mod_privilege current drops any non-privileged IQ received from a component
with an error about it not being properly wrapped. While this might
represent a mistake on the part of the component, it means that well-
behaved components can no longer send non-privileged IQs (something they
normally can do if mod_privilege isn't enabled).
Since mod_privilege is intended to grant additional permissions, and not
remove existing ones, route non-privileged IQs received from the component
normally.
This also removes the special-case for roster-query IQ stanzas, since
those are also non-privileged and will be routed along with any other
non-privileged IQ packet. This mirrors the privileged-IQ/everything-else
structure of the XEP, which defined the handling of privileged IQ
stanzas and leaves all other IQ stanzas as defined in their own specs.
To make this clearer, the predicate function now returns distinct
results indicating privileged IQs, non-privileged IQs, and error
conditions, rather than treating non-privilege IQs as an error that gets
handled by routing the packet normally.
Clients publish invalid bookmark elements in practice (e.g., bookmarks
with an empty <nick/> element). The server admin can't address that
issue, so don't spam the log with warnings.
Enable some modules so ejabberd creates their SQL tables
and later those tables can be updated without errors by mod_admin_update_sql
when ci.yml calls "make test" to check update_sql.
However, mod_shared_roster should be stopped before running the actual tests,
as it introduces undesired IQ queries
On the other hand, a few SQL tables are global RAM, and cannot be created
in SQL just for a vhost that is not the first one defined.
This change improves sentences legibility.
In the Introduction page, use **strong** instead.
Notice backtick quotes are for raw code in markdown, for example:
- `ejabberd` container image
- `ejabberd` script generated by OTP Release
- `ejabberd` username in system, for example for MySQL or container host
Add mod_muc_occupantid to the list of modules enabled in the sample
configuration. It's not necessarily obvious that it's required for
using certain modern features in group chat, and there's no downside in
activating this module.
As per XEP-0215 (#3.3), the response to a credentials request must use
the <credentials/> element rather than <services/>.
Thanks to Thilo Molitor for spotting the issue.
