ejabberd 21.01
Six weeks after previous release, ejabberd 21.01 contains as usual several improvements and bugfixes. There are no changes required in the API, configuration or databases.
Fixed sqlite3 dependency version
erlang-sqlite3 versions got messed up, causing ejabberd build to regress to 1.1.6 from Jan 2018 when using rebar3 which fails to build with OTP23. Update to correctly tagged version 1.1.9, which also has matching hex.pm package, fixes this.
Integrate nicely with systemd
Support systemd’s watchdog feature and enable it by default in the unit file, so that ejabberd is auto-restarted if the VM becomes unresponsive. Also, set the systemd startup type to ‘notify’, so that startup of followup units is delayed until ejabberd signals readiness. While at it, also notify systemd of configuration reload and shutdown states.
Note: NotifyAccess=all
is required as long as ejabberdctl foreground
runs the VM as a new child process, rather than “exec”ing it. This way, systemd views the ejabberdctl process itself as the main service process, and would discard notifications from other processes by default.
New ejabberdctl foreground-quiet
This starts ejabberd without detaching the process, but setups console logging to display only critical messages.
STUN
The ‘stun’ application now rejects Teredo and 6to4 TURN peers unconditionally. Therefore, remove those networks from the default ‘turn_blacklist’.
Block loopback addresses by default:
Don’t accept loopback addresses as TURN peers by default. This makes sure the TURN service won’t allow remote clients to access local UDP services.
However, this will break the case where the turn_ipv4_address
was set to 127.0.0.1
as fallback and TURN worked “by accident” if both clients were using the same TURN service. The service then talked to itself on the loopback interface.
Translations
The gettext-formatted PO files are now located in a specific repository, ejabberd-po, and have been published with MIT license. This allows translators continue improving them, and be included in ejabberd packages without requiring the translators so sign a Contribution License Agreement.
Summary of changes:
Miscellaneous:
- log_rotate_size option: Fix handling of ‘infinity’ value
- mod_time: Fix invalid timezone
- Auth JWT: New check_decoded_jwt hook runs the default JWT verifier
- MUC: Allow non-occupant non-subscribed service admin send private MUC message
- MUC: New max_password and max_captcha_whitelist options
- OAth: New oauth_cache_rest_failure_life_time option
- PEP: Skip reading pep nodes that we know won’t be requested due to caps
- SQL: Add sql script to migrate mysql from old schema to new
- SQL: Don’t use REPLACE for upsert when there are “-” fields.
- Shared Rosters LDAP: Add multi-domain support (and flexibility)
- Sqlite3: Fix dependency version
- Stun: Block loopback addresses by default
- Several documentation fixes and clarifications
Commands:
- decide_room: Use better fallback value for room activity time when skipping room
- delete_old_message: Fix when using sqlite spool table
- module_install: Make ext_mod compile module with debug_info flags
- room_unused_*: Don’t fetch subscribers list
- send_message: Don’t include empty in messages
- set_room_affiliation: Validate affiliations
Running:
- Docker: New Dockerfile and devcontainer.json
- New ‘ejabberdctl foreground-quiet’
- Systemd: Allow for listening on privileged ports
- Systemd: Integrate nicely with systemd
Translations:
- Moved gettext PO files to a new ejabberd-po repository
- Improved several translations: Catalan, Chinese, German, Greek, Indonesian, Norwegian, Portuguese (Brazil), Spanish.
ejabberd 21.01 download & feedback
As usual, the release is tagged in the Git source code repository on Github.
The source package and binary installers are available at ejabberd XMPP & MQTT server download page.
We’ve discovered some issues with the Windows installer that we are still working on, so its publication is delayed.
If you suspect that you’ve found a bug, please search or fill a bug report on Github.