ejabberd 15.03 released

ejabberd 15.03 is yet another important release. We have added fixes and some major improvements.

You can learn more about the changes and roadmap by meeting part of the team in upcoming ejabberd San Francisco Meetup.

New features

Websocket

Websocket support is among the major new features introduced in this release. You can write speedy XMPP web clients. This web support has been tested on large deployments and is extremely fast, with very low latency.

Customizable session backends

We have introduced a new major feature to give more flexibility in the way sessions are managed in ejabberd. In the past, session were managed in Mnesia because it was the best compromise between speed, latency and scalability. However, ejabberd is deployed on a large variety of usage patterns and platform types and sizes. We thus have decided to provide more flexibility to accommodate with various use cases. For most deployments Mnesia is still the default choice and best backend to store sessions. For corporate deployments that need to get easy access to online users and status from other components, we provide a SQL backend for live sessions storage. Finally, if you want to avoid duplicating session across nodes to deploy a larger cluster, you can store your session information in a central, fast, in-memory backend like redis.

This improves scalability or flexibility depending on your platform type.

Security improvement: SCRAM support for SQL authentication backend

If you use the default ejabberd SQL authentication backend, you can now enable password encryption in the database using the standard SCRAM approach. We also provide a tool to migrate your existing authentication database to the new SCRAM secure scheme:

First of all, make sure your database is already updated to support SCRAM, those are the changes required:

ALTER TABLE users ADD COLUMN serverkey text NOT NULL DEFAULT '';
ALTER TABLE users ADD COLUMN salt text NOT NULL DEFAULT '';
ALTER TABLE users ADD COLUMN iterationcount integer NOT NULL DEFAULT 0;

Then start ejabberd in "live" mode, or use "ejabberdctl debug" to gain access to your running ejabberd. And execute something like this in the Erlang console:

ejabberd_auth_odbc:convert_to_scram(<<"example.org">>).

Development community and Elixir improvements

ejabberd 15.03 is also the continuation of 15.02 in the way it simplifies the development and management of contributed modules. The community is growing with more code being contributed by third party developers. You can already find many modules contributed by the community. And now you can even install contributed modules without having developer skills or module compilation.

Interest around ejabberd has been accelerating with the introduction of Elixir. This release improves Elixir support. Moreover, you can now write ejabberd tests in Elixir and they are ran transparently with the rest of the test suite.

Simple add cluster node command

With our constant desire to simplify deployment we added a new ejabberdctl command to add a node in a cluster in a single command. Those who went to the process of setting up a cluster will certainly love this new command:

Changelog overview

As a summary, here is the high level changelog:

- Add support for WebSocket
- Flexible session management with multiple backends: Mnesia/SQL/Redis or custom backend for session manager
- Security improvement with SCRAM based password encryption in SQL authentication backends.
- Package management for ejabberd contributed modules
- Improved Elixir experience
- Automatic clustering scripts
- Added missing index on database
- Important updates on the documentation, with the launch of a new documentation site: docs.ejabberd.im
- Several other bugfixes

MySQL database structure improvement

We were missing an index on privacy list in the default MySQL schema. The database schema has been updated.
If you want to apply the changes on a running instance, here is the SQL command to issue:

Feedback

As usual, the release is tagged in the Git source code repository on Github.

The source package and binary installers are available at ProcessOne.

If you suspect you found a bug, please search or fill a bug report on Github.