Changes for version 0.85 - 2011-06-13
- Fix an XML entity injection attack allowing the attacker to read random files from the server. Reported by Wouter Coekaerts <email@example.com>. (Yann Kerherve <firstname.lastname@example.org>)
- Support intermediate SSL certificates. (Rajiv Aaron Manglani <email@example.com>)
- SASL support (Previously released, but not advertised here) (Yann Kerherve <firstname.lastname@example.org>)
- Implement proper support for XML namespace prefixes (Daniel Ruoso <email@example.com>)
- Meta: djabberd is now hosted on http://github.com/djabberd
- Meta: The core repository is now separated from plugins.
- Treat the node and domain parts of a JID as case-insensitive as per the XMPP spec. This creates a dependency on the CPAN module Unicode::Stringprep. A backward-compatibility setting is provided for servers that have existing non-normalized JIDs stored, since they are likely to be broken by this change until their stored data is normalized. Patch from Alex Vandiver <firstname.lastname@example.org>
- Some configuration file docs (Alex Vandiver <email@example.com>)
- Improve debugging information for S2S connections. (Alex Vandiver <firstname.lastname@example.org>)
- Remove the stream:features-in-dialback quirk hack, since it breaks interop with a few different implementations and is incorrect per spec. This may break interop with some other implementation, but we've been unable to determine which one, so I'm assuming that it's no longer an issue. (Alex Vandiver <email@example.com>)
- Small tweak to comment and logging in DJabberd::Connection::ServerOut (Alex Vandiver <firstname.lastname@example.org>)
- Don't treat hostnames that look like 192.168.0.1.domain.com as IP addresses. (Reported by Domrachev Ivan <email@example.com>).
- new hook chain called "SendFeatures" allows plugins to add xml to the stream:features stanza returned by the server
- new hook chain called "HandleStanza" allows plugins to register for and then handle what would otherwise be unsupported-stanza-type
- SSL memory leak fix (http://codereview.appspot.com/2326)
- hook chain callback logging fix merged from 'kane-hacking' branch
Changes for version 0.84_01 - 2009-07-31
- SARTAK caught a typo in BotContext.pm where a qr was used in a place that obviously should have been qq.
- "use bytes" in Connection.pm, which reportedl fixes UTF-8 corruption in rosters (Aleksey Luzin <firstname.lastname@example.org>)
- If an explicit configuration file location is given to djabberd, don't fall back on the built-in default locations. If the user wanted the defaults, he wouldn't have used the --conffile option.
- Allow the location of the log4perl configuration file to be set via a command-line argument to djabberd. (Jakob Burkhart <email@example.com>)
- Correct support for re-using an S2S connection for multiple source domains. (Adrian Ulrich <firstname.lastname@example.org>)
- Jacob Burkhart <email@example.com>: Fix memory leak when using SSL
- Michael Scherer <firstname.lastname@example.org>: more helpful error messages in logs after dialback failure (shows hosts in question)
- Piers Harding <email@example.com>: Fix bug where server wasn't including a "from" attribute in IQ responses.
- Multiple resources of the same local JID are now made aware of one another via presence stanzas as required by the spec.
- don't leak UDP sockets on DNS SRV lookup timeouts
- handle improper SSL disconnects without spinning CPU
- Updated DJabberd::Component::Example which uses the correct API. The previous example didn't actually work anymore.
- Add POD for DJabberd::Agent, DJabberd::Component and a bunch of other related modules.
- Make bots automatically accept roster subscription requests.
Configuration options in djabberd.conf
scalable, extensible Jabber/XMPP server.
Abstract base class representing a software agent that talks XMPP
Abstract class for an agent that handles a specific node
Abstract class representing a component in DJabberd
An example DJabberd service component
Interface to external plugins implementing JEP-0114
Specialization of DJabberd::Agent::Node that knows it belongs to a component
Delivery through a JEP-0114 component connection
Controlled delivery to other local VHosts
Base plugin for SASL Negotiation
SASL Negotiation using Authen::SASL
abstract base class for SASL connections
Dumb Plain SASL Auth plugin
Abstract base clase for the main SASL object.