Feed aggregator

* David Cunningham <dcunningham< at >voisonics.com> [2016-07-21 11:24]: You should have a full trace in your crash.log file, could you show that? What ejabberd version are you using? Holger

Hello! Just installed fresh ubuntu 16.04 and ejabberd 16.01 from it. I configured (yml) ldap authentication and declared myself as admin: acl: ## ## The 'admin' ACL grants administrative privileges to XMPP accounts. ## You can put here as many accounts as you want. ## admin: user: - "dm": "jabber.mydomain" Then started ejabberd and login through web interface. I see that in host config acl database is in RAM (I'm back translating from russian). If I set it to RAM & disk then acl database file appears, but if I restart ejabberd it removes file and I see RAM in database config via web interface. If I set only disk, then ejabberd dies with errors: 2016-07-21 13:02:43 =CRASH REPORT==== crasher: initial call: ejabberd_http:init/2 pid: <0.920.0> registered_name: [] exception error: bad argument: [{ets,lookup,[acl,{admin,global}],[]},{acl,get_aclspecs,2,[{file,"src/acl.erl"},{line,349}]},{acl,match_acl,3,[{file,"src/acl.erl"},{line,346}]},{acl,match_acls,3,[{file,"src/ac l.erl"},{line,276}]},{ejabberd_web_admin,'-is_acl_match/3-fun-0-',3,[{file,"src/ejabberd_web_admin.erl"},{line,88}]},{lists,any,2,[{file,"lists.erl"},{line,1224}]},{ejabberd_web_admin,'-make_server_menu/4-lc$^0/1 -0-',3,[{file,"src/ejabberd_web_admin.erl"},{line,2890}]},{ejabberd_web_admin,make_server_menu,4,[{file,"src/ejabberd_web_admin.erl"},{line,2888}]}] ancestors: [<0.472.0>,ejabberd_listeners,ejabberd_sup,<0.38.0>] messages: [] links: [#Port<0.8866>,#Port<0.8865>] dictionary: [] trap_exit: false status: running heap_size: 28690 stack_size: 27 reductions: 53249 neighbours: 2016-07-21 13:02:43 =CRASH REPORT==== crasher: initial call: ejabberd_http:init/2 pid: <0.1344.0> registered_name: [] exception error: bad argument: [{ets,lookup,[acl,{admin,global}],[]},{acl,get_aclspecs,2,[{file,"src/acl.erl"},{line,349}]},{acl,match_acl,3,[{file,"src/acl.erl"},{line,346}]},{acl,match_acls,3,[{file,"src/ac l.erl"},{line,276}]},{ejabberd_web_admin,'-is_acl_match/3-fun-0-',3,[{file,"src/ejabberd_web_admin.erl"},{line,88}]},{lists,any,2,[{file,"lists.erl"},{line,1224}]},{ejabberd_web_admin,get_auth_account,5,[{file,"s rc/ejabberd_web_admin.erl"},{line,269}]},{ejabberd_web_admin,process,2,[{file,"src/ejabberd_web_admin.erl"},{line,222}]}] ancestors: [<0.472.0>,ejabberd_listeners,ejabberd_sup,<0.38.0>] messages: [] links: [#Port<0.8879>,#Port<0.8880>] dictionary: [] trap_exit: false status: running heap_size: 2586 stack_size: 27 reductions: 3836 neighbours: And 2016-07-21 13:02:43.963 [error] <0.1344.0> CRASH REPORT Process <0.1344.0> with 0 neighbours crashed with reason: bad argument in call to ets:lookup(acl, {admin,global}) in acl:get_aclspecs/2 line 349 Cold you tell me what I'm doing wrong here? btw, I have ejabberd 2 on ubuntu 12.04 and it runs just fine with almost the same config. Thank you!

Hello, I'm using external authentication and have a perl program which is started by ejabberd correctly. I can see the process running, ejabberd is it's parent process, and the perl program writes to a log to say it's running. But when I try to access the /admin/ web page ejabberd logs: 2016-07-20 18:23:00.870 [info] <0.471.0>< at >ejabberd_listener:accept:333 (#Port<0.18688>) Accepted connection 203.217.21.197:45227 -> 70.42.246.78:5280 2016-07-20 18:23:00.871 [debug] <0.500.0>< at >ejabberd_http:init:154 S: [{[<<"websocket">>],ejabberd_http_ws},{[<<"admin">>],ejabberd_web_admin},{[<<"http-bind">>],mod_http_bind}] 2016-07-20 18:23:00.871 [info] <0.500.0>< at >ejabberd_http:init:158 started: {gen_tcp,#Port<0.18688>} 2016-07-20 18:23:00.875 [debug] <0.500.0>< at >ejabberd_http:process_header:281 (#Port<0.18688>) http query: 'GET' <<"/admin/">> 2016-07-20 18:23:00.875 [debug] <0.500.0>< at >ejabberd_http:process:353 [<<"admin">>] matches [<<"admin">>] 2016-07-20 18:23:00.875 [error] <0.500.0> CRASH REPORT Process <0.500.0> with 0 neighbours crashed with reason: bad argument in extauth:call_port/2 line 101 Given the external authentication program is running okay, can anyone suggest how to debug the issue? Thanks in advance,

Just to update, I reinstalled using the repository from https://jabber.at but it had the same issue. Then I installed using the .deb from ejabberd.im and that worked fine. On 20 July 2016 at 07:16, David Cunningham <dcunningham< at >voisonics.com> wrote:

Hi, How to manage ejabberd cluster? how to change ejabberd configure without restart ejabberd? max ejabberd nodes in cluster? thanks in advance _______________________________________________ ejabberd mailing list ejabberd< at >jabber.ru http://lists.jabber.ru/mailman/listinfo/ejabberd

Hi Philipp, Thanks for the ideas. The process isn't running. I'll try upgrading to a newer version. On 19 July 2016 at 22:41, Philipp Huebner <debalance< at >debian.org> wrote:

Hi, Am 19.07.2016 um 14:09 schrieb David Cunningham: on Debian/Ubuntu, ejabberd is automatically started upon installation, I guess your ejabberd is already running, when I call "ejabberdctl live" in that situation I get a crash as well. Use "/etc/init.d/ejabberd start|stop|restart" or call "service ejabberd start|stop|restart" on your system. As for that version - that is indeed quite old. I'd suggest to use Debian Jessie with Backports, or a newer Ubuntu Release, or use the repository from https://jabber.at/en/apt-repository (preferrably in that order ;) ) Regards,

Hello, I've installed ejabberd on Ubuntu 14.04 (using the distro package) but from time of installation it has always immediately crashed. It seems the error is: # ejabberdctl live {error_logger,{{2016,7,19},{4,56,59}},"Protocol: ~tp: register/listen error: ~tp~n",["inet_tcp",econnrefused]} I've googled and found suggestions like: - Check the hostname is resolvable (it is, in /etc/hosts and DNS) - Check /var/lib/ejabberd/.erlang.cookie is owned by the ejabberd user (it is) - Check nothing else is listening on port 4369 (nothing is) What else could I check? The Ubuntu version is 2.1.11-1ubuntu2.1 which seems very out of date. Is a newer version likely to avoid the problem? Thank you in advance.

Hi, is it possible to disable "multi-subscribe" in the ejabberd PubSub module? I found a post mentioning that this should be possible starting with 16.01 http://stackoverflow.com/questions/34618854/how-can-i-disable-multi-subscription-on-pubsub-node-in-ejabberd Im using 16.06 and multi-subscribe still seems to be the default behaviour. Is there any config option to disable this? Best, Florian

Yes, this as well - sorry for not mentioning right away -, you must make sure to use plaintext authentication. No Digest possible in your case. If using plaintext make sure your connections are being encrypted. //Stefan On Thu, Jul 14, 2016 at 6:10 PM Florian Sailer <fs< at >sailer-interactive.com> wrote: _______________________________________________ ejabberd mailing list ejabberd< at >jabber.ru http://lists.jabber.ru/mailman/listinfo/ejabberd

Thank for you answer... i did some further tests and it seems that the rest method being called depends on the sasl mechanism selected by the client. That makes sense in my eyes... Florian On 13.07.2016 15:17, Stefan Strigler wrote:

Hey, I think all you have to do is not enabled SCRAM for passwords. Then check_password with the password will be called. See here: https://github.com/processone/ejabberd-contrib/blob/master/ejabberd_auth_http/src/ejabberd_auth_http.erl#L76 Greets, Stefan On Wed, Jul 13, 2016 at 2:21 PM Florian Sailer <fs< at >sailer-interactive.com> wrote: _______________________________________________ ejabberd mailing list ejabberd< at >jabber.ru http://lists.jabber.ru/mailman/listinfo/ejabberd

Hi, i'm currently evaluating ejabberd and try to setup auth with the module ejabberd_auth_http. I got the module working and whenever a user authenticates ejabberd is making the following get request to my http API: /xmppauth/get_password?user=test&server=myserver.com&pass= This works fine when i return the clear text password through the API. However, instead of "get_password" i would rather like ejabberd to call "check_password", so that i can validate the password the user has entered within the API service. There are a lot of references to "check_password" in the docs and the code of ejabberd_auth_http but i can't figure out how to influence whether get_password or check_password are being used. Im using ejabberd 16.06 on Ubuntu 14.04. This is my auth setup: auth_method: http auth_opts: host: "https://www.myserver.com" path_prefix: "/xmppauth/" Any help would be very much appreciated.

Just in case someone on this list is from Berlin and bored tomorrow evening: http://www.meetup.com/de-DE/Berlin-XMPP-Meetup/events/231792450/ Holger

Hi. I can't cluster ejabberd 16.06. when uncomment ERLANG_NODE=ejabberd< at >host1 and start ejabberd, is not run ejabberd. clustering in ejabberd 16.06 is different?

* Gaurav Jain <monkeyfdude< at >gmail.com> [2016-06-29 18:08]: Stream management is hard to get right due to the protocol design. Just recently, I stumbled over one more corner case that you might run into on a busy server (that's fixed in 16.06¹). But apart from that, the code works as designed for me, and I've seen it being tested quite a lot, also under (very) bad network conditions. So if you still run into issues, I'd be highly interested in the details, especially if you still see them after updating to ejabberd 16.06. Holger ¹ https://github.com/processone/ejabberd/commit/7ddeac38b6bd0a16f46331cc

Hi, We can get "Replaced by new connection" errors/status from server in two ways. * As a stream error * As a status in presence stanza for a MUC room My question is: Will stream error will have to occur for MUC presence status be "Replaced ..."? In other words, MUC status can be "Replaced by new connection" only if there was a stream:conflict:error "Replaced by new connection"? So, if I handle stream:conflict:error on client correctly, then I will always be in clean state. Please clarify. Best Regards, PS: I have observed, with stream management, there are many issues when network gets into weird state. The stanza acknowledgement stops working. So, I was thinking of cleaning bad connections and start from scratch. _______________________________________________ ejabberd mailing list ejabberd< at >jabber.ru http://lists.jabber.ru/mailman/listinfo/ejabberd

We are proud to introduce our new ejabberd release, ejabberd 16.06. As usual it includes many bug fixes, but also several improvements. The big improvement in this release is a new Access Control List (ACL) infrastructure. ACL rules are used in ejabberd config file to define fine-grained access to ejabberd features. In ejabberd 16.06, the ACL configuration has been much improved to make it both simpler to use and easier to read. Moreover, ACL and access rules are not mandatory anymore when configuring access restrictions for a feature or a module: You can just inline the user, for example, making small configuration much easier to setup properly. To make you even more comfortable, our new code is still supporting the old syntax and you can mix old and new syntax. It means that you can still use your existing configuration file and that you can migrate incrementally, as needed. ## The new ACL syntax New access rule will look like this: access_rules: my_access: - allow: admins - deny: blocked - allow: - user: "peter< at >server.com" - ip: "222.111.222.111/32" - allow: moderators This is an example definition for `my_access` rule. It is composed of four groups. They are evaluated from top to bottom order. the first with all listed acl rules evaluated as true is used as result. If none of them matches, evaluation fallback to default value `deny`. Above definition can be parsed as: if user belongs to ACL definition `admins`, return `allow`, if not, and user belongs to ACL definition `blocked`, return `deny`. otherwise for user "peter< at >server.com" when connected from ip: "222.111.222.111" return `allow`, and for users in ACL definition `moderators` return `allow` as well, in all other cases return `deny`. We can see in this example two new additions that were introduced in this rewrite: - you can now directly specify ACL definitions inside access rules (you no longer will be required to define ACL rules for each case) - you now have the ability to require a match on several ACL rules types at this same time (in the example: ip and user). You can use any rule that is allowed inside acl: sections (like user, server, resource, user_glob, etc.) and one additional rule that is allowed only inside access_rules: section, `acl: NameOfACL` that will look for definition of NameOfAcl inside `acl:` section and use it for matching. If you have only one ACL rule name to use you can use short form `- allow: acl_rule`, additionally `- allow: all` or `- deny: all` can be shorted still to `- allow` and '- deny`. Shapers can also be specified using new syntax, but they now go into `shaper_rules:` section and they look like that: shaper_rules: my_shaper: - 100: admin - 10: all Rules defined in `access:` section will use old syntax, and work as before, so you don't need to update your old config, to adapt it to that change. At last, one can define module specific access rules directly in modules configuration section, this is simpler to understand when reading configuration. Let's get a simple example of the changes. With previous ACL implementation, one could have this: acl: bad_servers: ip: - "XXX.XXX.XXX.XXX/32" admin: user: - "aleksey": "localhost" access: muc_admin: admin: allow muc_create: local: allow muc: all: allow s2s: bad_servers: deny all: allow c2s_shaper: admin: none all: normal modules: mod_muc: access: muc access_create: muc_create access_persistent: muc_create access_admin: muc_admin Which can be translated to this since ejabberd 16.06 with new ACL implementation: acl: admin: user: "aleksey< at >localhost" access_rules: s2s: - deny: - ip: "XXX.XXX.XXX.XXX/32" - allow c2s_shaper: - none: admin - normal modules: mod_muc: access: - allow access_create: - allow: local access_persistent: - allow: local access_admin: - allow: admin Shorter and clearer. Please also note that you can use the JID literally as a string. The previous awkward `username: domain` syntax can go away. ## Changes This is a selection of the most relevant changes: ### Config - New ACL infrastructure - Add shorter version of some common access rules definitions - Allow `< at >` inside acl rules `user`, `user_glob` or `user_regexp` to pass both user and server in single string - Add acl rule `access_rules_validator` and `shaper_rules_validator` for use in `mod_opt_type` and `opt_type` callback functions. - Allow using shapers defined by name like in s2s_shaper: fast - Allow mod_opt_type and opt_type to transform values passed to it, and support better error reporting - Do not call `transform_terms` multiple times in configuration processing when merging them - Don't halt program when `include_config_file` is missing/can't be read - Allow again multiple fqdn values in configuration ### Commands - Allow passing username and ip to `ejabberd_commands`, and use it in `mod_http_api` - Fix path to epmd in ejabberdctl - push_roster: must convert read strings to binaries - `set_presence`: Fix command API - Fix for `modules_update_specs` command - Add ejabberdctl commands to manage oauth tokens. ### Core - Bounce messages sent to server JID - Fix C2S session leak in rare cases - Fix handling of queued stanzas on session timeout - Give more time to stop and kill epmd - When stopping ejabberd, stop modules after broadcasting c2s shutdown - XEP-0198: Use different error message for bounces - XEP-0198: Add 'h' attribute to element - XEP-0198: Also count stanzas when socket is closed ### Databases - Fix pgsql compatibility on `delete_old_messages` command - Handle Redis connection in a separate module - Report in SQL when scram is enabled but the stored password isn't - Update SQL escaping - Use MEDIUMTEXT type for muc_room.opts in MySQL schema ### MAM - Send unique stanza id and archived tag also in the message carbons - Fix "assume_mam_usage: if_enabled" - Fix typo in `mod_mam:select()` - Updated support of XEP-0313 from version 0.4 to 0.5.1 - Mnesia: Avoid cleanup on bag when disc_only, switch in memory - Mnesia: Don't exceed table size limit - Mnesia: Use transactions when writing ### Client State Indication - Fix handling of chat states - Simplify check for carbon-copied chat states - Simplify handling of PEP stanzas - Pass chat states of other resources - Unwrap carbon copies when checking for chat states - Add `queue_pep` option - Queue chat state notifications - Move CSI queue handling code from `ejabberd_c2s` - When stopping, delete only the configured hooks ### Other modules - ext_mod: Set HTTP/1.0 so Github accepts the request - gen_mod: Compile early to remove undefined behaviour warning - mod_http_upload: Let client retry HTTP upload on file size mismatch - mod_last: Produce mod_last entry on account creation - mod_muc_room: Notify on affiliation changes - mod_register: Check password with jid:resourceprep when registering account - mod_roster: respect roster item changes introduced with `roster_process_item` hooks upon pushing - PubSub: Fix PubSub RSM on `get_items` - PubSub: Add support for PubSub publishing options - PEP: Fix sender in case of explicit pep subscriptions - ejabberd_xmlrpc: Report error when conversion of argument type fails ## Feedback As usual, the release is tagged in the Git source code repository on Github: https://github.com/processone/ejabberd.git The source package and binary installers are available at ProcessOne: https://www.process-one.net/ejabberd/downloads/ If you suspect that you've found a bug, please search or fill a bug report on Github: https://github.com/processone/ejabberd/issues

Hi List experts I am trying to access ejabberd web admin by visiting http://mydomain:5280/admin and i get a blank page. After checking the log file, i found that ejabberd crashes. The crash is immediate after visiting the web admin URL. This happens when i commented ## access: register in mod_register: block. The crash report ******************** 2016-06-25 08:35:24 =CRASH REPORT==== crasher: initial call: application_master:init/4 pid: <0.37.0> registered_name: [] exception exit: {{bad_return,{{ejabberd_app,start,[normal,[]]},{'EXIT',{function_clause,[{lists,map,[#Fun<gen_iq_handler.4.19837317>,register],[{file,"lists.erl"},{line,1237}]},{ejabberd_config,transform_module_options,2,[{file,"src/ejabberd_config.erl"},{line,1095}]},{ejabberd_config,'-replace_modules/1-fun-0-',1,[{file,"src/ejabberd_config.erl"},{line,993}]},{lists,map,2,[{file,"lists.erl"},{line,1238}]},{ejabberd_config,process_host_term,4,[{file,"src/ejabberd_config.erl"},{line,646}]},{lists,foldl,3,[{file,"lists.erl"},{line,1262}]},{ejabberd_config,read_file,2,[{file,"src/ejabberd_config.erl"},{line,162}]},{ejabberd_config,start,0,[{file,"src/ejabberd_config.erl"},{line,60}]}]}}}},[{application_master,init,4,[{file,"application_master.erl"},{line,134}]},{proc_lib,init_p_do_apply,3,[{file,"proc_lib.erl"},{line,240}]}]} ancestors: [<0.36.0>] messages: [] links: [<0.36.0>,<0.38.0>,<0.7.0>] dictionary: [] trap_exit: true status: running heap_size: 1598 stack_size: 27 reductions: 189 neighbours: *********************************************************** But when i enable the access: register in mod_register: block , i get the following error and ejabberd does not start at all. 2016-06-25 08:35:24.452 [error] <0.37.0> CRASH REPORT Process <0.37.0> with 0 neighbours exited with reason: no function clause matching lists:map(#Fun<gen_iq_handler.4.19837317>, register) line 1237 in application_master:init/4 line 134 I have installed latest ejabberd(ejabberd-16.04) through installer in Ubuntu 14 and using mysql as database. I am also attaching the ejabberd config file ejabberd.yml as an attachment. Thanks Sagnaic _______________________________________________ ejabberd mailing list ejabberd< at >jabber.ru http://lists.jabber.ru/mailman/listinfo/ejabberd

I using tcp loadbalancer between clients and chat servers and chat server detect loadbalancer IPs as attacker. client IPs are not sent to chat servers. On Sat, Jun 18, 2016 at 1:30 PM, <ejabberd-request< at >jabber.ru> wrote: