Note: there is a change in the numbering scheme, the third digit will
only be used for patches/bug fixes in the future.
Note: websockets support isn't available in pkgsrc (yet. the required
library still needs packaged.)
hanges:
* Check for C99 support in compiler
* Count RIO bytes and check against max stanza size
* Gracefully drop unhandled HTTP connections
* wss:// (WebSocket over SSL) support in c2s
* Allow BareJID S10N packets
* Fallback to connecting S2S using local.ip when none of the origin.ip
works
* Removed explicit SQLite transactions
* SQLite postconnect SQL support
* SQLite DB setup script improvements
* Many Coverity Scan and cppcheck detected issues fixed
* Properly lowercase SASL mechanisms in c2s
* Support out-of-source build
* 2.3.5 to 2.3.6 upgrade:
What changed:
- Support WebSocket fragmented packets
- Fixed delivering directed presence (to self)
- Reset in-sess 'from' to FullJID on non-Presence packets
This is mainly a bugfix release.
The main change is that WebSocket connections work stable now.
https://github.com/jabberd2/jabberd2/commits/jabberd-2.3.6
move requirement for cppunit to debug option
add db-update.pgsql, README.md
Updated to version 2.3.5
This file contains news, important changes
and upgrade instructions between different versions of jabberd2.
* 2.3.4 to 2.3.5 upgrade:
What changed:
- Module to verify users using e-mail
- Reordered MIO backends priority
- Skip non-existing blowfish i386 assembler code
- Use CSPRNG for dialback keys
- Allow presence probing own connections
- Use OpenSSL functions for base64 en/decoding when available
- Option to dump packet-filter matched packets to file
mod_verify requires CREATE TABLE "verify" in DB. Make sure you
created it before enabling the module in sm.xml.
MIO backends are prioritized from best to worst now, so if you
do not enforce a backend with ./configure it may change
in new build.
jabberd2 is now leaning strongly against OpenSSL. It is still
possible to use without, but not advisable.
This is a major feature release with a bit of bugfixes.
With this release jabberd2 joins HTTP realm with WebSocket client
connections handling built in C2S module! :-)
Changes:
* Rewrite TLS ephemeral key + cipher handling
* Recover Berkeley DB before opening it
* bcrypt support for PostgreSQL
* Option to set authreg module per realm
* AuthReg ANONYMOUS does not offer password check
* Answer to disco#info queries to user JID
* WebSocket C2S SX plugin
Note: websockets are not available, as the required http-parser module
is not (yet) in pkgsrc.
Problems found with existing distfiles:
distfiles/icb-5.0.9.tar.gz
distfiles/icb.2.1.4.tar.Z
distfiles/zenicb-19981202.tar.gz
No changes made to these /distinfo files.
Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden). All existing
SHA1 digests retained for now as an audit trail.
Update MASTER_SITES with new GITHUB variable.
Upstream changes:
- Support for RSA/DH/ECDH key agreement
- bcrypt support for MySQL storage
- C2S per session user data & authreg auth API extensions for
custom authreg backends
- Option to provide a custom the openssl library path
Do it for all packages that
* mention perl, or
* have a directory name starting with p5-*, or
* depend on a package starting with p5-
like last time, for 5.18, where this didn't lead to complaints.
Let me know if you have any this time.
* 2.3.0 to 2.3.1 upgrade:
What changed:
- Marked "TLS-Everywhere" as EXPERIMENTAL feature
- default EXPERIMENTAL to 'no'
- default SUPERSEDED to 'no'
- moved STANZA-ACK and MY-IP-ADDRESS XEPs and IQ-PRIVATE push
out of experimental status
* 2.2.17 to 2.3.0 upgrade:
What changed:
- Renamed non-standard UPGRADE file overwriting outdated NEWS file
- Semantic Versioning: http://semver.org/
- TLS Everywhere: https://github.com/stpeter/manifesto
- Required GSASL >=1.1
- jabberd should compile without warnings
- out-of-source builds should work
- pgsql: authreg password_type support
- pgsql: schema support
- ldapvcard: groupattr works even if no groupattr_regex defined
- ldapfull: checks for ldap group membership on login
- vCard: Assume tel phone is voice phone
- MySQL: default password hashing algorithm changed to SHA512
- out-conn-reuse s2s.xml option naming unified
- XML parse error will log buffer details
- CRAM-MD5 auth support
- router private key cachain and password support
- hashed passwords support in SQLite3 storage
a) refer 'perl' in their Makefile, or
b) have a directory name of p5-*, or
c) have any dependency on any p5-* package
Like last time, where this caused no complaints.
* Implemented --enable-tests configure option
* Fixed 'make dist' packaging
* Fixed domain name in punycode resolution
* Expand @package@ in etc/*.xml.dist.in
* storage_ldapvcard compilation fixes
* Implement debug logging into file
* Fix invalid default router.xml (Unterminated XML comment tag)
* Fixed libstorage_la_SOURCES
* Implemented support for fake (PBX) sessions in SM
* PBX integration priority setting support
* Fix a crash that occurs when c2s connecting clients passed the defined
connection limit
* Log S2S retry timeout to main log
* Do not log messages when not enabled or empty logfile configured
* Prevent the "billion laughs" attack against expat by disabling internal
entity expansion.
* Shortcut DNS resolution failure in cases when given domain name is invalid
* Explicitly link libcrypt to authreg_mysql
* Removed xconfig - it's not used anywhere
