![[BACK]](/icons/back.gif){kind=icon}
Up to [cvs.NetBSD.org] / pkgsrc / chat / jabberd2
Request diff between arbitrary revisions
Keyword substitution: kv
Default branch: MAIN
chat: Replace RMD160 checksums with BLAKE2s checksums All checksums have been double-checked against existing RMD160 and SHA512 hashes
chat: Remove SHA1 hashes for distfiles
chat/jabberd2: use htons instead of non-portable htobe16
jabberd2: update to 2.7.0 Upstream changes: - openssl-1.1 support - Python script to export data in XEP-0227 format - Fix build errors with MariaDB 10.2 - systemd units restart on failure - Use systemd BindsTo= instead of BindTo.
Update to 2.6.1 Upstream NEWS: This is a security bugfix release. - Fixed offered SASL mechanism check
Update to 2.6.0 This is a bugfix release. Upstream NEWS: - Better SASL error messages
Update to 2.5.0; upstream changes: * Do not attempt to reload SM modules on SIGHUP * Cleanup config files example * Fixed memory leak in pgsql storage driver * Fixed two double-frees caused by dangling pointers * Fixed c2s logger initialization point On NetBSD, sm receives a SIGHUP shortly after being started from rc.d, which causes a crash. With 2.5.0, sm starts correctly on boot. Drop MESSAGE; reading NEWS on updating is standard practice and not special about jabberd.
Update to jabberd2 2.4.0. Note: there is a change in the numbering scheme, the third digit will only be used for patches/bug fixes in the future. Note: websockets support isn't available in pkgsrc (yet. the required library still needs packaged.) hanges: * Check for C99 support in compiler * Count RIO bytes and check against max stanza size * Gracefully drop unhandled HTTP connections * wss:// (WebSocket over SSL) support in c2s * Allow BareJID S10N packets * Fallback to connecting S2S using local.ip when none of the origin.ip works * Removed explicit SQLite transactions * SQLite postconnect SQL support * SQLite DB setup script improvements * Many Coverity Scan and cppcheck detected issues fixed * Properly lowercase SASL mechanisms in c2s * Support out-of-source build
Update to jabberd 2.3.6: * 2.3.5 to 2.3.6 upgrade: What changed: - Support WebSocket fragmented packets - Fixed delivering directed presence (to self) - Reset in-sess 'from' to FullJID on non-Presence packets This is mainly a bugfix release. The main change is that WebSocket connections work stable now. https://github.com/jabberd2/jabberd2/commits/jabberd-2.3.6
Packaging changes:
move requirement for cppunit to debug option
add db-update.pgsql, README.md
Updated to version 2.3.5
This file contains news, important changes
and upgrade instructions between different versions of jabberd2.
* 2.3.4 to 2.3.5 upgrade:
What changed:
- Module to verify users using e-mail
- Reordered MIO backends priority
- Skip non-existing blowfish i386 assembler code
- Use CSPRNG for dialback keys
- Allow presence probing own connections
- Use OpenSSL functions for base64 en/decoding when available
- Option to dump packet-filter matched packets to file
mod_verify requires CREATE TABLE "verify" in DB. Make sure you
created it before enabling the module in sm.xml.
MIO backends are prioritized from best to worst now, so if you
do not enforce a backend with ./configure it may change
in new build.
jabberd2 is now leaning strongly against OpenSSL. It is still
possible to use without, but not advisable.
Update to jabberd 2.3.4: This is a major feature release with a bit of bugfixes. With this release jabberd2 joins HTTP realm with WebSocket client connections handling built in C2S module! :-) Changes: * Rewrite TLS ephemeral key + cipher handling * Recover Berkeley DB before opening it * bcrypt support for PostgreSQL * Option to set authreg module per realm * AuthReg ANONYMOUS does not offer password check * Answer to disco#info queries to user JID * WebSocket C2S SX plugin Note: websockets are not available, as the required http-parser module is not (yet) in pkgsrc.
Add SHA512 digests for distfiles for chat category Problems found with existing distfiles: distfiles/icb-5.0.9.tar.gz distfiles/icb.2.1.4.tar.Z distfiles/zenicb-19981202.tar.gz No changes made to these /distinfo files. Otherwise, existing SHA1 digests verified and found to be the same on the machine holding the existing distfiles (morden). All existing SHA1 digests retained for now as an audit trail.
Update to 2.3.3. Update MASTER_SITES with new GITHUB variable. Upstream changes: - Support for RSA/DH/ECDH key agreement - bcrypt support for MySQL storage - C2S per session user data & authreg auth API extensions for custom authreg backends - Option to provide a custom the openssl library path
* 2.3.1 to 2.3.2 upgrade: What changed: - Removed unmaintained CyrusSASL backend - Option to add realm to username in ldapvcard module - systemd unit files
Update to jabberd 2.3.1 * 2.3.0 to 2.3.1 upgrade: What changed: - Marked "TLS-Everywhere" as EXPERIMENTAL feature - default EXPERIMENTAL to 'no' - default SUPERSEDED to 'no' - moved STANZA-ACK and MY-IP-ADDRESS XEPs and IQ-PRIVATE push out of experimental status * 2.2.17 to 2.3.0 upgrade: What changed: - Renamed non-standard UPGRADE file overwriting outdated NEWS file - Semantic Versioning: http://semver.org/ - TLS Everywhere: https://github.com/stpeter/manifesto - Required GSASL >=1.1 - jabberd should compile without warnings - out-of-source builds should work - pgsql: authreg password_type support - pgsql: schema support - ldapvcard: groupattr works even if no groupattr_regex defined - ldapfull: checks for ldap group membership on login - vCard: Assume tel phone is voice phone - MySQL: default password hashing algorithm changed to SHA512 - out-conn-reuse s2s.xml option naming unified - XML parse error will log buffer details - CRAM-MD5 auth support - router private key cachain and password support - hashed passwords support in SQLite3 storage
Remove the set_debug_log_from_config patch; it was merged incorrectly and now breaks the build.
Changes 2.2.17: * Fixed possibility of Unsolicited Dialback Attacks * Use XML_SetHashSalt with expat 2.1.x only * Fix s2s crash with witelist enabled
Fix build failure (set_debug_log_from_config)
Changes 2.2.16: * Implemented --enable-tests configure option * Fixed 'make dist' packaging * Fixed domain name in punycode resolution * Expand @package@ in etc/*.xml.dist.in * storage_ldapvcard compilation fixes * Implement debug logging into file * Fix invalid default router.xml (Unterminated XML comment tag) * Fixed libstorage_la_SOURCES * Implemented support for fake (PBX) sessions in SM * PBX integration priority setting support * Fix a crash that occurs when c2s connecting clients passed the defined connection limit * Log S2S retry timeout to main log * Do not log messages when not enabled or empty logfile configured
Changes 2.2.14: * Prevent the "billion laughs" attack against expat by disabling internal entity expansion. * Shortcut DNS resolution failure in cases when given domain name is invalid * Explicitly link libcrypt to authreg_mysql * Removed xconfig - it's not used anywhere
Changes 2.2.13: * Implemented XEP-0138: Stream Compression for S2S connections. * Merged LDAP authentication by bind support. * Merged SSL related memory leak fix by cmeerw. * Merged router_crash.patch by Eugene Agafonov.
Changes 2.2.12: Many stability fixes, memory leak fixes, and connection handling fixes.
Bumped PKGREVSION to 1;
Changed MAINTAINER to my netbsd.org address (from eric@cirr.com)
Renamed existing patches to follow new convention
patch-aa -> patch-Makefile
patch-af -> patch-configure
Added patches to cure segfaults found since 2.2.11's release
patch-router_router.c correct a segfault in the router
patch-s2s_out.c Resolver doesn't return IPv4 Address if
resolve_aaaa (IPv6) is enabled
patch-sm_sm.c fix segfault when debugging is turned on/up
* force linking against pthread, so some modules do not fail to dlopen() * sed, rather than patch, config files to meet pkgsrc needs
Changes 2.2.11: * Use length with route keys * closefd during main loop * ported router connection closing improvement from cwave * fix potential segfault in a call to xhash_putx() * enforce iq type * Fixed packet jabber:server -> jabber:client namespace mangling * Fixed attribute namespace handling in NAD parser * Fixed missing reference in log_error
Changes 2.2.10: * Special case to ignore the X509_V_ERR_UNABLE_TO_GET_CRL error when CRL is not present in chain. Merged patch by Michal Witkowski. * storage_ldapvcard rebind like auth_ldap for successful connection to MS Active Directory as LDAP storage. Merged patch by x0r. * Merged SASL External login for clients patch by Michal Witkowski. * Merged router-filter redirect option by Ugnich Anton. * Dropped support for PEP * Fix for crash on empty pkt->to
Rev.2 changes: * Unlimit file descr. to 1024 for c2s, as in c2s configuration file. * Allow -Os (instead of -O1) as a work-around 64-bit compiler bug. * Router patch.
bring jabberd2 up to 2.2.9. From the changelog:
What changed:
- Implemented component clustering
- Many virtual hosts in one SM process
- FreeBSD kqueue support
- Implemented PBX integration interface
- crypt() password support for LDAP backend
There is new <local/> section in sm.xml. You may use it to configure
domains serviced by the SM process. Old style domain name in <id/>
section still works for backward compatibility, but the <local/>
section overrides it. You need to give different <id/> names to
SM instances participating in clustering. Router needs a way to
differenciate these.
There is new <pbx/> section in c2s.xml configuration file. Please
see it if you want to use the PBX integration.
Packaging changes:
added PKG_OPTIONS_GROUP.mio to control the choice of I/O modules.
Defaulting to mio-select and mio-poll, which are known to work with
NetBSD > 4.0.
Update distinfo.
Update to 2.1.24.1. This is a bugfix release for compilation problems. Nothing new really to 2.1.24 release.
Update to 2.1.24. Added missing files to distribution Check for non configured c2s local.id Added tool to migrate from jabberd14 to jabberd2 SQLite. BBN.com contribution. Fix for authreg_pipe. Fixes #204 Updated bdb2mysql.rb to jabberd 2.1 DB schema Do not handle disco to nodes Fixed vCard get Fixed empty node check Restored reading [jabberd] group from my.cnf Unified way utf-8 is selected in MySQL backend Merged crypted passwords support for MySQL. Closes #184 and 197 Removed debug that might cause segfault. Fixes #196. Do not handle vCard request destined to full JIDs. Fixes #190 Added charset utf-8 to db-setup.mysql Fixes segfault that happend when there are multiple sessions and privacy list was changed. Fixes #188 Really fix gsasl ANONYMOUS login Webstatus presence resource enabled only when service enabled Added server component presence resources Added maxstanzasize debug message Include “util/inaddr.h” for socklen_t ss_family etc. Refs #191 Include <stdarg.h> if available. Refs #191 TYPE_SOCKLEN_T check. Refs #91 TYPE_SOCKLEN_T check. Refs #91 Include inttypes.h instead of stdlib.h as it is more universally available. Refs #191 Check for stdarg.h in configure. Remove AC_PROG_GCC_TRADITIONAL (obsolete). Remove AC_FUNC_MALLOC, AC_FUNC_REALLOC - if they find malloc(0) does not return a valid pointer malloc will be defined to rpl_malloc, and no rpl_malloc is available. See http://www.gnu.org/software/autoconf/manual/autoconf.html#Particular-Functions Seems easier to use AC_SEARCH_LIBS for inet_ntop etc. Move the broken __ss_family check so that it appears after the check for struct sockaddr_storage. Check for socklen_t Fix –enable-pgsql Fixed compatibility with VC++ and ANSI, variables must be declared at the beginning of the block. Check for Win32 OpenSSL and Visual C++ 2005 SP1 Redistributable Package (x86), and raise error if not found in the installer. Updated Makefile.am witn new README.protocol file Unified URI/URN definitions
Update to 2.1.23. Lots of changes and bugfixes since previous version, see http://jabberd2.xiaoka.com/wiki/Releases for a detailed description.
Replace more paths in two configuration files, reported by Mr. Martti Kuparinen.
Update to 2.1.14: 2.1.14 2007-08-14 * Integrated authreg_oracle by fundy. * Operands incompatibility fix for Sun compiler. * contrib/cyrus-sasl-digest-md5-fix added * Applied MIO memleak fix related to time_checks by Christof Meerwald. 2.1.13 2007-08-08 * Reverted broken [311] and [313] changes to source:trunk/mio/mio_impl.h * compilation fix * Fix configuration XML files domain update * Don't allow reinstalling on newer version * Fixed off-by-one error in base64 * Force uninstall previous version on upgrade. 2.1.12 2007-07-30 * Fixed many memleaks * Check if OpenSSL is already initialized in PostgreSQL backend. * Implemented PQconnectdb PostgreSQL connection method. * Applied pg_config using by configure patch by Michael Krelin. * Implemented auth/reg stream features advertisement. * Removed useless while/alloc loops * WiX notes for Windows README * WiX new "JabberWelcomeDlg?" * WiX fixed cases of reinstall & upgrade * nad_cache_new & nad_cache_free exported as JABBERD2_API functions. * Changed allocator BLOCKSIZE to 128 bytes 2.1.11 2007-07-27 * Changed SASL level error reporting to malformed-request error according to rfc3920bis. * Fixed ./configure tests reliability. * Changed DOS line endings to UNIX line endings. * Fixed XML predefined entities quoting in serialized XML. 2.1.10 2007-07-20 * Removed SASL backend fallbacks * Added roster items limit option. Closes #89 * Added count support in SQLite3 backend 2.1.9 2007-07-19 * Added jabber:x:oob redirection support during in-band registration * Logging JID on disconnection * Added counting packets on c2s and s2s connections * Added TLS indicator for c2s and s2s logs. * Added type='log' to ComponentProtocol <route/> wrapper for logged packets.
Update to 2.1.8: 2.1.8 2007-07-12 * Resurrected /scod from revision 189 * Changed SASL backend selection method. Incorporated SCOD selection option. * Keeping garbage out of LIBS variable. * Reporting dropped packet when starttls-required. * Fix for storage_db compilation error after util/ cleanup. 2.1.7 2007-07-04 * Full Win32 support o proper build under Windows o support for native Windows network I/O o runs as a service under Windows o native Windows auth modules: + ntlogon + sspi o Windows installer * Support for reloading c2s serviced hosts on SIGHUP * Proper dynamic module handling on non GCC platforms * Defaulting MySQL connection to UTF-8 * Removed support for ZeroK authentication * Fixed dynamic linker detection with libtool * XMPP compatibility fixes * Exported libsubst sysmbols dynamic for sm modules to use
Update to 2.1.6 (last stable version). A lot of changes were made since previous update, like SASL support, SQLite support, etc. Please see the following URL for a full list of changes: http://jabberd2.xiaoka.com/wiki/Releases
Update to 2.0s11: * Sending a stanza before a stanza during a SASL negotiation can cause a c2s segfault. Leading to a remote DoS.
Fixed pkglint warnings.
Update to 2.0s10 * fixed SASL anonymous * fixed edge cases with new dynamic jid code * fixed incorrect free order in c2s * corrected debug logging * fixed s2s bus error on 64-bit architectures * fixed c2s collisions due to long jids * fixed error response to iq result * fixed roster pushing packets without id * applied new dynamic jid patch * fixed double free of nad in c2s and s2s * major memory enhancement, made jid structure dynamically allocated * fixed glibc error with custom sql statements * fixed segfault with keepalives
Pullup ticket 653 - requested by Juan Romero Pardines
security update for jabberd2
Revisions pulled up:
- pkgsrc/chat/jabberd2/Makefile 1.22
- pkgsrc/chat/jabberd2/distinfo 1.7
Module Name: pkgsrc
Committed By: xtraeme
Date: Wed Aug 3 22:21:36 UTC 2005
Modified Files:
pkgsrc/chat/jabberd2: Makefile distinfo
Log Message:
Update to 2.0s9.
The jabberd project team is pleased to announce the release of jabberd
2.0s9. This is a security release. There is a buffer overflow that
could be used to perform a DoS attack and possible code execution. It
is *HIGHLY* recommended that you upgrade!
ChangeLog:
* fixed only one user is loaded correctly for each router acl
* fixed s2s segfault under particular connection timeout conditions
* fixed id is being case sensitive
* fixed Users cannot login after a long period of server inactivity
* fixed handling of stream errors
* fixed version attribute reply in stream
* fixed c2s glibc abort and mysql option flags
* fixed sx io mem leak
* fixed Incorrect SASL error message defined in sx/sasl.c
* fixed 3 buffer overflows in jid.c
* fixed second log-in in with similar resource breaks routing for first
login
Update to 2.0s9. The jabberd project team is pleased to announce the release of jabberd 2.0s9. This is a security release. There is a buffer overflow that could be used to perform a DoS attack and possible code execution. It is *HIGHLY* recommended that you upgrade! ChangeLog: * fixed only one user is loaded correctly for each router acl * fixed s2s segfault under particular connection timeout conditions * fixed id is being case sensitive * fixed Users cannot login after a long period of server inactivity * fixed handling of stream errors * fixed version attribute reply in stream * fixed c2s glibc abort and mysql option flags * fixed sx io mem leak * fixed Incorrect SASL error message defined in sx/sasl.c * fixed 3 buffer overflows in jid.c * fixed second log-in in with similar resource breaks routing for first login
Update to 2.0.8, lots of bugs were fixed. Looks like they stopped updating the Changelog file for changes (why??).
Update to 2.0s6. Changes: * Fix base64 encoding length in authreg_pipe.c Stephen Marquard, Diagnosed by Jerome Vandenabeele * Fixes segfault on s2s startup on some platforms when ssl is enabled (local pemfile defined in s2s.xml), Stephen Marquard * mod_offline handling of jabber:x:event client requests (JEP-0022) can lead to a loop repeatedly adding duplicates to the offline queue under certain race conditions. Correctly detect jabber:x:event notifications and do not respond to them as requests, Stephen Marquard * Check for invalid jids in directed presence packets, Stephen Marquard, Based on bug report by Christopher Zorn * Fixes minor memory leaks in authreg_ldap, Ilja Booij * Fixes error in storage filter code using bdb storage causing sm crash, Stephen Marquard * Changes incorrectly indexed primary keys to non-unique indexes, adds other indexes for efficiency, and changes type of xml field to increase max allowed length, Stephen Marquard * Include sys/types.h if available in util.h inter alia for FreeeBSD, Stephen Marquard * Minor code cleanups for compilation on HP-UX, Christof Meerwald * Fix configure.in for correct handling of resolv.h, Magnus Henoch * Include resquery checks from MAIN cvs branch in 2.0, Christof Meerwald * Allows jabberd to start new components and place itself in the background, Richard Bullington-McGuire (original ver), Additional components defined in jabberd.cfg get started as long as they are in the same directory as the jabberd script (useful for mu-conference installed through jcr) The script can daemonize itself with the "-b" switch after starting the various programs it watches over, unless the debug option is set. * Paranoia, ensure than srv->name is nul terminated., Jedi/Sector One And more, please see the Changelog file.
Update jabberd2 to jabberd-2.0s4nb1, by pulling in patches from
http://www.marquard.net/jabber/#recommended,
specifically patch 58 which fixes the remote exploit listed at:
http://www.securityfocus.com/archive/1/382250
Patches included:
28* patch-jedi8-sm-object_c
Remove incorrect semicolumn from os_object_free() in sm/object.c
29* patch-jedi-mysql-storage
Fixes to mysql storage for boundary conditions
30* patch-base64
Fix length-related issues in base64 decoding routines
31* patch-sm-storage_db
Fixes to storage_db.c to avoid roster corruption: "sm/storage_db
inserts items in the filter hash table with keys which are located
on the stack. This creates confusion when the code later tries to
compare with these keys."
32* patch-nad-escape
Fixes bug in _nad_escape() where escaping ]]> can cause a segfault
when handling large messages where nad_realloc is called.
38* patch-jedi-pgsql-storage
Fixes to pgsql storage for boundary conditions and incorrect buffer
length calculation
46* patch-memleaks
Fix minor memory leaks in digest-md5 authentication and nad_free()
47* patch-ns-fix
Fixes omission of namespace declaration where a namespace has
already been used in the XML stanza
48* patch-sm-nad-triplet
Fixes omission of prefix on attributes processed by nad_parse (e.g.
in queue storage)
49* patch-mod_disco_publish
Corrects check for deleting previously published disco items from
"delete" to "remove" (as per JEP-0030).
50* patch-sm-filter
Alters filter handling and adds mysql/pgsql escaping on filter
strings to allow brackets and apostrophes in resource names that
form part of JIDs stored as roster entries
58* patch-c2s-buffers
Fixes buffer overflow that can lead to segfault in c2s mysql and
pgsql auth modules - see report by icbm (www.venustech.com.cn)
Update chat/jabberd2 to 2.0s4. Changes: * Fixed race condition allowing c2s to be killed, Stephen Marquard * Fixed off-by-one bug in s2s/main.c leading to segfault on startup in some environmentsp * Fixed memory leak in sm, Michal Kera * Fixed problem relating to SSL connections not being closed correctly, Nathan Christiansen * Fixed 3 problems in mod_announce: (a) NAD freed before use, (b) struct tm not initialised correctly on some platforms, and (c) time not initialised for broadcast motd messages delivered to online users, Stephen Marquard * Fixed insertion of extra namespace in element in some types of messages retrieved from offline queue, which causes a parse error in the router, Matthew Buckett * Fixed off-by-one bug in PLAIN SASL authentication code. May also resolve a number of other bugs relating to c2s authentication, Robert Theisen * Fixed return value of jid_new() in pkt.c to avoid sm segfault from dereferencing NULL pointer, triggered by a message with a to JID of the form "@some.server@", Stephen Marquard * Avoided adding nads to the cache that are created through nad_copy(), Stephen Marquard * Fixed bug in retrieving hash values, Stephen Marquard * Improved performance of pool cleanup function, Stephen Marquard * Corrected handling of EMAIL, TEL and ADR/CTRY elements in vcards for JEP-0054 compliance, Stephen Marquard * Optimised sm algorithm for announcing presence to skip presence announcements and probes for users on the same server who are not online, Stephen Marquard * Checked that storage drivers are initialised correctly; if not, abort, Stephen Marquard * Fixed file descriptor leak in storage_fs * Allowed c2s to supply a certificate chain to clients, Iain MacDonnell
Update chat/jabberd2 to 2.0s3.
Changes:
2004-06-25 jabberd 2.0s3
* Fixed several memory leaks and overruns <karsten.petersen@hrz.tu-chemnitz.de>
* Fixed XMPP session replacement [rob]
* Added support for Win32 platforms <peter@cerebus.co.za> [rob]
* Added support for requiring SSL/TLS before auth <deryni@eden.rutgers.edu>
* Added support for LDAPv3 (including channel encryption) [rob]
* Added workaround to make large presence broadcasts more efficient [rob]
* Generate random dialback key if none provided [rob]
* Rewrote configure script (+ many code tweaks to support this) [rob]
* Remove build requirement for Libidn and OpenSSL [rob]
* Removed bundled Libidn due to licensing issues [rob]
* Bugfixes: 3059, 3174, 3343, 3368, 3480, 3481, 3594
Initial import of jabberd2 (2.0s2) from pkgsrc-wip. Jabber is an open XML protocol for real-time exchange of messages and presence notification between any two points on the Internet. The first application of Jabber technology is an asynchronous, extensible instant messaging platform, and an IM network that offers functionality similar to legacy IM systems such as AIM, ICQ, MSN, and Yahoo. This is a complete rewrite of the original jabberd.
Initial revision