Changelog since 13.12:
ejabberd now includes support for:
- XEP-0198: Stream Management (EJAB-532)
- XEP-0321: Remote Roster Management (EJAB-1381)
- RFC-3261: SIP proxy/registrar
- RFC-5766: TURN: Traversal Using Relays around NAT (EJAB-1017)
There are several improvements regarding encryption:
- Add option to specify openssl options
- Fix extraction of host names from certificates
- Fix certificate authentication for incoming s2s connections
- Fix handling of certificate verification errors for incoming s2s
- Handle “s2s_use_starttls: required_trusted” the same way for outgoing
- Support certificate verification for outgoing s2s connections
- Check TLS state before requesting SASL EXTERNAL
- Log TLS status for outgoing s2s with SASL EXTERNAL
- Verify host name before offering SASL EXTERNAL
Just to mention other improvements:
- New ejabberd command: disconnect_user/2
- New Bash completion script for ejabberdctl, experimental (EJAB-1042)
- Don’t provide current password in webinterface
- mod_register_web: check same acl as mod_register.
- Document and enable mod_carboncopy (XEP-0280) by default
- Make it possible to get/set vCards for MUC rooms
- Add Travis CI configuration file
Changes since 13.10:
- New OpenSSL ciphers option in c2s, s2s and s2s_out
- mod_roster: new access rule to restrict roster modificartion
- mod_pubsub: support for data migration from mnesia to odbc
- ejabberd_xmlrpc included
- Bugfixes
Bugs fixed since 2.1.12:
* Compilation: Detect correctly newer Darwin versions (EJAB-1594)
* Guide: ejabberd_service expects a shaper_rule, not a shaper
* MUC: Handle multiple < and > in mod_muc_log plaintext mode (EJAB-1640)
* MUC: Handle ~ control sequence in text of mod_muc_log (EJAB-1639)
* MUC: list_to_integer/2 only works in OTP R14 and newer
* Pubsub: access_createnode acl also applies to auto created nodes
* Web: Normalize HTTP path
Changes since 2.1.10:
* Core ejabberd
- Make terms serialization faster
- Reduce size of XML stream state
* Administration
- Add SCRAM and remove MD5 support to ejabberd commands auth verification
- Added command to list all the vhosts registered in an ejabberd node
- Added export2odbc command, copied from mod_admin_extra.erl
- Fix ejabberdctl number of arguments error report with R15
- Check node name is available before starting ejabberd (EJAB-1572)
- Fix ejabberd_xmlrpc commands authentication with SCRAM
- Fix mod_offline:store_offline_msg argument (EJAB-1581)
- Log IP address when auth attempt fails
- Make sure update_info returns atoms only (EJAB-1595)
- On shutdown, first stop listeners, then modules
* Encryption
- Detect OpenSSL version at runtime, not at compile time
- Fixed signedness issue in tls_drv GET_DESCRYPTED_INPUT (EJAB-1591)
- Enable DHE key exchange in TLS driver
- Enable ECDHE key exchange in TSL driver
- Disable old and unsecure ciphers in TLS driver
- Disable SSL 2.0 in TLS driver
* HTTP-Bind
- Do not trigger item-not-found errors in mod_http_bind
- Repeated http-bind request should abort only requests with same rid
- Receiving missing request shouldn't close waiting out-ouf-order request
* XMPP
- Allow multiple fqdn values in configuration (EJAB-1578)
- Fix get_subscription_lists/4
- Fix account registration
- Send announce Message stanzas as Headline type instead of Normal
* Other
- Guide: Fix file name of Name Service Switch
- Guide: Document the db_type modules option (EJAB-1560)
- LDAP: Fix broken JPEG photo (EJAB-1526)
- LDAP: Fix compatibility with Erlang R16A (EJAB-1612)
- MUC: Fix angle brackets handle in plaintext log (EJAB-1610)
- MUC: Fix MUC start when Mnesia tables don't exist yet
- MUC: New mod_muc_log option file_permissions (EJAB-1588)
- ODBC: Merge SQL and Mnesia code into one module (EJAB-1560)
- Translation: New Hebrew
- Translation: Update Slovak
- HTTP service
- Fix ejabberd_http:get_line
- Don't use binary:match to extract lines from binaries
- Parse and encode https header names like native http parser does
- Parse correctly https request split into multiple packets
- Properly handle HEAD request in mod_http_bind (EJAB-1538)
- New option default_host for handling requests with ambiguous Host
(EJAB-1261)
- ODBC
- New ODBC support for mod_announce
- New ODBC support for mod_blocking
- New ODBC support for mod_irc
- New ODBC support for mod_muc
- New ODBC support for mod_shared_roster
- New ODBC support for mod_vcard_xupdate
- Add ODBC exporting function for privacy table
- Work also with some unicode strings in PgSQL (EJAB-1490)
- Replace a single quote with double quotes in an ODBC escape
- SSL
- Make sure that res is initialized in all cases
- Parse correctly https request split into multiple packets (EJAB-1537)
- Added missed tls:recv_data/2
- Don't ignore Length parameter in tls:recv
- Avoid quadratic behavior in reading SSL data
- Dix http_bind webserver TLS fail on Chrome (EJAB-1530)
- Miscelanea
- Assume we have only one CPU when an auto-detection fails (EJAB-1516)
- Auth: Relax digest-uri handling (EJAB-1529)
- Caps: Cache caps timestamp before the IQ-request is done
- IRC: Use of MUC password
- Private: misc errors cases fixes
- Pubsub: return user affiliation for a specified node (EJAB-1294)
- Shared Roster: Foreign items were not pushed (EJAB-1509)
- Shared Roster LDAP: user substitution in ldap_rfilter (EJAB-1555)
- Windows: Fix makefile rules for building DLLs
Bug fixes:
* Erlang/OTP compatibility
- Support Erlang/OTP R15B regexp and drivers (EJAB-1521)
- Fix modules update in R14B04 and higher
- Fix modules update of stripped beams (EJAB-1520)
* XMPP Core
- Fix presence problem in C2S after first unavailable (EJAB-1466)
- Fix bug on S2S shaper when TLS is used
- Prevent overload of incoming S2S connections
* XEPs
- BOSH: Get rid of useless mnesia transaction (EJAB-1502)
- MUC: Don't reveal invitee resource when room informs invitor
- Privacy: Activate "Blocked Contacts" to current c2s connection (EJAB-1519)
- Privacy: Always allow packets from user's server and bare jid (EJAB-1441)
- Pubsub: Add hooks for node creation/deletion (EJAB-1470)
- Shared Rosters: support groupname@vhost in Displayed Groups (EJAB-506)
- Vcard: Fix error when lowercasing some search results (EJAB-1490)
Changes:
* Core ejabberd
- Decrease CPU usage caused by tls:send with large data
- Escape iolist correctly when NIFs are disabled (EJAB-1462)
- Fix code to satisfy Dialyzer warnings
- Fix compilation in Windows
- Replace calls of OTP’s Binary, since they would require R14
* LDAP
- Document ldap_tls_cacertfile and ldap_tls_depth options (EJAB-1299)
- Log an error when an LDAP filter is incorrect (EJAB-1395)
- New options: ldap_tls_cacertfile and ldap_tls_depth (EJAB-1299)
- New option: ldap_deref_aliases (EJAB-639)
- Match ldap_uidattr_format case-insensitively (EJAB-1449)
* MUC
- Support for multiple entry with same nick to MUC rooms (EJAB-305)
- Support voice request and approvement
- New room option: allow_private_messages_from_visitors
- New room options: allow_voice_requests and voice_request_min_interval
- Include status 110 in presence to new occupant (EJAB-740)
- Fix mod_muc_log crash when first log entry is room destroy (EJAB-1499)
- Many fixes and improvements in mod_muc
* Pubsub
- Enable pubsub#deliver_notification checking (EJAB-1453)
- Fix Denial of Service when user sends malformed publish stanza (EJAB-1498)
* ODBC
- Fix ODBC account counting (EJAB-1491)
- Optimized mod_roster_odbc:get_roster
* Miscellanea:
- New SASL SCRAM-SHA-1 authentication mechanism (EJAB-1196)
- New option: resource_conflict (EJAB-650)
Small list of changes:
2.1.7
* BOSH: Keep the order of stanzas when BOSH sends several
* CAPTCHA in MUC: New whitelist option
* CAPTCHA: New captcha_limit option
* Core: Disable all entity expansions
* Core: Do not accept XML with undefined prefixes
* ejabberdctl: New DIST_USE_INTERFACE restricts IP erlang listen
* ejabberdctl: New ERL_EPMD_ADDRESS that works since Erlang/OTP R14B03
* extauth: If script crashes, ejabberd should restart it
* If a module start fails during server start, stop erlang
* mod_blocking: New XEP-0191 Simple Communications Blocking
* mod_pres_counter: Prevent subscription flood
* mod_register: Access now also controls account unregistrations
* mod_shared_roster: Fix support for anonymous accounts in @all@
* mod_shared_roster: New @online@ directive
* New Indonesian translation
* Pubsub: Apply filtered notification to PEP last items
* Pubsub: Owner can delete any items from its own node
2.1.6
* BOSH: Fix rare loop, support vhosts, allow module restart
* Config: Default configuration allows registrations only from localhost
* Config: Support to change loglevel per module at runtime
* Erlang/OTP: Fix compatibility from R10B-9 to R14B01
* ODBC: Compatibility with PostgreSQL 9.0
* Privacy lists: Fix to allow block by group and subscription again
* Pubsub: Fix cross domain eventing
* Register: Added CAPTCHA, password strength and ip_access to mod_register
* Register: New mod_register_web, with CAPTCHA support
* S2S: New options to require encryption, and verify certificates
* Shared Rosters: Added mod_shared_roster_ldap
* Bind listener ports early and start accepting connections later
Short list of changes:
* Erlang/OTP R12 support fixed
* Erlang/OTP R14A support added
* OpenSSL 0.9.8 or higher is required
* BOSH: New optional connection attribute process-delay
* C2S: Don't ask for client certificate when using tls
* C2S: Inform client that SSL session caching is disabled
* CTL: Fix problem when FIREWALL_WINDOW options for erl kernel were used
* CTL: Some systems delete the lock dir; in such case don't use Flock at all
* Caps: Support all the hash functions required by XEP-0115
* Config: Fix typo in --enable-transient_supervisors
* Config: New configure option: --enable-nif
* Extauth: Support parallel script running
* MUC: Allow admins to see private rooms in disco
* ODBC: Correct handling of SQL boolean types
* ODBC: Discard too old queued requests (the caller has already got a timeout)
* ODBC: Fixes wrong SQL escaping when --enable-full-xml is set
* ODBC: Use ets insead of asking supervisor in ejabberd_odbc_sup:get_pids/1
* Pubsub: Enforce disco features results
* S2S: When logging s2s out connection attempt or success, log if TLS is used
* Shared Rosters: When account is deleted, delete also member
of stored rosters
Short list of changes:
* Bounce messages when closing c2s session
* Bugfixes when handling Service Discovery to contacts
* Don't send error stanza as reply to error stanza
* Don't store blocked messages in offline queue
* Extauth: Optionally cache extauth users in mnesia
* Full support for XEP-0115 Entity Capabilities v1.5
* HTTP-Bind (BOSH): Remove unneeded 100 ms delay, and export functions
to facilitate prebinding methods
* LDAP: Inband password change, Extensible match support,
and ldap_tls_verify.
* Localization: Updated most translations
* MUC: Refactor code to reduce calls to get_affiliation and get_role
* ODBC: Add created_at column also to PostgreSQL schema
* PAM: New option pam_userinfotype to provide username or JID
* Pubsub: Send created node notifications. Enforce
pubsub#presence_based_delivery, pubsub#show_values
* Vcard: Automatic vcard avatar addition in presence
* WebAdmin: New Access rule webadmin_view for read-only
Changes in ejabberd-2.1.3
Client connections
* Avoid 'invalid' value in iq record
* Avoid resending stream:error stanzas on terminate (EJAB-1180)
* Close also legacy sessions that were half connected (EJAB-1165)
* iq_query_info/1 now returns 'invalid' if XMLNS is invalid
* New ejabberd_c2s option support: max_fsm_queue
* Rewrite mnesia counter functions to use dirty_update_counter (EJAB-1177)
* Run user_receive_packet also when sending offline messages (EJAB-1193)
* Use p1_fsm behaviour in c2s FSM (EJAB-1173)
Clustering
* Fix cluster race condition in route read
* New command to set master Mnesia node
* Use mnesia:async_dirty when cleaning table from failed node
Documentation
* Add quotes in documentation of some erl arguments (EJAB-1191)
* Add option access_from (EJAB-1187)
* Add option max_fsm_queue (EJAB-1185)
* Fix documentation installation, no need for executable permission
(EJAB-1170)
* Fix typo in EJABBERD_BIN_PATH (EJAB-891)
* Fix typos in example config comments (EJAB-1192)
ejabberdctl
* Support concurrent connections with bound connection names
* Add support for Jot in ctl and TTY in debug
* Support help command names with old - characters
* Fix to really use the variable ERL_PROCESSES
Erlang compatibility
* Don't call queue:filter/2 to keep compatibility with older Erlang versions
* Use alternative of file:read_line/1 to not require R13B02
HTTP
* Add new debugging hook to the http receiving process
* Allow a request_handler to serve a file in root of HTTP
HTTP-Bind (BOSH)
* Cross-domain HTTP-Bind support (EJAB-1168)
* Hibernate http-bind process after handling a request
* Reduce verbosity of HTTP Binding log messages
LDAP
* Document ldap_dn_filter, fetch only needed attributes in search
(EJAB-1204)
* Use "%u" pattern as default for ldap_uids (EJAB-1203)
Localization
* Fix German translation (EJAB-1195)
* Fix Russian translation
ODBC
* Fix MSSQL support, which was broken (EJAB-1201)
* Improved SQL reconnect behaviour
Pubsub, PEP and Caps
* Add extended stanza addressing 'replyto' on PEP (EJAB-1198)
* Add pubsub#purge_offline (EJAB-1186)
* Fix pubsub#title option (EJAB-1190)
* Fix remove_user for node subscriptions (EJAB-1172)
* Optimizations in mod_caps
Other
* mod_register: Add new acl access_from, default is to deny
* mod_sic: new module for the experimental XEP-0279 Server IP Check
(EJAB-1205)
* PIEFXIS: Catch errors when exporting to PIEFXIS file (EJAB-1178)
* Proxy65: new option "hostname" (EJAB-838)
* Roster: Fix resending authorization problem
* Shared Roster Groups: get contacts nickname from vcard (EJAB-114)
* S2S: Improved s2s connections clean up (EJAB-1202)
Changes in ejabberd-2.1.2
Core
* Close sessions that were half connected
* Fix SASL PLAIN authentication message for RFC4616 compliance
* Fix support for old Erlang/OTP R10 and R11
* Return proper error (not 'conflict') when register is forbidden by ACL
* When ejabberd stops, send stream close to clients
ejabberdctl
* Check for EGID in ejabberdctl command
* Command to stop ejabberd informing users, with grace period
* If there's a problem in config file, display config lines and stop node
MUC
* Kick occupants with reason when room is stopped due to MUC shutdown
* Write in room log when a room is created, destroyed, started, stopped
PubSub and PEP
* Don't call gen_server on internal event (improves performance and
scalability)
* Fix duplicate SHIM header in Pubsub message
* Notification messages of Pubsub node config change contained a SHIM
header
* SubID SHIM header missing in Pubsub message with multiple subscriptions
on the same node
* PEP: last published item not sent from unavailable users when the
subscription is implicit (XEP-0115)
* pep_mapping not working due to Node type mismatch
WebAdmin
* If big offline message queue, show only subset on WebAdmin
* Support in user list page of WebAdmin when mod_offline is disabled
Bugfix release:
* Fix connection if starttls_required and zlib are set
* S2S: fix allow_host/2 on subdomains. added hook s2s_allow_host
* MUC: Add support for serving a Unique Room Name
* MUC: Route vCard request to the occupant bare JID
* MUC: Support converting one-to-one chat to MUC
* PubSub: Receive same last published PEP items at reconnect if several resources online
* PubSub: Typo in mod_pubsub_odbc breaks Service Discovery and more
* Web: Fix memory and port leak when TLS is enabled in HTTP
* WebAdmin: report correct last activity with odbc backends
* Change captcha.sh to not depend on bash
* Generate main XML file also when exporting only a vhost
* Fix last newline in ejabberdctl result
* Guide: fix -setcookie, mod_pubsub_odbc host, content_types
Pkgsrc changes:
* Fixed documentation install
Very brief list of additions:
* Erlang/OTP R13 support
* HTTP-Bind (BOSH) optimization and clean-up
* LDAPS support
* MUC rooms can require a CAPTCHA to join the room
* PubSub: major improvements. Update to XEP version 1.12
* PEP and Caps: many improvements
* Run commands with ejabberdctl or other frontends (XML-RPC, HTTP)
* STUN server
* XEPs like: XMPP Ping, Roster Versioning, Import/Export Format
See full release note:
http://www.process-one.net/en/ejabberd/release_notes/release_note_ejabberd_2.1.0
* Fix two problems introduced in ejabberd 2.0.4: subscription request produced
many authorization requests with some clients and transports; and
subscription requests were not stored for later delivery when receiver was
offline.
* Fix warning in expat_erl.c about implicit declaration of x_fix_buff
* HTTP-Bind (BOSH): Fix a missing stream:error in the returned
remote-stream-error stanza
* Do not ask certificate for client (c2s)
* Check digest-uri in SASL digest authentication
* Use send timeout to avoid locking on gen_tcp:send
* Fix ejabberd reconnection to database
* HTTP-Bind: handle wrong order of packets
* MUC: Improved traffic regulation management
* PubSub: Several bugfixes and improvements for best coverage of XEP-0060 v1.12
* Shared Roster Groups: push immediately membership changes
* Rotate also sasl.log on "reopen-log" command