ejabberd 17.03

New modular code, flexible core backend, dynamic configuration reload, spam protection and routing API changes.
These are the most interesting improvements coming in 17.03.

As usual, we also included several other improvements and many bug-fixes. In summary, almost 3K new lines of code and other 10K changed lines.

Many thanks to all of you which tested and sent feedback over the beta testing period!

Improvements

Modular code

New modular code allows to develop modules for a wide scope of functionalities without patching the core code such as C2S, S2S and router.

Routing API

Now ‘From’ and ‘To’ arguments must be omitted in functions and structures related to routing.
The commit deprecates the following functions:

  • ejabberd_router:route/3 in favor of ejabberd_router:route/1
  • ejabberd_router:route_error/4 in favor of ejabberd_router:route_error/2
  • ejabberd_local:route_iq/4 in favor of ejabberd_local:route_iq/2
  • ejabberd_local:route_iq/5 in favor of ejabberd_local:route_iq/3

The format of {route, From, To, Packet} is changed in favor of {route, Packet}.
API changes will be better described with 17.03 release when new API documentation will be completed.

Flexible core backend

Ejabberd used to store all in-memory shared data such as ACLs, proxy65, sessions, routes, clustering, etc in internal Mnesia database and this used to be hardcoded. With new API it’s now possible to store such data in any database.
However, currently only Mnesia backend is supported, but we’re working on implementing other backends (redis, sql) in future releases.
For the record, it’s already possible to store client sessions in Redis and/or SQL servers, the API was just extended to make it possible to implement such a backend for any in-memory shared data.

New features

Dynamic configuration reload

Using ‘reload_config’ ejabberd’s command it is now possible to reload modules, database connections, listeners, ACLs and global options without restarting ejabberd.
Thanks to this improvement, it’s now possible to add and remove virtual hosts via configuration reload.

Spam protection

If you want to get ride of XMPP SPAM, best option is now to use our new feature implemented by mod_block_strangers. This module just allow to block packets from non-subscribers, this means you won’t receive messages from users not registered in your roster.

S2S dialback

S2S dialback is now an optional module. If not present in the configuration, only TLS mechanism can be used to establish S2S connections.

Upgrade

While upgrading an existing system, you need to care about few required changes. In order to enable S2S dialback, stream management (XEP-0178), legacy client auth or the new anti-spam feature, the following modules should be added to ejabberd’s configuration:

  • mod_s2s_dialback
  • mod_stream_mgmt
  • mod_legacy_auth
  • mod_block_strangers

If you have issues using PubSub with Postgres backend, please check the full schema update from sources.
While in runtime, you can run the following bare minimal changes to fix PubSub

ALTER TABLE pubsub_state ALTER COLUMN subscriptions SET DEFAULT '';
UPDATE pubsub_state SET subscriptions='' WHERE subscriptions=null;

Changes

Here are the most relevant changes

Developer

  • tools/hook_deps.sh: checks hook dependencies
  • tools/find-outdated-deps.pl: checks which dependences need update
  • Mark as deprecated add/get_local/global_option config functions
  • Change routing API

Core

  • Fix some corner cases while re-reading RFC6120
  • Attach IP metadata to every stanza received from stream
  • Apply SASLprep before storing/converting passwords
  • Send compressed in correct order
  • Reset XML stream before sending SASL success
  • Speedup features list when a lot of virtual hosts configured
  • Fix s2s_dns_timeout issues
  • Better handling of IPv6 domains
  • Rename mod_sm -> mod_stream_mgmt
  • Don’t count resent stanzas
  • Improve startup procedure, and log startup time
  • Add more processes to supervision
  • sm_sql: Avoid PID collisions

Admin

  • Add ‘supervisor’ listening option
  • Accept “add_commands: admin” in commands section
  • Make sure that api_permissions always have “console commands” section
  • Change name of pam dep from p1_pam to epam
  • Improve compilation with rebar3
  • Add TLS support for external components
  • Specify “ExecReload” command in systemd unit
  • Don’t attempt to resolve _jabber._tcp SRV record
  • Improve error reporting for forbidden servers
  • mod_block_strangers: New module to block packets from non-subscribers
  • mod_register: Report password change in the log
  • Remove relict mod_service_log
  • Remove unused mod_ip_blacklist
  • Remove ejabberd_frontend_socket
  • WebAdmin: improve formatting when showing erlang terms
  • Import from Prosody: Fix import of SCRAM passwords, offline

API & Commands

  • get_last now always returns tuple with UTC XEP-0082 and status
  • Protect users from delete_old_users command using a fixed access rule
  • Separate list of strings with \n for srg_get_info in mod_http_api
  • Support non-JID lines in command create_rooms_file
  • stop_all_connections now stops all s2s connections via supervisor calls
  • Support scrammed passwords in ejabberdctl import_prosody

Configuration

  • Provide example mod_http_api configuration with couple commands
  • Clarify new modules usage in the example config
  • Don’t crash on malformed IP addresses
  • Fix parsing of acl/access rules inside oauth sections of api_permissions

Config reload improvements

  • Start/stop auth modules when host is added/deleted
  • Improve modules start/stop procedures
  • Check result of gen_mod:start/2 callback
  • Improve reload_config admin command
  • Invalidate access permissions on configuration reload
  • Start/stop virtual hosts when reloading configuration file
  • Reload modules when reloading configuration file
  • Restart listeners on configuration reload
  • Make sure all hooks are called with proper host

Databases

  • Add missing NOT NULL restrictions in schemas
  • Move archive tables into lite.sql for better comparison with other schemas
  • Implement database backend interface for mod_proxy65
  • Implement database backend interface for MUC, BOSH and auth_anonyous
  • Implement database backend interface for ejabberd_router
  • Propagate the TRANSACTION_TIMEOUT to pgsql driver

New XMPP stream behavior

  • Reflect cyrsasl API changes in remaining code
  • Improve return values in cyrsasl API
  • More refactoring on session management
  • Add xmpp_stream_out behavior and rewrite s2s/SM code
  • Rewrite ejabberd_service to use new XMPP stream API

MAM & offline storage

  • Make a message is not bounced if it’s archived
  • Archive message before delivering it to offline storage
  • Include stanza ID with archived offline messages
  • Add stanza-id to every archived message

PubSub

  • Avoid orphan_item leak on affiliation/subscription removal
  • Fix pubsub SQL schemas, add NOT NULL restrictions
  • Fix last item cache for multiple hosts

Server to server

  • Several improvements of S2S errors logging
  • Resolve all addresses from SRV lookup
  • Add s2s work-around for gmail.com

Feedback

As usual, the release is tagged in the Git source code repository on Github.

The source package and binary installers are available at ProcessOne.

If you suspect that you’ve found a bug, please search or fill a bug report on Github.

One thought on “ejabberd 17.03

Leave a Comment