ejabberd 16.01

This ‘happy new year’ release of ejabberd is the culmination of one year of major improvements. This is yet another milestone for ejabberd, being the starting point of a new phase of cleanup and optimisations for your favourite server.

This release contains security fix for possible server spoofing with brute force attack on the random number generation. Even if the issue is difficult to exploit, it is recommended to upgrade your server if you’re using server-to-server (s2s) connections.

It also includes:
– better groupchat archiving support with MAM
– improved PubSub performances and control
– more shaper capabilities for listeners
– performance optimisation and lower memory consumption of the core XML processing modules
– faster core routines

All our binary installers now provide each ejabberd dependency in its own directory, following installation scheme of standard ‘make install’ process.

Finally, as usual, we fixed bugs and improved many features across the whole server.

As you see with the following changelog, we had a very busy holiday season :)

Here is the full list of changes:

Changes

Security

  • Improve Dialback Key Generation and Validation support (XEP-0185)
  • More generally, improve random number generator to avoid timing / guessing attacks on any random value.

Database

  • Use BLOB instead of TEXT on mysql in stanza storage
  • Use UTF8MB4 character set in MySQL tables
  • Make Riak working on Erlang R18

MAM

  • Use stanza-id tags for deduplication
  • Advertise MAM in disco info for account/room JID
  • Improve MUC support
  • Don’t store resent messages
  • Do not forget to include xmlns in mam prefs response (#859)
  • Honor Message Processing Hints (XEP-0334)

MUC

  • Add support for muc#roomconfig_presencebroadcast option
  • Only filter rooms in Service Disco when more than 100 (EJAB-343)
  • List in Service Disco non-empty rooms and provide Node for empty (EJAB-343)
  • When user joins logged room, he must be warned (EJAB-726)

Pubsub

  • Fix pubsub virtual nodetree plugin
  • Use correct notification_type for last items (#827)
  • PubSub plugin for online users only
  • Disable use of multi-subscribe and subscription-option on standard plugins
  • Limit number of subscriptions per node and allow custom default node configuration
  • Don’t force max_items_node to MAXITEMS if not defined
  • Don’t read pubsub options when plugin does not use them

Elixir

  • Upgrade Elixir to v1.1.0

Admin

  • Add plugin for passing extra erl_opts flags to deps, and use it for hipe
  • Add –enable-latest-deps to configure
  • Remove “–enable-nif” flag
  • New send_stanza command
  • ejabberdctl: new –no-timout flag
  • ejabberdctl: Don’t let “reopen_log” rotate files (EJAB-1243)
  • ejabberdctl: Improve escaping of arguments passed to ejabberdctl
  • OpenSSL minimum required version: raised from 0.9.8 to 1.0.0

Config

  • New option accept_interval in ejabberd_listener
  • Webadmin console visual refresh (EJAB-1142)
  • If mod_register access_from is ‘none’, then don’t advertise IBR (#857)
  • Fix handling of some options in old style configs
  • Fix parsing option trusted_proxies
  • Fix ipv6 configuration processing (#803)
  • ejabberd_service: simplify configuration: no need for ‘hosts’, just provide ‘password’

Cleanup and optimisations

  • Faster string_to_jid/1 implementation
  • Move JID related functions from jlib.erl to jid.erl (#847)
  • Remove usage of erlang’s now()
  • Update dependency name from p1_cache_tab to cache_tab
  • Use crypto:rand_uniform instead of random:uniform
  • Fix randoms.erl on R17 that don’t have random:seed(integer())
  • Faster and more memory efficient XML parsing.
  • Faster stringprep library.

Other changes

  • ejabberd_http: Cope with large POST/PUT requests
  • ejabberd_http: Log debug message on receive errors
  • mod_offline: Discard chat states notifications
  • mod_offline: Honor store hint
  • mod_http_upload: various fixes
  • XEP-0198: Fix stanza counting corner case issue
  • Adding WEBIRC, custom realname & ident, ISO-8859-15 (thanks to iwalkalone69)(#877)
  • Update hebrew translation

Feedback

As usual, the release is tagged in the Git source code repository on Github.

The source package and binary installers are available at ProcessOne.

If you suspect that you’ve found a bug, please search or fill a bug report on Github.


Let us know what you think 💬


15 thoughts on “ejabberd 16.01

  1. can you tell more about: – better groupchat archiving support with MAM it’s possibile to make a persistent group whatsapp like with this feature? and how con we configure it?

  2. Looks great – particularly MUC MAM. Upgrading from 15.01 our existing MAM implementation broke – are there any upgrade notes that point to any breaking changes. I will start to look at whether database structure has changed and things like that, but any pointers would be very useful. Thanks..

    • To answer my own question – but might be useful for someone else- there is a small database change from 15 -> 16. Run following SQL then it works..
      ALTER table archive add nick text;
      ALTER table archive add kind text;

    • To answer my own question – but might be useful for someone else- there is a small database change from 15 -> 16. Run following SQL then it works..
      ALTER table archive add nick text;
      ALTER table archive add kind text;

  3. Hi Mr. Mickael, i recently downloaded ejabberd deb package for ubuntu OS. Installation was successful but when i try ejabberdctl, no command found install it from “apt-get install ejabberd”. could you please share installation guide for ubuntu OS. I’ve been trying for 3 days for now but no result.

Leave a Reply to Richard Phillips Cancel Reply


This site uses Akismet to reduce spam. Learn how your comment data is processed.