From ce668bef1471ea381b903b1b86f2d07228965e40 Mon Sep 17 00:00:00 2001 From: Badlop Date: Thu, 21 Aug 2025 17:37:26 +0200 Subject: [PATCH 1/4] Container: Apply some improvements from ejabberd source code Applied: - ejabberd.yml.example: Use HOST_URL_ENCODE to handle case when vhost is non-latin1 - ejabberdctl: Improve explanation how to stop ejabberd in live mode - ejabberdctl: New "mnesia_change" command, a frontend to mnesia_change_nodename --- .github/container/ejabberd.yml.example | 2 +- .github/container/ejabberdctl.template | 128 +++++++++++++++++++++++-- 2 files changed, 123 insertions(+), 7 deletions(-) diff --git a/.github/container/ejabberd.yml.example b/.github/container/ejabberd.yml.example index 62dff50c9..2f63a2b64 100644 --- a/.github/container/ejabberd.yml.example +++ b/.github/container/ejabberd.yml.example @@ -206,7 +206,7 @@ modules: mod_fail2ban: {} mod_http_api: {} mod_http_upload: - put_url: https://@HOST@:5443/upload + put_url: https://@HOST_URL_ENCODE@:5443/upload custom_headers: "Access-Control-Allow-Origin": "https://@HOST@" "Access-Control-Allow-Methods": "GET,HEAD,PUT,OPTIONS" diff --git a/.github/container/ejabberdctl.template b/.github/container/ejabberdctl.template index 228f8707c..b1f1d2179 100755 --- a/.github/container/ejabberdctl.template +++ b/.github/container/ejabberdctl.template @@ -195,7 +195,9 @@ livewarning() echo "Please be extremely cautious with your actions," echo "and exit immediately if you are not completely sure." echo "" - echo "To exit and detach this shell from ejabberd, press:" + echo "To stop ejabberd gracefully:" + echo " ejabberd:stop()." + echo "To quit erlang immediately, press:" echo " control+g and then q" echo "" echo "--------------------------------------------------------------------" @@ -363,6 +365,13 @@ post_waiter_loop() # allow sync calls wait_status() { + wait_status_node "$ERLANG_NODE" $1 $2 $3 +} + +wait_status_node() +{ + CONNECT_NODE=$1 + shift # args: status try delay # return: 0 OK, 1 KO timeout="$2" @@ -374,9 +383,9 @@ wait_status() status="$1" else run_erl "$(uid ctl)" -hidden -noinput \ - -eval 'net_kernel:connect_node('"'$ERLANG_NODE'"')' \ + -eval 'net_kernel:connect_node('"'$CONNECT_NODE'"')' \ -s ejabberd_ctl \ - -extra "$ERLANG_NODE" $NO_TIMEOUT status > /dev/null + -extra "$CONNECT_NODE" $NO_TIMEOUT status > /dev/null status="$?" fi done @@ -385,19 +394,26 @@ wait_status() exec_other_command() { + exec_other_command_node $ERLANG_NODE "$@" +} + +exec_other_command_node() +{ + CONNECT_NODE=$1 + shift if [ -z "$CTL_OVER_HTTP" ] || [ ! -S "$CTL_OVER_HTTP" ] \ || [ ! -x "$(command -v curl)" ] || [ -z "$1" ] || [ "$1" = "help" ] \ || [ "$1" = "mnesia_info_ctl" ]|| [ "$1" = "print_sql_schema" ] ; then run_erl "$(uid ctl)" -hidden -noinput \ - -eval 'net_kernel:connect_node('"'$ERLANG_NODE'"')' \ + -eval 'net_kernel:connect_node('"'$CONNECT_NODE'"')' \ -s ejabberd_ctl \ - -extra "$ERLANG_NODE" $NO_TIMEOUT "$@" + -extra "$CONNECT_NODE" $NO_TIMEOUT "$@" result=$? case $result in 3) help;; *) :;; esac - exit $result + return $result else exec_ctl_over_http_socket "$@" fi @@ -439,6 +455,103 @@ cd "$SPOOL_DIR" || { exit 6 } +printe() +{ + printf "\n" + printf "\e[1;40;32m==> %s\e[0m\n" "$1" +} + +## Function copied from tools/make-installers +user_agrees() +{ + question="$*" + + if [ -t 0 ] + then + printe "$question (y/n) [n]" + read -r response + case "$response" in + [Yy]|[Yy][Ee][Ss]) + return 0 + ;; + [Nn]|[Nn][Oo]|'') + return 1 + ;; + *) + echo 'Please respond with "yes" or "no".' + user_agrees "$question" + ;; + esac + else # Assume 'yes' if not running interactively. + return 0 + fi +} + +mnesia_change() +{ + ERLANG_NODE_OLD="$1" + [ "$ERLANG_NODE_OLD" = "" ] \ + && echo "Error: Please provide the old erlang node name, for example:" \ + && echo " ejabberdctl mnesia_change ejabberd@oldmachine" \ + && exit 1 + + SPOOL_DIR_BACKUP=$SPOOL_DIR/$ERLANG_NODE_OLD-backup/ + OLDFILE=$SPOOL_DIR_BACKUP/$ERLANG_NODE_OLD.backup + NEWFILE=$SPOOL_DIR_BACKUP/$ERLANG_NODE.backup + + printe "This changes your mnesia database from node name '$ERLANG_NODE_OLD' to '$ERLANG_NODE'" + + [ -d "$SPOOL_DIR_BACKUP" ] && printe "WARNING! A backup of old node already exists in $SPOOL_DIR_BACKUP" + + if ! user_agrees "Do you want to proceed?" + then + echo 'Operation aborted.' + exit 1 + fi + + printe "Starting ejabberd with old node name $ERLANG_NODE_OLD ..." + exec_erl "$ERLANG_NODE_OLD" $EJABBERD_OPTS -detached + wait_status_node $ERLANG_NODE_OLD 0 30 2 + result=$? + case $result in + 1) echo "There was a problem starting ejabberd with the old erlang node name. " \ + && echo "Check for log errors in $EJABBERD_LOG_PATH" \ + && exit $result;; + *) :;; + esac + exec_other_command_node $ERLANG_NODE_OLD "status" + + printe "Making backup of old database to file $OLDFILE ..." + mkdir $SPOOL_DIR_BACKUP + exec_other_command_node $ERLANG_NODE_OLD backup "$OLDFILE" + + printe "Changing node name in new backup file $NEWFILE ..." + exec_other_command_node $ERLANG_NODE_OLD mnesia_change_nodename "$ERLANG_NODE_OLD" "$ERLANG_NODE" "$OLDFILE" "$NEWFILE" + + printe "Stopping old ejabberd..." + exec_other_command_node $ERLANG_NODE_OLD "stop" + wait_status_node $ERLANG_NODE_OLD 3 30 2 && stop_epmd + + printe "Moving old mnesia spool files to backup subdirectory $SPOOL_DIR_BACKUP ..." + mv $SPOOL_DIR/*.DAT $SPOOL_DIR_BACKUP + mv $SPOOL_DIR/*.DCD $SPOOL_DIR_BACKUP + mv $SPOOL_DIR/*.LOG $SPOOL_DIR_BACKUP + + printe "Starting ejabberd with new node name $ERLANG_NODE ..." + exec_erl "$ERLANG_NODE" $EJABBERD_OPTS -detached + wait_status 0 30 2 + exec_other_command "status" + + printe "Installing fallback of new mnesia..." + exec_other_command install_fallback "$NEWFILE" + + printe "Stopping new ejabberd..." + exec_other_command "stop" + wait_status 3 30 2 && stop_epmd + + printe "Finished, now you can start ejabberd normally" +} + # main case $1 in start) @@ -501,6 +614,9 @@ case $1 in set_dist_client wait_status 3 30 2 && stop_epmd # wait 30x2s before timeout ;; + mnesia_change) + mnesia_change $2 + ;; post_waiter) post_waiter_waiting ;; From cae7850a7076a7c74ad4e38a03a85760a591ff8e Mon Sep 17 00:00:00 2001 From: Badlop Date: Fri, 22 Aug 2025 10:50:40 +0200 Subject: [PATCH 2/4] CHANGELOG.md: Update to 25.08 --- CHANGELOG.md | 52 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 36721ea39..cadfc1c74 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,55 @@ +## Version 25.08 + +#### API Commands + +- `ban_account`: Run `sm_kick_user` event when kicking account ([#4415](https://github.com/processone/ejabberd/issues/4415)) +- `ban_account`: No need to change password ([#4415](https://github.com/processone/ejabberd/issues/4415)) +- `mnesia_change`: New command in `ejabberdctl` script that helps changing the mnesia node name + +#### Configuration + +- Rename `auth_password_types_hidden_in_scram1` option to `auth_password_types_hidden_in_sasl1` +- `econf`: If a host in configuration is encoded IDNA, decode it ([#3519](https://github.com/processone/ejabberd/issues/3519)) +- `ejabberd_config`: New predefined keyword `HOST_URL_ENCODE` +- `ejabberd.yml.example`: Use `HOST_URL_ENCODE` to handle case when vhost is non-latin1 +- `mod_conversejs`: Add option `conversejs_plugins` ([#4413](https://github.com/processone/ejabberd/issues/4413)) +- `mod_matrix_gw`: Add `leave_timeout` option ([#4386](https://github.com/processone/ejabberd/issues/4386)) + +#### Documentation and Tests + +- `COMPILE.md`: Mention dependencies and add link to Docs ([#4431](https://github.com/processone/ejabberd/issues/4431)) +- `ejabberd_doc`: Document commands tags for modules +- CI: bump XMPP-Interop-Testing/xmpp-interop-tests-action ([#4425](https://github.com/processone/ejabberd/issues/4425)) +- Runtime: Raise the minimum Erlang tested to Erlang/OTP 24 + +#### Installers and Container + +- Bump Erlang/OTP version to 27.3.4.2 +- Bump OpenSSL version to 3.5.2 +- `make-binaries`: Disable Linux-PAM's `logind` support + +#### Core and Modules + +- Bump `p1_acme` to fix `'AttributePKCS-10'` and OTP 28 ([processone/p1_acme#4](https://github.com/processone/p1_acme/issues/4)) +- Prevent loops in `xml_compress:decode` with corrupted data +- `ejabberd_auth_mnesia`: Fix issue with filtering duplicates in `get_users()` +- `ejabberd_listener`: Add secret in temporary unix domain socket path ([#4422](https://github.com/processone/ejabberd/issues/4422)) +- `ejabberd_listener`: Log error when cannot set definitive unix socket ([#4422](https://github.com/processone/ejabberd/issues/4422)) +- `ejabberd_listener`: Try to create provisional socket in final directory ([#4422](https://github.com/processone/ejabberd/issues/4422)) +- `ejabberd_logger`: Print log lines colorized in console when using rebar3 +- `mod_conversejs`: Ensure assets_path ends in `/` as required by Converse ([#4414](https://github.com/processone/ejabberd/issues/4414)) +- `mod_conversejs`: Ensure plugins URL is separated with `/` ([#4413](https://github.com/processone/ejabberd/issues/4413)) +- `mod_http_upload`: Encode URLs into IDNA when showing to XMPP client ([#3519](https://github.com/processone/ejabberd/issues/3519)) +- `mod_matrix_gw`: Add support for null values in `is_canonical_json` ([#4421](https://github.com/processone/ejabberd/issues/4421)) +- `mod_matrix_gw`: Don't send empty direct Matrix messages ([#4420](https://github.com/processone/ejabberd/issues/4420)) +- `mod_matrix_gw`: Matrix gateway updates +- `mod_muc`: Report db failures when restoring rooms +- `mod_muc`: Unsubscribe users from members-only rooms when expelled ([#4412](https://github.com/processone/ejabberd/issues/4412)) +- `mod_providers`: New module to serve easily XMPP Providers files +- `mod_register`: Don't duplicate welcome subject and message +- `mod_scram_upgrade`: Fix format of passwords updates +- `mod_scram_upgrade`: Only offer upgrades to methods that aren't already stored + ## Version 25.07 #### Security fix From 00c75c3dc93c9800008fcfc2c35ad2247014231f Mon Sep 17 00:00:00 2001 From: Badlop Date: Fri, 22 Aug 2025 11:15:33 +0200 Subject: [PATCH 3/4] Set version to 25.08 --- configure.ac | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configure.ac b/configure.ac index d31d254fc..b91595dc5 100644 --- a/configure.ac +++ b/configure.ac @@ -2,7 +2,7 @@ # Process this file with autoconf to produce a configure script. AC_PREREQ(2.59) -AC_INIT(ejabberd, m4_esyscmd([echo `git describe --tags 2>/dev/null || echo 25.07` | sed 's/-g.*//;s/-/./' | tr -d '\012']), [ejabberd@process-one.net], [ejabberd]) +AC_INIT(ejabberd, m4_esyscmd([echo `git describe --tags 2>/dev/null || echo 25.08` | sed 's/-g.*//;s/-/./' | tr -d '\012']), [ejabberd@process-one.net], [ejabberd]) AC_ARG_WITH(min-erlang, AS_HELP_STRING([--with-min-erlang=version],[set minimal required erlang version, default to OTP25]), From 3a36a722c50fd99d3d56ad44b995b32d8d424061 Mon Sep 17 00:00:00 2001 From: Alexey Shchepin Date: Fri, 22 Aug 2025 14:44:48 +0300 Subject: [PATCH 4/4] Fix a bug in mod_matrix_gw_room:check_event_power_level/3 --- src/mod_matrix_gw_room.erl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/mod_matrix_gw_room.erl b/src/mod_matrix_gw_room.erl index 4928c7582..65babf7e5 100644 --- a/src/mod_matrix_gw_room.erl +++ b/src/mod_matrix_gw_room.erl @@ -1659,7 +1659,7 @@ check_event_power_level(Event, StateMap, Data) -> get_event_power_level(Type, StateKey, PL) -> case {StateKey, PL} of - {_, #{Type := Level}} -> + {_, #{<<"events">> := #{Type := Level}}} -> get_int(Level); {undefined, #{<<"events_default">> := Level}} -> get_int(Level);