Planet Jabber

Distribuir contenido
Planet Jabber - http://planet.jabber.org/
Actualizado: hace 4 horas 3 mins

Jérôme Poisson: XMPP based tickets and merge requests with SàT

30 December, 2017 - 17:01

Lot of work has been done in the past months, letting little time to talk about the novelties. Let's have a look at the most recent one.

For Salut à Toi development, we don't want to use proprietary or centralized software and we use Mercurial, so we have been reluctant to use current popular platforms. With the recent improvments of our SàT pubsub component (see https://blog.agayon.be/sat_pubsub.html), and of Libervia, our web frontend, it became clear that our old idea of using XMPP and SàT to handle tickets became close at hand, so we did it.

SàT is now able to handle tickets on top of XMPP, using Pubsub. There are many advantages

  • it's decentralized and federated, no need to have X accounts to use X tickets handlers. You can also import tickets from third party projects (e.g. plugins for your project) into your website.
  • it's standard: we can handle or fetch tickets in third party servers easily, without proprietary API.
  • it's very flexible: any field can be used, and the mechanism can be used for any list (bug tracker, TODO list, shopping list, etc.)
  • being based on SàT, it's usable on any platform
  • it can be used with gateways, allowing to use transparently tickets from other services (think about Gitlab or Github for instance)

The working is based on pubsub with an experimental addition: node schema which allows to specify a form (using data forms) which will be enforced on each item. This way tickets published by third party clients can be checked and validated. Pubsub offers permission mechanisms allowing to have public or private collections of tickets (nodes in pubsub terms). Comments are using the microblog (which really should have been called blog) feature of XMPP.

But that's not all! On top of that an other feature has been implemented: merge requests. The idea is to have a way to propose contributions in a agnostic way, meaning this can be used with Mercurial, Git, or potentially any tool. Once again we enjoy decentralisation here, and we can have contributions between people on different servers.

Below is a small video showing an example of merge request. We use jp (SàT's CLI frontend) to send a modification to a server. By default, the backend will try all registered merge requests handlers until it find one which can manage the given repository. There is a small wrapper around the command to do basic operations (notabily creating the data to export), the data and metadata are then formatted and send to the pubsub node. For now, only Mercurial is implemented, but git will definitely follow, and maybe a simple diff based handler for basic cases.

Your browser can't manage the "video" tag, you should update it, e.g. with the last Firefox >

Note : if you want to do a merge request for Salut à Toi on https://bugs.goffi.org, you'll have to use the service pubsub.goffi.org with

jp merge-request set -p pubsub.goffi.org

Of course the feature is new and it's quite rough: it is not yet possible to specify which lines of a patch we comment, or to use rich formatting. This will of course come soon, but if you want to have it faster, well, merge requests are welcome ;)

You can see it on our bug tracker.

For people in Paris, I'll be at Paris Open Source Summit (booth A2, "Salut à Toi") on Wednesday and Thursday. If you want to support the project, we are on Liberapay.

See you soon for an other post on SàT novelties…

Monal IM: Mac Offline Contacts

30 December, 2017 - 16:10

Somehow when I made the Mac client I forgot to enable offline contacts. I was obviously thinking about it because there was a toggle for it in the preferences but for some reason it was never hooked to anything.  Quite an oversight.  One which has been resolved now in the latest beta that will be out today. 

ProcessOne: ejabberd 17.12

29 December, 2017 - 11:41

To celebrate a culmination of many efforts in 2017 to make ejabberd the best XMPP server ever, we are happy to announce 17.12 which comes with many improvements and bugfixes.

2017 has been the biggest year ever for ejabberd. Please, send us feedback to help us build an even stronger community and do even better in 2018 !

Happy New Year !

What’s new SNI for inbound connections

Server Name Indication (SNI for short) is a way for clients to provide a server name for the certificate intended to use for TLS connection. There is a trend to replace STARTTLS (defined in RFC6120) with the new approach defined in XEP-0368 (also known as “Direct-TLS”).
This is where SNI becomes useful: there is no need now to do STARTTLS, instead, a client may directly open a TLS connection to a server and request the server’s certificate via SNI extension.
Such approach makes it possible to multiplex several services on a single port (e.g. having both XMPP and HTTP on port 443) and, for huge deployments, to offload SSL to frontends, such as nginx or haproxy.

Rewrite ejabberd system monitor

Previous version was inefficient making its usage almost pointless, but with a lot of potential. The new verion is based on memsup(3erl) application: the OOM watchdog is only started when total OS memory consumption is more than 80%. A watchdog periodically inspects all running processes and collects statistics about overloaded ones.
If the OOM killer is enabled (with ejabberd option oom_killer: true), all overloaded processes would be killed. By default, OOM killer is enabled. When memory consumption is back to normal, the OOM watchdog is stopped.

Support PubSub v1.14 and OMEMO

Missing features and behaviour has been discussed with users of the Conversations client, to improve support of OMEMO and fix the blocking items.

Improvements

A race in join_cluster has been fixed, inotifywait.exe on Windows has been fixed, ODBC configuration on Windows has been fixed, logger is killed and restarted when it’s overloaded, certificate creation and validation chain has been optimised for faster operation.
Certificates management has been improved and binary installer now provides “ready to use” and pre-configured ones.

Changes Core
  • Rewrite ejabberd system monitor for efficiency
  • Fix incoming XMPP processing order
  • Use xmpp:try_subtag/2 wherever possible
  • Better process subtag decoding errors
  • Only allow compression after SASL as per XEP-0170
  • Don’t crash on unexpected XML events
  • Fix session mnesia table cleanup
  • Don’t let privacy list prevent local roster update
Encryption
  • Rely on Server Name Indication for incoming Direct-TLS connections
  • Speedup certificate chains creation and validation
  • Log warning on empty wildcard paths
  • Don’t call pkix_is_self_signed/1 too frequently
  • Eat less memory during building certificates graph
  • Avoid infinite loop between self-signed certs
  • Fix function clause on filelib:wildcard/1
  • Use ejabberd_pkix API in mod_sip
  • Move ‘certfile’ based options in a single place
Groupchat
  • Don’t crash on malformed IQ
  • Include x tag in presence errors related to nick change
  • Include 110 status on shutdown
  • Improve muc#roominfo and muc#roomconfig forms
  • mod_mam: Never store MUC messages in user archives
PubSub
  • Fix num_subscribers on node metadata
  • Fix send last items on initial presence
  • Send last PEP items to owner on initial presence
  • Support pubsub#publish-options PRECONDITIONs
  • Add pubsub#multi-items to features list (Support XEP-0060 v1.14)
  • Add missing Nidx building records from sql result
  • Don’t force RSM in get_items when max_items is not provided
Admin
  • Introduce option ‘ca_file’
  • Set executable permission on mac_listener when installing
  • Use /bin/sh as the explicit shell when using su in ejabberdctl.
  • Windows does not have /tmp, fallback to $HOME/conf for ODBC configuration files
Logging
  • Change loglevel of TLS failures
  • Log a warning when a disk is almost full
  • Disable default alarm handler
  • Handle also process_memory_high_watermark alarm
  • Kill and restart lager when it’s overloaded
  • Avoid excessive logging of SQL failures
Commands
  • New muc_online_room_by_regex command
  • Fix race between join_cluster and ejabberd_mnesia
  • Fix commands rooms_unused_list and _destroy
  • send_direct_invitations accepts only user jids
  • ejabberd_sm: Fix get_session_sid/3
SQL
  • Add missing server_host column in pg.new.sql
  • Add new schema for MySQL and Sqlite
  • Fix SQL serialization
Installer
  • MacOS installer is signed. You can now easily install ejabberd on your Mac.
Build
  • Compile sql_pt early
  • Binary installer uses OTP 20.2
Feedback

As usual, the release is tagged in the Git source code repository on Github.

The source package and binary installers are available at ProcessOne.

If you suspect that you’ve found a bug, please search or fill a bug report on Github.

Monal IM: A list of good XMPP servers

28 December, 2017 - 17:43

I have decided I want to maintain a list of good, free XMPP servers. Primarily as a way of steering people away from Google.  Additionally, assuming the owners of these servers are ok, I’m thinking of including registration links in app.  I think a lot of people — including myself used google talk because it was convenient.  I actually wasn’t sure what server to switch to. I imagine this is even worse for someone new to XMPP. I know many people like to run their own servers, this is intended for everyone else.

To get the list started, servers that I know of. Please let me know if there are others that you recommend. There is also a  more exhaustive list but I am tying to keep this limited to larger, updated servers with carbons, stream resumption and push support and open registration.

https://jabber.hot-chilli.net  ( the server I am currently using)

https://www.jabbim.com

The XMPP Standards Foundation: XMPP Summit 22

28 December, 2017 - 15:15

The XMPP Standards Foundation (XSF) will hold its 22th XMPP Summit in Brussels, Belgium, on Thursday February 1st & Friday 2nd (the two days preceding FOSDEM 2018).

Preparations are well under way. If you're interested in attending, please make yourself known by filling out your details on the wiki page for Summit 22.

If you haven't already, make sure that you're signed up to the Summit mailling list, which is where you can expect most updates to be announced.

See you all there!

Monal IM: A new settings screen

28 December, 2017 - 04:35

For a variety of reasons, I’ve been staying up late at night these days.  This gives me time to do the kind of coding I wouldn’t do normally.  UI work. It’s mindlessly easy and  I find it relaxing like some people find coloring books relaxing. I know it’s an important part of the app but there is always something more technically interesting consuming my time. Except right now, where my mind is pretty shot and tinkering with text, colors and pixels is perfect.  As a result, you will see a lot of UI changes in the next update. May of these things are long overdue.  Below is the new and much more functional settings screen. 

Monal IM: The wonders of refactoring

26 December, 2017 - 04:29

As I’ve purged and rewritten  a lot of code recently, I am revisiting things that I implemented in 2009 and then never really looked at again — why fix something that is working?  Cell sizing in a table view used to be a real pain an involved a decent amount of code that calculated the size of various cells using the size of a string for a particular font. Worse still, these string calculations had to be done on the main thread because they used UI elements to compute their size.  It was a lot of code that was replaced entirely by auto layout and  the UITableView’s automatic dimension.  The end product is conversation cells that look a lot more like iMessage:

Monal IM: iOS Supports inline images

25 December, 2017 - 05:08

It has been a long time coming. iOS now has inline images.  Like the Mac app, it is running HEAD to see if the link sent over is an image. Improperly configured web servers may not work here. However, this works very nicely with XEP-0363. This is for HTTPS only Monal does not deal with HTTP at all and will pass anything with out SSL over to safari.  This is available in the beta that is going out right now.  Along with inline viewing, there is a nice photo browser you can use to pass the image off to other Apps.

Monal IM: Showing images by default

23 December, 2017 - 17:00

When I originally added inline images I had it turned off by default because of privacy concerns. It seems that most people prefer it to be on or don’t even know it is an option.  It seems like inline images and media (images, video, url previews etc. ) are just part of modern chat and they should be on by default.  The option to turn it off will always be there.

Monal IM: Monal for Mac OS 2 beta 2

22 December, 2017 - 20:10

I have updated the download link with Beta 2. The most notable fix in this update is the addition of the server features window under the account menu. This works identically to the iOS one.  

yaxim: Spam Reduction on yax.im

22 December, 2017 - 12:37

Jabber spam has become a huge problem over the last one or two years. Spammers register thousands of accounts on hundreds of public servers, and then send masses of messages to real and guessed Jabber addresses. The yax.im server operators are committed to fighting XMPP spam and helping others do so as well. In the last two weeks, yax.im automatically blocked 46996 messages from 14293 different accounts registered on 282 different servers.

Measures

Many public servers have adopted a policy to silently block messages from strangers. This is problematic for two reasons: First, it breaks the expectation of communication - you can’t just send a message to somebody, you first need to ask them to become you friend (and to see their online status). Second, it is not apparent to you when you send a message - you don’t receive a response, and not even an error message. You can only guess whether the message got delivered or not.

The yax.im server is using a custom mod_firewall rule-set to detect and reject spam messages, both from and to accounts on yax.im. If you send a message that does not pass the spam filter, you will receive an error message (“Blocked due to abuse”).

The filter will flag certain automatic messages (like server monitoring notifications) as spam. If you are running a bot on yax.im, please ensure that all users who want to receive such notifications add the bot as their contact.

Furthermore, accounts registered on yax.im for the purpose of sending spam will be terminated immediately, and all accounts registered from the same IP address will be flagged and reviewed.

The rule-set is updated periodically to reflect changes in the spam transmissions. Feel free to contact the server operators to learn more.

Advice to Public Server Operators

If you run a server with public registration, please consider this advice: Don’t do it!

Seriously, running a public server is a time-consuming job, and if you don’t take the time to monitor and disable spammer accounts, you quickly become a liability for the whole XMPP ecosystem by annoying thousands of users (on other servers). It is perfectly fine to run a server for your friends and family, and to invite them individually.

If you insist on running a public server, please take the following measures:

  • Limit and monitor In-Band-Registration
  • Protect account registration with a CAPTCHA, phone number validation or other means that are hard to cheat
  • Throttle the number of messages you accept from local users, especially to non-contacts
  • Provide XEP-0157: Contact Addresses for XMPP Services so that other admins can contact you

Thank you for observing all safety precautions.

Monal IM: Saying farewell to Google Talk

22 December, 2017 - 01:01

Google talk was great when it came out but has been abandoned by Google.  I’ve been maintaining support because I know a lot of people use it, but I myself will stop using it.  I’m going to try using  an account on the hot chilli server rather than run my own.  I’ve been using these guys for my testing accounts for a long time.  They have a fast, well  maintained prosody server that supports modern specs. I recommend it.   I’m going to use xmpp.monal.im only for testing (this is why s2s connections will fail going forward).  Push.monal.im will be the push server and s2s will continue to work.

You can reach me at: anurodhp@jabb3r.org

Monal IM: Server Features

21 December, 2017 - 16:34

Monal hasn’t been very good about showing you what it sees on your server. This results in debugging issues becoming just a shot in the dark. I did add verbose logging to beta versions but that’s not something the average user has any use for.  To rectify that, I am adding new screens that surface what is going on underneath. In addition to the other day’s login status bar notifications, I have added a details button to the server which you can tap on after logging in to see if Monal correctly detects some common, modern XEPs on your server.  I hope to make these screens more detailed but this is a start that I hope is useful 

 

Peter Saint-Andre: Ceding Our Humanity

20 December, 2017 - 00:00
Geoff Huston's keynote talk at RIPE 75, "The Death of Transit and Beyond", provides a sobering perspective on the recent evolution of the Internet - and, because so many of our personal, economic, intellectual, and political interactions happen over the Internet these days, on the evolution of society at large. Although Geoff tried to steer clear of alarmism, the picture is not pretty. Extreme concentration of wealth and power has led to a few leviathans controlling an overwhelming percentage of our online life (as of today, Apple, Google, Microsoft, Amazon, Alibaba, Tencent, and Facebook are seven of the eight largest public corporations in the world by market capitalization). Furthermore, as I explained in my talk "The Internet is Dead, Long Live the Internet" three years ago, in large measure these companies make money by tracking everything we do online and then selling those profiles to advertisers and marketers. And it gets worse: unlike the so-called robber barons of the late 19th century Gilded Age, which merely controlled markets for transportation, steel, oil, coal, and other physical goods, in subtle and not-so-subtle ways today's robber barons monitor and increasingly direct our mental and emotional life through the news we learn about, the books we read, the videos we watch, the people we talk with and connect to, and much more....

Peter Saint-Andre: A Novel Idea

17 December, 2017 - 00:00
I've long imagined that the sixth movement in my "eudaimonia suite" of books on the art of living would be about Taoism. However, recently an intriguing ambition came to me: writing a novel about Pyrrho's journey to Central Asia and Northwestern India with Alexander the Great's army and his conversion to skepticism there by early Buddhists (likely in the Gandharan city of Taxila above the Peshawar Valley - a great center of learning at the time). I like the goal of exploring the commonalities among early Taoism, early Buddhism, and Pyrrhonism, as well as Heraclitus and other pre-Socractic philosophers. In essence, this would be a novelization of Christopher Beckwith's thesis from his fascinating book Greek Buddha. Aside from the usual challenges of working through the ideas of a thinker like Nietzsche or Thoreau, there would be new obstacles to overcome here: I don't know Sanskrit or classical Chinese, and I've never written any fiction, not even a short story. Truth be told, I'm not deeply drawn to stories and I rarely read novels. However, a few years ago I read both The Glass Bead Game and Siddhartha by Hermann Hesse, and recently I read When Nietzsche Wept by Irvin Yalom. In so doing, I realized that I enjoy novels of ideas, which have no plot to speak of but make up for it with interesting dialogue and internal discovery. In any case, after I publish Songs of Zarathustra a few weeks from now I'll first finish my translation of the ethical writings of Epicurus and then write an epitome of Aristotle's moral philosophy, so writing a book on ancient Buddhism and skepticism is years away....

Monal IM: Mac OS 2.0 Beta 1

15 December, 2017 - 16:07

You should see a new update (or use the link to the side) .  This update to the Mac app has all the changes happening in iOS and all the associated bug fixes.  I hope HTTP uploads are working better for everyone now.

ProcessOne: DotGo 2017 Video: Go for Real Time Streaming Architectures

15 December, 2017 - 10:15

Mickaël Rémond, ProcessOne CEO, gave a keynote during this year’s dotGo conference on November 6th in Paris. He explained what streaming architectures are and demonstrated the benefits of using Go to build such platforms.

Streaming applications are at the core of realtime information system. With microservices, streaming components are becoming increasingly important.

With the rise of cloud architecture, it is now easier and more elegant to use Go to write realtime high-performance components for streaming architecture than to use traditional tools. If you want to benefit from Go, look no further – ProcessOne specialises in Go software development.

You can watch the full keynote below, and read the slides here:

Monal IM: Login Errors

15 December, 2017 - 04:45

One of the most frustrating things in the past has been trying to figure out why Monal won’t log in.  I have made an effort to surface these errors on the account screen with a small notification on the status bar.    I am passing over any error info I get from the XMPP server and also translating some of the SSL errors to plain English. Part of the reason this hasn’t existed is there are is a very large number of possible SSL errors that don’t have error message stringsin iOS.  Aside from the 4 common ones I’ve written messages for,  I am showing the error code. This can be looked up at OSStatus to see what it means .

 

Fanout Blog: WebSockets with AWS Lambda

15 December, 2017 - 01:02

Fanout Cloud handles long-lived connections, such as HTTP streaming and WebSocket connections, on behalf of API backends. For projects that need to push data at scale, this can be a smart architecture. It also happens to be handy with function-as-a-service backends, such as AWS Lambda, which are not designed to handle long-lived connections on their own. By combining Fanout Cloud and Lambda, you can build serverless realtime applications.

Of course, Lambda can integrate with services such as AWS IoT to achieve a similar effect. The difference with Fanout Cloud is that it works at a lower level, giving you access to raw protocol elements. For example, Fanout Cloud enables you to build a Lambda-powered API that supports plain WebSockets, which is not possible with any other service.

To make integration easy, we’ve introduced FaaS libraries for Node.js and Python. Read on to learn how it all works.

...

Monal IM: APNS Pushes work on iOS

13 December, 2017 - 13:48

I now have APNS pushes working on iOS.  I am not sure this is something that is needed on OSX because of the lack of restrictions on background activity there, however there may be some benefit, given this is how iMessage operates as well.