Now all timeout values can be expanded with suffixes, e.g.
```
negotiation_timeout: 30s
s2s_timeout: 10 minutes
cache_life_time: 1 hour
```
If the suffix is not given, the timeout is assumed in *seconds*
This reverts commit d3a9fbf62f.
rebar2 (which is still used) is not able to cope with this change
it should check lib/elixir/src/elixir.app.src instead of src/elixir.app.src
as src/elixir.app.src moved away, currently check fails and this breaks
jenkins tests.
options: use rebar3, or drop rebar completely to rely only on mix.
==== WARNING: MUST BE ADDED TO RELEASE NOTES =====
The commit introduces the following incompatibility:
- Option 'ca_path' is deprecated and has no effect anymore:
option 'ca_file' should be used instead if needed.
==================================================
XEP-0060 states that 'node' and 'jid' attributes to <options> element MUST NOT
be included when <options> are specified at same time as <subscribe> :
https://xmpp.org/extensions/xep-0060.html#subscriber-configure-subandconfig
mod_pubsub will require 'node' and 'jid' attributes on standalone pubsub
options requests, and reject subscribe requests that have options that include
either 'node' or 'jid'
Add 'include_sender' and 'include_body' options. If one or both of them
are set to 'true', a urn:xmpp:push:summary form with the enabled
field(s) is included in push notifications that are generated for
messages with a body.
The 'include_body' option can instead be set to a static text. In this
case, the specified text will be included in place of the actual message
body. This can be useful to signal the push service whether the
notification was triggered by a message with body (as opposed to other
types of traffic) without leaking actual message contents.
The option controls how many avatars a user can upload per minute.
The option takes positive integer values. The default is 10.
Note that the option only takes effect when an avatar is about
to convert to a different format, i.e. it implies that `convert`
option is configured.
Even if no suitable C graphics libraries are detected
at compile time, the package is still usable because it
provides `eimp:get_type/1` which is used by mod_avatar.
ejabberd receivers were meant to serve connections from frontends
to backends. However, this approach was not popular and frontend
related code was removed in previous releases. Now, ejabberd receiver's
code was also removed, making the code shorter and cleaner. Also, in
stress tests ejabberd now handles load more robustly, without
c2s processes overload (even with disabled shapers).
ejabberd_socket.erl is renamed to xmpp_socket.erl: it's supposed to
be finally moved into stand-alone xmpp library.
Now 'muc#roominfo_contactjid' and 'muc#roominfo_pubsub' fields
are returned within muc#roominfo form. Also, both 'muc#roominfo_pubsub'
and 'muc#roomconfig_pubsub' are now validated.
The option is supposed to replace existing options 'c2s_certfile',
's2s_certfile' and 'domain_certfile'. The option accepts a list
of file paths (optionally with wildcards "*") containing either
PEM certificates or PEM private keys. At startup, ejabberd sorts
the certificates, finds matching private keys and rebuilds full
certificates chains which can be used by fast_tls. Example:
certfiles:
- "/etc/letsencrypt/live/example.org/*.pem"
- "/etc/letsencrypt/live/example.com/*.pem"
Currently this is only supported for outgoing s2s connections.
For such connections ejabberd is now able to resolve SRV records
of type "_xmpps-server._tcp". Also, SNI and ALPN fields are set
during TLS handshake. No additional configuration is required.
The purpose of the module is to cope with legacy and modern
XMPP clients posting avatars. It automatically converts vCard based
avatars (XEP-0153) to PEP based avatars (XEP-0084) and vice versa.
Also, the module supports convertation between avatar image formats on
the fly: this is controlled by `convert` option. For example, to
convert all avatars into PNG format, configure the module as:
mod_avatar:
convert:
default: png
In order to convert only `webp` format to `jpeg`, set the following:
mod_avatar:
convert:
webp: jpeg
Note: the module depends on mod_vcard, mod_vcard_xupdate and mod_pubsub.
Also, ejabberd should be built with --enable-graphics option.
The commit introduces the following API incompatibilities:
In ejabberd_auth.erl:
* dirty_get_registered_users/0 is renamed to get_users/0
* get_vh_registered_users/1 is renamed to get_users/1
* get_vh_registered_users/2 is renamed to get_users/2
* get_vh_registered_users_number/1 is renamed to count_users/1
* get_vh_registered_users_number/2 is renamed to count_users/2
In ejabberd_auth callbacks
* plain_password_required/0 is replaced by plain_password_required/1
where the argument is a virtual host
* store_type/0 is replaced by store_type/1 where the argument is
a virtual host
* set_password/3 is now an optional callback
* remove_user/3 callback is no longer needed
* remove_user/2 now should return `ok | {error, atom()}`
* is_user_exists/2 now must only be implemented for backends
with `external` store type
* check_password/6 is no longer needed
* check_password/4 now must only be implemented for backends
with `external` store type
* try_register/3 is now an optional callback and should return
`ok | {error, atom()}`
* dirty_get_registered_users/0 is no longer needed
* get_vh_registered_users/1 is no longer needed
* get_vh_registered_users/2 is renamed to get_users/2
* get_vh_registered_users_number/1 is no longer needed
* get_vh_registered_users_number/2 is renamed to count_users/2
* get_password_s/2 is no longer needed
* get_password/2 now must only be implemented for backends with
`plain` or `scram` store type
Additionally, the commit introduces two new callbacks:
* use_cache/1 where the argument is a virtual host
* cache_nodes/1 where the argument is a virtual host
New options are also introduced: `auth_use_cache`, `auth_cache_missed`,
`auth_cache_life_time` and `auth_cache_size`.
It's now possible to use files as internal packet queues.
The following options are introduced:
* queue_type: the option can be set to `ram` (default) or `file`.
The option can be set per virtual host.
* queue_dir: path to the directory where queues will be allocated.
The default is 'queue' directory inside Mnesia directory.
This is a global option and cannot be set per virtual host.
It is now possible for client connections to login using PKIX certificates.
This is disabled by default, to enable it:
- either set 'tls_verify: true' and 'cafile: /path/to/CAfile'
in the corresponding listener's section
- or set equivalent per-vhost options 'c2s_tls_verify' and 'c2s_cafile'