Maintenance work on Tuesday, June 2

On Tuesday, June 2 between 8:00 am and 9:00 am (CEST) we will be performing maintenance work in our production environment.

During this window, the ‘thiessen.it’ domains won’t be available.

Update: The service is back up and running. From now on the ‘thiessen.it’ domains also listen on port 80 and 443. Please notify us if you encounter any problems.

‘thiessen.org’ running Prosody!

We added another domain (thiessen.org) to the list of URLs that we host an XMPP service at. Generally this is nothing special, it ‘just’ enables users to choose from a wider range of available domain names.

What makes this particular domain special is the server software running behind it! It’s called Prosody.

Prosody is an exciting new server for Jabber/XMPP written in Lua. It aims to be easy to use, and light on resources. For developers it aims to give a flexible system on which to rapidly develop added functionality, or prototype new protocols. Prosody is licensed under the permissive MIT/X11 license.

Prosody version 0.4.2 has just been released, make sure to give it a try if you are a system operator.

It is planned to migrate all our domains to Prosody in the future, most likely once Prosody has support for clustering.
We encourage you to create an account and try it out for yourself, any problems should be reported at support@conference.thiessen.im.

Special thanks goes to Matthew Wild, one of the Prosody developers and member of the jabber.org team. Matthew helped us setting up the service and continues to help running it.

How to enable XMPP notifications in phpBB3?

… I’ve been asked today. phpBB is a popular Internet forum package written in the PHP scripting language. The name “phpBB” is an abbreviation of PHP Bulletin Board. Available under the GNU General Public License, phpBB is free software.

And the really nice thing is, it lets you notify your users via XMPP/Jabber about anything it does via mail by default. I assume your board is set up already and that you have administrative privileges.

Step 1: Create a Jabber account using a regular client. I assume you created ‘myforum@thiessen.im’ in this HowTo.
Step 2: Open your forums admin panel, go to the ‘General’ Tab, choose ‘Jabber settings’ under ‘Client Communication’.
Step 3: ‘Enable’ Jabber, put ‘de1.xmpp.thiessen.org’ into the server field and enter your credentials you created in step 1. (e.g. myforum@thiessen.im and your password)
Step 4: Apply the changes by clicking ‘Submit’.

Your board is now ready to send notifications about new threads / posts / PMs via XMPP/Jabber.

Unavailability

Our hoster just informed us of problems within their network. They are working on it and are expecting it to be working again by the end of the day.

We are deeply sorry for the inconvenience.

Update 1: Thursday, April 16th will be known as the day of bad luck. While the network was working pretty fast again (thanks for that) our HDD died. We are in the process of restoring the data. Please be aware that restarts may occure until restoration is completed.

Update 2: Transports for im.thiessen.it are up and running again. You may need to re-register your transport account. Your contacts etc. are of course still there.

Notice: You may want to check support@conference.thiessen.org if you need personal assistance, if no operator is around, just leave a comment.

Update 3: Fixed a bug where under certain circumstances S2S connections couldn’t be established.

ejabberd update (2.0.4 -> 2.0.5)

Today we updated ejabberd to version 2.0.5 which has been released on april, 3rd. We didn’t encounter any problems during the process.

The main changes are:

  • Fix two problems introduced in ejabberd 2.0.4: subscription request produced many authorization requests with some clients and transports; and subscription requests were not stored for later delivery when receiver was offline.
  • Fix warning in expat_erl.c about implicit declaration of x_fix_buff
  • HTTP-Bind (BOSH): Fix a missing stream:error in the returned remote-stream-error stanza

ejabberd update (2.0.3 -> 2.0.4)

Today we updated ejabberd to version 2.0.4 which has been released on march, 12th. We didn’t encounter any problems during the process.

The main changes are:

  • Ensure ID attribute in roster push is unique
  • Authentication: Fix Anonymous auth when enabled with broken ODBC
  • Authentication: Unquote correctly backslash in DIGEST-MD5 SASL responses
  • Authentication: Cancel presence subscriptions on account deletion
  • LDAP: Close a connection on tcp_error
  • LDAP: Implemented queue for pending queries
  • LDAP: On failure of LDAP connection, waiting is done on pending queue
  • MUC: Owner of a password protected room must also provide the password
  • MUC: Prevent XSS in MUC logs by linkifying only a few known protocols
  • Privacy rules: Items are now processed in the specified order
  • Privacy rules: Fix to correctly block subscription requests
  • Proxy65: If ip option is not defined, take an IP address of a local hostname
  • PubSub: Add roster subscription handling; send PEP events to all resources
  • PubSub: Allow node creation without configure item
  • PubSub: Requesting items on a node which exists, but empty returns an error
  • PEP: Fix sending notifications to other domains and s2s
  • S2S: Fix problem with encrypted connection to Gtalk and recent Openfire
  • S2S: Workaround to get DNS SRV lookup to work on Windows machine
  • Shared Roster Groups: Fix to not resend authorization request
  • WebAdmin: Fix encryption problem for ejabberd_http after timeout

Certificate revoked

Yesterday our certificate signed by the XMPP Intermediate Certification Authority was revoked.
Supposingly it was ‘misused’ as a https certificate in order to secure the ejabberd administrationpanel as well as web-access to several MUCs. StartCom told us that wildcard-certificates issued by the XMPP ICA are not ment for (public) https usage.

This information is contrary to what is published in the Certificate Issuance HOWTO, which is based on the StartCom policy in this regard.

For the domain, provide the DNS hostname of the XMPP server. For example, if your organization is called “example.com” but your XMPP server is hosted at “im.example.com”, type “im” in the first box at the StartCom interface, type “example” in the second box, and select “com” from the dropdown list at the end of the “Domain: xmpp:” line. You can also request a wildcard certificate such as *.example.com (type “*” in the first box, type “example” in the second box, and select “com” from the dropdown list). A wildcard domain enables you to use the same certificate for multiple components (e.g., “groupchat.example.com” as well as “im.example.com”). You can even use a wildcard certificate for a domain such as “www.example.com”. NOTE: if your top-level domain is not available in the dropdown list, please send email to <mailto:certmaster@xmpp.org>.

This morning we applied for new certificates and are awaiting approval. We are sorry for the inconvenience and will update you once the certificates have been exchanged.

Update: The certificates have been exchanged successfully. Have a nice stay!

PyMSNt fix & update

Yesterday the PyMSNt transport stopped working. Upon a try to connect to the MSN servers, a user got to see the following:

Failed to connect to MSN servers:
[Failure instance: Traceback (failure with no frames): exceptions.Exception: Timeout]

We fixed that by editing one line in src/legacy/msn/msn.py.

Look for: MSN_PROTOCOL_VERSION = “MSNP11 CVR0″
and change it to: MSN_PROTOCOL_VERSION = “MSNP11”

Furthermore we removed the max. filesize one can transfer using the MSN transport.

Thanks to harrykar for reporting the issue!

ejabberd update (2.0.2 -> 2.0.3)

Today we updated ejabberd to version 2.0.3 which has been released on january, 15th. We didn’t encounter any problems during the process.

The main changes are:

* Do not ask certificate for client (c2s)
* Check digest-uri in SASL digest authentication
* Use send timeout to avoid locking on gen_tcp:send
* Fix ejabberd reconnection to database
* HTTP-Bind: handle wrong order of packets
* MUC: Improve traffic regulation management
* PubSub: Several bugfixes and improvements for best coverage of XEP-0060 v1.12
* Shared Roster Groups: push immediately membership changes
* Rotate also sasl.log on “reopen-log” command
* Binary Windows installer: better detect “Error running Post Install Script”

Let us know if you find any problems.