/ejabberd/ejabberd.pem" starttls_required: true starttls: true ciphers: "HIGH:!3DES:!aNULL:!SSLv2:< at >STRENGTH" protocol_options: - "no_sslv2" - "no_sslv3" max_stanza_size: 65536 shaper: c2s_shaper access: c2s resend_on_timeout: if_offline - port: 5269 ip: "::" module: ejabberd_s2s_in - port: 5280 ip: "::" module: ejabberd_http request_handlers: "/websocket": ejabberd_http_ws web_admin: true http_bind: true captcha: true disable_sasl_mechanisms: "digest-md5" s2s_use_starttls: required s2s_certfile: "/etc/ejabberd/ejabberd.pem" s2s_protocol_options: - "no_sslv3" auth_method: internal auth_password_format: scram shaper: normal: 1000 fast: 50000 max_fsm_queue: 1000 acl: admin: user: - "": "localhost" local: user_regexp: "" loopback: ip: - "127.0.0.0/8" access: max_user_sessions: all: 10 max_user_offline_messages: admin: 5000 all: 100 local: local: allow c2s: blocked: deny all: allow c2s_shaper: admin: none all: normal s2s_shaper: all: fast announce: admin: allow configure: admin: allow muc_admin: admin: allow muc_create: local: allow muc: all: allow pubsub_createnode: local: allow register: all: allow trusted_network: loopback: allow language: "en" modules: mod_adhoc: {} mod_admin_extra: {} access: announce mod_caps: {} mod_carboncopy: {} mod_client_state: drop_chat_states: true queue_presence: true mod_disco: server_info: modules: all name: "abuse-addresses" urls: ["mailto:abuse< at >localhost"] mod_echo: {} mod_irc: default_encoding: "utf-8" mod_http_bind: max_inactivity: 60 mod_last: {} mod_muc: access: muc access_create: muc_create access_persistent: muc_create access_admin: muc_admin mod_muc_admin: {} mod_multicast: {} mod_offline: access_max_user_messages: max_user_offline_messages mod_ping: {} mod_pres_counter: count: 5 interval: 60 mod_privacy: {} mod_private: {} mod_pubsub: access_createnode: pubsub_createnode ignore_pep_from_offline: true last_item_cache: false plugins: - "flat" - "hometree" mod_register: captcha_protected: true welcome_message: subject: "Welcome!" body: |- Hi. Welcome to this XMPP server. ip_access: trusted_network access: register mod_roster: {} mod_shared_roster: {} mod_sic: {} mod_stats: {} mod_time: {} mod_vcard: {} mod_version: {} allow_contrib_modules: true

and, after backing up, i just apt-get update apt-get upgrade and it will magically work? it will pick up current accounts etc? and then i can convert my erlang conf to yaml? randy

* Randy Bush <randy< at >psg.com> [2016-04-17 13:02]: You can set {s2s_use_starttls, required}. The other things you mentioned don't work with ejabberd 2.x. Current unofficial ejabberd packages for Ubuntu 14.04 are available here: https://www.jabber.at/en/apt-repository Holger

i am lazy/conservative and prefer to run default/vanilla versions. and ubuntu 14.04 comes whith a rather old ejabberd package :( i wanna do the equivalent of s2s_use_starttls: required s2s_ciphers: "HIGH:!3DES:!aNULL:!SSLv2:< at >STRENGTH" s2s_protocol_options: - "no_sslv2" - "no_sslv3" and module: ejabberd_c2s ciphers: "HIGH:!3DES:!aNULL:!SSLv2:< at >STRENGTH" protocol_options: - "no_sslv2" - "no_sslv3" except i am stuck in erlang # ejabberdctl convert_to_yaml ejabberd.cfg ejabberd.yml Error: command "convert_to_yaml" not known. clue bat appreciated randy

Hello. I developed a little project (a PoC) to "integrate" Asterisk IVRs with "other softwares", allowing that data already entered in IVR can be used in other stages of a customer service, for example. The main goal is to provide more efficiency and interoperability between different solutions in a heterogeneous enterprise scenario. Despite the fact that I started this project to integrate Asterisk IVRs with customer service softwares, this is a multipurpose project that can be used with any kind of software that you want. The project uses the Asterisk's ARI API and XMPP (PubSub) to deliver the information. You can find more informations (including source code for download) in my blog at https://www.mundoopensource.com.br/delivering-asterisk-ivr-data-to-softwares-using-xmpp/. Any doubts or suggestions are welcomed. Regards, Marcelo H. Terres <mhterres< at >gmail.com> IM: mhterres< at >jabber.mundoopensource.com.br https://www.mundoopensource.com.br https://twitter.com/mhterres https://linkedin.com/in/marceloterres

Hi Edward, On Sun, Apr 3, 2016 at 9:16 PM, Edward Hibbert <edward< at >ehibbert.org.uk> wrote: developer some someone more knowledable about ejabberd should comment really. indeed the maxlength of a TEXT type in MySQL appers to be 64K. maybe the mysql schema was based on postgres where TEXT is unlimited. https://github.com/processone/ejabberd/blob/master/sql/mysql.sql#L287 I am not an expert in ejabberd but having looked at the MUC internals a little I would say that the reason for this is that the MySQL schema mirros the schema from the default internal format in ejabberd (which uses the mnesia database) where it would be pretty efficient to store a list of affiliations in the "opts" field. mnesia can store native erlang datastructures whereas to map that to a relationsal schema (one to one) necessitates serializing to (something like) JSON. for one MUC room. if this is a concern for you I would suggest that the default relationaal schema is not necessarily set in stone and if you wanted to make a muc_room_affiliations table (say) then that shouldn' tbe too hard to do. it would (in the first instance) mean forking the default muc I think this is the place at the opts are currentl serialized to ODBC: https://github.com/processone/ejabberd/blob/master/src/mod_muc.erl#L141 _______________________________________________ ejabberd mailing list ejabberd< at >jabber.ru http://lists.jabber.ru/mailman/listinfo/ejabberd

Hi, I'm trying to configure an external component (jitsi videobridge) and specifically to replicate a working confliguration from prosody, namely: Component "jitsi-videobridge.myhost.com" component_secret = "ABCDEF" Component "focus.myhost.com" component_secret = "QWERTY" based on the example here: https://github.com/processone/ejabberd/blob/master/ejabberd.yml.example#L142 I came up with: port: 5347 module: ejabberd_service access: all hosts: "jitsi-videobridge.myhost.com": password: "ABCDEF" "focus.myhost.com": password: "QWERTY" I had multiple problems with this config: * I couldn't auth the second component name (focus.myhost.com) with the associated password no matter what I tried (even using a standalone utility to check the auth only). I ended up having to use the same password for both to get auth to work. Having looked at the code for ejabberd_service.erl https://github.com/processone/ejabberd/blob/master/src/ejabberd_service.erl#L51 it looks like the state record has a list of hosts mapped to one password. so I'm not sure how that implementation fits with the example config I referenced ( https://github.com/processone/ejabberd/blob/master/ejabberd.yml.example#L142 ). i.e. there doesn't seem to be a "password per host" concept there. it just seems there is a "multi hosts to single pasword". am I (as I expect) just missing something obvious here? * with the config as above (but both hosts having the same password) I then had problems with the clients of the 2 distinct components (both with distinct TCP connections to port 5347) seeming to get "crossed wires" in their responses i.e. ping response from one stream seeming to go to the other stream. this reinforces my sense that I've just misunderstood / messed-up the config somehow. what I ended up doing to get it functional was to put the 2 hosts on distinct ports, i.e. port: 5347 module: ejabberd_service access: all hosts: "jitsi-videobridge.myhost.com": password: "ABCDEF" port: 5348 module: ejabberd_service access: all hosts: "focus.myhost.com": password: "QWERTY" while I don't see any particular downsides to this approach (but if you do then please enlighten me) is there a way I can do it as per the docs? Any clariifcation / help would be much appreciated. Thanks. _______________________________________________ ejabberd mailing list ejabberd< at >jabber.ru http://lists.jabber.ru/mailman/listinfo/ejabberd

Hey, We recently upgraded to 15.11 from 14.07. Our pubsub client implements XEP-0059 which worked just fine before the upgrade, but not afterwards. Is there something we are missing or is this a bug? Thanks in advance!