Commit Graph

10083 Commits

Author SHA1 Message Date
Alexey Shchepin 31cb4b06e4 Matrix gateway updates
- Partially rewritten state resolution
- Support for Hydra rooms
- Use double colon for separating a matrix server from a room ID in JID
  with Hydra rooms
- Partially rewritten mod_matrix_gw_s2s
- Add notary_servers option
2025-08-11 19:44:50 +03:00
Pawel Chmielowski 10f6723f00 Prevent loops in xml_compress:decode with corrupted data 2025-08-07 13:49:10 +02:00
Pawel Chmielowski f594620c68 Only offer upgrades to methods that aren't already stored 2025-08-05 11:06:17 +02:00
Pawel Chmielowski dacfad61d8 Fix format of passwords updates triggered by mod_scram_upgrade 2025-08-05 11:02:33 +02:00
badlop 7c1da7e0cf Merge pull request #4412 from marc0s/issue-4410
fix: unsubscribe users from members-only rooms when expelled
2025-08-01 12:38:37 +02:00
marc0s e709f99b47 fix: unsubscribe users from members-only rooms when expelled
Fixes #4410
2025-07-31 08:05:32 +02:00
Badlop 053fd26994 econf: If a host in configuration is encoded IDNA, decode it (#3519)
For example:

hosts:
  - localhost
  - locälhost3
  - xn--loclhost4-x2a

all them are converted to utf8:

ejabberd_option:hosts().
[<<"localhost">>,
 <<"locälhost3"/utf8>>,
 <<"locälhost4"/utf8>>]
2025-07-26 00:43:25 +02:00
Badlop bba1a1e3ca mod_http_upload: Encode URLs into IDNA when showing to XMPP client (#3519) 2025-07-25 19:54:28 +02:00
Badlop e5da1efea4 misc: Move uri_parse/1 to yconf and merge with yconf:parse_uri/1 2025-07-25 19:54:26 +02:00
Badlop fbfd41c16e misc: uri_decode/1 moved here from ejabberd_http and prosody2ejabberd 2025-07-25 19:54:25 +02:00
Badlop 4391921727 ejabberd_config: New predefined keyword HOST_URL_ENCODE 2025-07-25 19:54:23 +02:00
Badlop 4cd3c657e2 ejabberd_listener: Try to create provisional socket in final directory (#4422)
and if that path is too long, then try HOME directory,
if that's too long too, throw error explaining the problem.

By the way, cutting the base64 string to 107 is a bad idea,
as it encodes the final path, which would get lost and crash.
2025-07-25 11:15:37 +02:00
Badlop 7647b77225 Runtime: Raise the minimum Erlang tested to Erlang/OTP 24
The Erlang containers from versions 20-23 use Debian Buster,
and require the debian repositories to install some development libraries.
The Debian Buster repositories are no longer available,
which means that we can no longer perform any test with Erlang 20-23.
2025-07-25 11:15:34 +02:00
Pawel Chmielowski fe8710fe00 Rename auth_password_types_hidden_in_scram1 option to auth_password_types_hidden_in_sasl1
Also add migration code from old name
2025-07-25 09:39:21 +02:00
Pawel Chmielowski 1a9b147baf Report db failures in mod_muc_mnesia:restore_room 2025-07-23 20:27:19 +02:00
Pawel Chmielowski 6214e0385d Report db failures from mod_muc:restore_room 2025-07-23 19:59:32 +02:00
Badlop f7002c31f0 Fix some typos in previous commit (#4422) 2025-07-22 13:30:54 +02:00
Badlop 99b75396ad ejabberd_listener: Log error when cannot set definitive unix socket (#4422) 2025-07-22 10:48:17 +02:00
Badlop b1c3baa7bd Bump p1_acme to fix 'AttributePKCS-10' and OTP 28 (processone/p1_acme#4) 2025-07-22 10:47:38 +02:00
Badlop 355eb5dfde Improve documentation of toplevel options default_db and default_ram_db 2025-07-22 10:47:36 +02:00
Badlop d269e32c3a ejabberd_config: Improve warning message about unsupported ram_db type 2025-07-22 10:47:33 +02:00
Badlop 214b76f763 ejabberd_doc: Document commands tags for modules 2025-07-22 10:47:30 +02:00
Holger Weiss 73a8fbdfb5 make-binaries: Re-add executable bit 2025-07-21 13:42:07 +02:00
Holger Weiss 9b6f0aeb3c make-binaries: Disable Linux-PAM's logind support
Make sure Linux-PAM doesn't attempt to include logind support.  This
avoids a build failure in case the host system has systemd's
development headers installed.
2025-07-21 13:38:11 +02:00
Badlop 45a6aed57f mod_admin_extra: Run sm_kick_user event when kicking account (#4415)
This is important when running the ban_account command and mod_auth_fast
is enabled, as the client may store auth tokens that bypass
the banning stored in private storage and enforced by ejabberd_auth.
2025-07-16 18:09:14 +02:00
Badlop 9d17a160b6 mod_admin_extra: No need to change password in ban_account (#4415)
When ban details are stored in private storage,
ejabberd_auth reads them and prevents user login,
so there's no need to modify the account password.
2025-07-16 13:33:40 +02:00
Badlop 850d097660 ejabberd_auth: Handle case running check_password when account is banned 2025-07-16 13:33:36 +02:00
Badlop 8ce8f67c06 misc: Add workaround for Json library not able to handle empty list 2025-07-16 13:33:33 +02:00
Pawel Chmielowski a17c2c166d Fix issue with filtering duplicates in auth_mnesia:get_users()
Previous version was only correct when data to process
was sorted, which was not always the case.

This add common implementation of lists:uniq in misc that works
also on <R25, and switches get_users to use it.
2025-07-16 12:43:25 +02:00
Badlop a64aa9e280 Set version to 25.07
CI / Tests (25) (push) Failing after 0s
CI / Tests (26) (push) Failing after 0s
CI / Tests (27) (push) Failing after 1s
CI / Tests (28) (push) Failing after 0s
Container / Container (push) Failing after 46s
Installers / Binaries (push) Failing after 1m7s
Runtime / Rebars (20, rebar) (push) Failing after 5s
Runtime / Rebars (20, rebar3) (push) Failing after 5s
Runtime / Rebars (25, rebar) (push) Failing after 4s
Runtime / Rebars (25, rebar3) (push) Failing after 5s
Runtime / Rebars (26, rebar) (push) Failing after 5s
Runtime / Rebars (26, rebar3) (push) Failing after 5s
Runtime / Rebars (27, rebar3) (push) Failing after 4s
Runtime / Rebars (28, rebar3) (push) Failing after 13s
Runtime / Rebar3+Elixir (1.14) (push) Failing after 5s
Runtime / Rebar3+Elixir (1.15) (push) Failing after 5s
Runtime / Rebar3+Elixir (1.16) (push) Failing after 5s
Runtime / Rebar3+Elixir (1.17) (push) Failing after 5s
Runtime / Rebar3+Elixir (1.18) (push) Failing after 4s
Runtime / Mix (1.14) (push) Failing after 4s
Runtime / Mix (1.15) (push) Failing after 4s
Runtime / Mix (1.16) (push) Failing after 5s
Runtime / Mix (1.17) (push) Failing after 5s
Runtime / Mix (1.18) (push) Failing after 5s
Installers / Release (push) Has been skipped
25.07
2025-07-11 13:15:26 +02:00
Badlop 3834a47a39 CHANGELOG.md: Update to 25.07 2025-07-11 13:15:26 +02:00
Badlop 9f6ff515ff Fix documentation for commands implemented in modules with several behaviours 2025-07-11 13:10:08 +02:00
Pawel Chmielowski 64a210842e Use tagged dependencies 2025-07-11 12:55:25 +02:00
Badlop c0de52c967 Update man page to 25.07 2025-07-11 12:10:58 +02:00
Badlop 67c3df05b3 ext_mod: Add temporary workaround for zip including absolute path 2025-07-11 12:10:57 +02:00
Badlop 4a66616756 mod_antispam: Mention usage of CONFIG_PATH predefined keyword 2025-07-11 12:10:54 +02:00
Pawel Chmielowski e4d424bf56 Add auth_password_types_hidden_in_scram1 option
This option allows disabling some auth mechanisms
to be offered in SASL1 features. This makes adding
new password types easier, by ensuring that new
password use will be offered only to clients that
have new type stored (SASL2 clients that send us
user info before features need to be sent), but
not to clients where we don't know if they have
new passwords.
2025-07-10 16:52:13 +02:00
Badlop c0fc6091b1 Annotate ejabberd version of new modules, options, commands 2025-07-10 10:58:17 +02:00
Badlop ef35d19ff1 Update Ukrainian translation (thanks to Максим Горпиніч) 2025-07-10 10:58:15 +02:00
Badlop cfa787c4b6 Update Tamil translation (thanks to TamilNeram) 2025-07-10 10:58:14 +02:00
Badlop 611ebce0d2 Update Greek translation (thanks to GiannosOB) 2025-07-10 10:58:13 +02:00
Badlop 1e0b8cb547 Bump Erlang/OTP 27.3.4.1 for container image too 2025-07-10 10:58:10 +02:00
Pawel Chmielowski 99d323b1dd Update fast_tls with updated deps 2025-07-09 17:13:17 +02:00
Pawel Chmielowski 72bc9b6c7f Allow s2s connections to accept client certificates that have only server purpose
Due to Google Chrome certification requirements we can expect
that in near future there will be no certificate authority
that will issue certifcates that have both server and client auth
purposes.

This change makes s2s listeners ignore cert purposes, and should
allow servers that have those new certificate to use it, to
authenticate new s2s connections.

This fixes issue #4392
2025-07-09 14:16:02 +02:00
Pawel Chmielowski 4694a482f4 Update doap with info about xep-0486 2025-07-08 20:13:56 +02:00
Badlop 443f39bfdb Result of running "make format doap options" 2025-07-08 12:43:43 +02:00
Badlop b118dd8fc6 Update reference to XEP-0485 support 2025-07-08 12:43:43 +02:00
Badlop bf39da7b8b mod_pubsub_serverinfo: Rephrase documentation and improve markdown 2025-07-08 12:42:52 +02:00
Badlop ad3eee059e mod_antispam: Annotate ejabberd version of the new commands 2025-07-08 12:42:50 +02:00
Badlop e94ccabcf0 mod_antispam: Move commands to a new "spam" API tag 2025-07-08 12:42:48 +02:00