2022-07-07 03:53:00 by Pierre Pronchery | Files touched by this commit (2) |
Log message:
prosody: fix the path to the PID file in the RC script
PROSODY_RUN is set to eg /var/run/prosody/prosody.pid instead of just
/var/run/prosody.pid, which is a good thing (tm) since prosody's user
needs the access rights to write to the corresponding directory.
Unfortunately, the directory is not automatically created nor the right
permissions set yet, but this is progress.
While there, appease pkglint(1).
Bumps PKGREVISION.
Tested on NetBSD/amd64.
XXX pull-up to pkgsrc-2022Q2 once the complete solution is in place
|
2022-05-08 23:24:12 by Pierre Pronchery | Files touched by this commit (10) | |
Log message:
prosody: update to 0.12.0
New in this release:
Modules
* mod_mimicking: Prevent address spoofing
* mod_s2s_bidi: Bi-directional server-to-server connections (XEP-0288)
* mod_external_services: Generic XEP-0215 support
* mod_turn_external: Easy setup of XEP-0215 for STUN/TURN for audio/video calls
* mod_http_file_share: File sharing via HTTP (XEP-0363)
* mod_http_openmetrics: Expose metrics to Prometheus and compatible monitoring \
systems
* mod_smacks: Stream management and resumption (XEP-0198)
* mod_auth_ldap: LDAP authentication
* mod_cron: One module to rule all the periodic tasks
* mod_admin_shell: New home of the Console admin interface
* mod_admin_socket: Enable secure connections to the Console
* mod_tombstones: Prevent re-registration of deleted accounts
* mod_invites: Create and manage invites
* mod_invites_register: Allow registering accounts using invites
* mod_invites_adhoc: Create invites via ad-hoc command
* mod_bookmarks: Synchronise open rooms between clients
Security and authentication
* Unencrypted HTTP port (5280) restricted to loopback by default
* require_encryption options default to true if unspecified
* Authentication module defaults to internal_hashed if unspecified
* SNI support (including automatic certificate selection)
* ALPN support in mod_net_multiplex
* DANE support in low-level network layer
* Direct TLS support (c2s and s2s)
* SCRAM-SHA-256
* Direct TLS (including https) certificates are now updated on reload
* Pluggable authorization providers (mod_authz_*)
* Easy use of Mozilla TLS recommendations presets
HTTP
* CORS handling now provided by mod_http
* Built-in HTTP server now handles HEAD requests
* Uploads can be handled incrementally
API
* Module statuses (API change)
* util.error for encapsulating errors
* Promise based API for sending queries
* API for adding periodic tasks
* More APIs supporting ES6 Promises
* Async can be used during shutdown
Other
* Plugin installer
* MUC presence broadcast controls
* MUC: support for XEP-0421 occupant identifiers
* prosodyctl check connectivity via observe.jabber.network
* STUN/TURN server tests in prosodyctl check
* libunbound for DNS queries
* The POSIX poll() API used by server_epoll on *nix other than Linux
Changed in this release
* Improved rules for mobile optimizations in mod_csi_simple
* Improved rules for what messages should be archived in mod_mam
* mod_limits: Support for exempt JIDs
* mod_server_contact_info now loaded on components if enabled
* Statistics now based on OpenMetrics
* Statistics scheduling can be done by plugin
* Offline messages aren't sent to MAM clients
* Archive quotas (maximum limit on items in an archive store)
* Rewritten migrator with archive support
* Improved automatic certificate locating and selecting
* Logging to syslog no longer missing startup messages
* Graceful shutdown sequence that closes ports first and waits for connections \
to close
Removed in this release
* daemonize option deprecated
* SASL DIGEST-MD5 removed
* mod_auth_cyrus (older LDAP support)
* Network backend server_select deprecated (not actually removed yet)
|
2022-05-06 06:02:11 by Pierre Pronchery | Files touched by this commit (2) | |
Log message:
prosody: update to 0.11.13
From the release notes:
This is a(nother!) release for our stable branch to fix a memory leak caused
by the security fix. Deployments using websockets, SQL storage and possibly
other configurations may have noticed increasing memory usage after upgrading
to 0.11.12. This is resolved by this new release.
Minor changes:
* util.xml: Break reference to help the GC (fixes #1711)
* util.xml: Deduplicate handlers for restricted XML
|
2022-01-13 15:25:12 by Thomas Klausner | Files touched by this commit (3) | |
Log message:
prosody: update to 0.11.12.
0.11.12
This is a security release that addresses a denial-of-service
vulnerability in Prosody’s mod_websocket.
0.11.11
This release contains some fixes to PEP to control memory usage,
along with a small batch of fixes for issues discovered since the
last release.
0.11.10
This release primarily fixes CVE-2021-37601, a remote information
disclosure vulnerability. See the previously released advisory for
details. We recommend that all deployments upgrade if they have
not yet applied the mitigation described in the advisory.
A handful fixes for issues discovered since 0.11.9 are also included.
0.11.9
This release addresses a number of important security issues that
affect most deployments of Prosody. Full details are available in
a separate security advisory. We recommend that all deployments
upgrade or apply the mitigations described in the advisory.
0.11.8
A new release appears! This time it includes bug fixes and performance
improvements!
0.11.7
This is a security release for the 0.11.x stable branch. It is
strongly recommended that all users upgrade to this release,
especially those whose deployments have enabled mod_websocket.
0.11.6
This release brings a collection of fixes and improvements added
since the 0.11.5 release improving security, performance, usability
and interoperability.
0.11.5
This release mostly adds command line flags to force foreground or
background operation, which replaces and deprecates the ‘daemonize’
option in the config file.
|
2021-10-26 12:05:29 by Nia Alarie | Files touched by this commit (146) |
Log message:
chat: Replace RMD160 checksums with BLAKE2s checksums
All checksums have been double-checked against existing RMD160 and
SHA512 hashes
|
2021-10-07 15:23:36 by Nia Alarie | Files touched by this commit (146) |
Log message:
chat: Remove SHA1 hashes for distfiles
|
2020-05-27 21:37:44 by Thomas Klausner | Files touched by this commit (60) |
Log message:
*: reset MAINTAINER for fhajny on his request
|
2020-03-09 20:37:20 by Pierre Pronchery | Files touched by this commit (6) |
Log message:
prosody: remove requirement for gmake to build
While there, install two modules which were missing in the patched
Makefile; bumps PKGREVISION.
No other changes intended.
|
2020-03-09 20:00:12 by Pierre Pronchery | Files touched by this commit (2) |
Log message:
prosody: fix the build with an alternative LOCALBASE
|
2020-01-30 11:08:14 by Thomas Klausner | Files touched by this commit (1) |
Log message:
prosody: remove patch that is not in distinfo
|