Somewhere in code: https://github.com/processone/ejabberd/blob/2d32c66fd7e323d456bfe0b06947eec0bfe43d40/src/ejabberd_shaper.erl#L212

But not in docs: https://docs.ejabberd.im/admin/configuration/basic/#shapers

Ref: processone/ejabberd#3255 (comment)

The options outgoing_s2s_ipv4_address and outgoing_s2s_ipv6_address added in processone/ejabberd#3396 are not yet documented, neither in
https://docs.ejabberd.im/admin/configuration/listen/
https://docs.ejabberd.im/admin/configuration/toplevel/

As a follow-up to #9, I have extended the python mysql external authentication script and added the following features to it:

• Use custom password hash algorithm
• Define custom SQL queries to make custom database layouts possible
• Add support for changing password, registering, and unregistering

I have put the script into the repository rankenstein/ejabberd-auth-mysql. It would be nice if it could be linked among the external auth scripts.

After reading the newest blog post I noticed that the shaper options used in it aren't documented.

shaper:
  normal:
    rate: 3000
    burst_size: 20000

Eg. search for "sm_cache_size" see 10 results, some from /archive/version some from /admin/

Yes, browser status bar might show the URL and one can find out, but in mobile browsers that's not a feature.

Is your feature request related to a problem? Please describe.
https://docs.ejabberd.im/developer/guide/#external shows colons separating fields in the external authentication protocol. The Password field is untrusted input, so how does the protocol work if the user sends a password that contains a colon? Is it possible for the User field to contain a colon? Or for the Server field to have a colon (e.g., an IPv6 address)? If either the User or Server field can have colons, how does the external authentication program tell where the boundary between fields is? If the Password field can have colons, I'm guessing the external authentication program should just treat everything after the third colon as part of the password?

Describe the solution you'd like
Clarifying the above questions in the documentation would be nice, to avoid bugs around untrusted input.

Describe alternatives you've considered
N/A

Additional context
N/A

The documentation of options for for mod_bosh tells to configure mod_http_bin

modules:
...
mod_http_bind:
max_inactivity: 50
...

See https://docs.ejabberd.im/admin/configuration/#mod-bosh

• TLS (no_..., ciphers, s2s_use_starttls: optional -> required?)
• certfile and s2s_certfile old part -> certificates part?
• mod_vcard_ldap part -> mod_vcard with "db_type: ldap"?

Linked to:

• processone/ejabberd#2665
• processone/ejabberd#2707

Please clarify in the documentation:

• Global options: Will c2s_{protocoll_options,ciphers,dhfile} provided defaults to the "listen" modules? Same for s2s_*

• Listen-options: Are ciphers, dhfile, protocoll_options defaulting to the global c2s resp. s2s options?

• What module/function is using s2s_starttls? Is this for outgoing messages, and thus needs to be defined here (as this is not a listening module)

• Hat is the meaning of hosts in mod_http_upload, mod_muc, mod_mix and others?
  What is this used for? Can one use @HOST@ (without any prefix)?
  What is the benefit of listing more than one hosts / JIDs?

• mod_pres_counter: interval: Unit of value us not documented.

• Meaning of mod_register: access_from is unclear: Description lets assume this is for controlling registration of new accounts from s2s or existing c2s sessions. But This is not stated.

• mod_stun has an option to enable TLS, but what ciphers, dhfile, and protocoll_options are used?

Many thanks in advance for improving the documentation :-)

On https://docs.ejabberd.im/admin/guide/configuration/#modmam you encounter the terms

[dag,flat,hometree,pep]

However, flat and hometree are nowhere explained and a deep google web search didn't bring up any useful results.

So could you please complete the guide by adding a short explanation to for all four plugins? :-)

Best Regards

ldap_uidattr & ldap_uidattr_format are mentioned on https://docs.ejabberd.im/admin/configuration/database-ldap/, but giving 404/non-existent. Were those options removed or is the documentation for this missing?

Can you add indications for XEP-0384: OMEMO Encryption in documentation?

• https://xmpp.org/extensions/xep-0384.html

Context: https://mail.jabber.org/pipermail/standards/2022-February/038759.html

Vulnerable code:

Original issue: processone/ejabberd#3187

Environment

https://www.process-one.net/downloads/downloads-action.php?file=/ejabberd/20.02/ejabberd-20.02-windows.exe

Windows 10 Pro x64 Version 1909

Description

I'm using mod_http_upload with service_url option. On ejabberd start, this deprecation message is written into the log:

2020-03-14 12:04:21.041 [warning] <0.105.0>@ejabberd_config_transformer:warn_deprecated_option:530 Option 'service_url' is deprecated. Use option 'external_secret' instead.

I don't find a deprecation hint in the documentation: https://docs.ejabberd.im/admin/configuration/#mod-http-upload

Please remove the deprecation log entry or mark the service_url option as deprecated in the documentation.

The documentation of the ejabberd stun module still describes the option turn_ip: String.
https://docs.ejabberd.im/admin/configuration/listen/#ejabberd-stun-1

The ejabberd.yml example only includes the options turn_ipv4_address and turn_ipv6_address.
When starting ejabberd with turn_ip set, it logs a deprecation warning:

2020-09-04 17:48:37.648 [warning] <0.105.0>@ejabberd_config_transformer:warn_replaced_option:552 Option 'turn_ip' is deprecated and was automatically replaced by 'turn_ipv4_address'. Please adjust your configuration file accordingly. Hint: run `ejabberdctl dump-config` command to view current configuration as it is seen by ejabberd.

So please update the documentation.

https://docs.ejabberd.im/archive/20_04/modules/#mod-disco

name: Name
Any arbitrary name of the contact.

But isn't https://xmpp.org/extensions/xep-0157.html#registrar-formtype hardcoding these?

Ref: https://process-one.net/logs/[email protected]/2020/09/07.html#17:00:01.608245

ejabberd documentation's source code is available in this git repository. Then, admins have a human-readable online version at https://docs.ejabberd.im

But how can admins of old releases access old documentation versions? The admin of ejabberd 18.01 should not check the up-to-date online documentation, as there were changes in the configuration syntax.

Back when documentation was in LateX, the guide was included as pdf in each release, so each admin checked the exact documentation for his version.

Possible solutions:

• Do nothing: only the admins of current version can access correct documentation; everyone else will fill tickets and forum posts asking why his not-up-to-date ejabberd complains about a configuration copied from online documentation
• Do nothing, and redirect admins of old versions to https://web.archive.org/
• Provide a docs/ dir with each release, so it's included in the packages. Apparently this is what Erlang/OTP does
• Perform a backup of docs site for each release, and host them in a "Docs archive" section. Either in html, or pdf

Lets say I go here:

https://docs.ejabberd.im/admin/configuration/

Click on a sub-topic such as "Basic Configuration"

the internal anchors dont' work (on Chrome anyhow).

I found that if I right-click the link and open in new tab it will work.

The page reload behavior suggests that some javascript or CSS is responsible for it workg at page reload time. but it is a pretty frustrating user experience that internal anchors dont' work.

https://github.com/processone/docs.ejabberd.im/blob/master/content/admin/configuration.md#captcha (_host)

vs

https://docs.ejabberd.im/admin/configuration/#captcha (_url) up to date as: processone/ejabberd@d85cf77

Hi,
just noticed that in the "Attributes" section of http://docs.ejabberd.im/admin/guide/configuration/#modsharedrosterldap the attributes are missing/invisible, only their description is there.

Also there are lines like
posixGroup (\rightarrow{}) memberUid
that should be corrected for the new format.

I am new to ejabberd and I don’t know it this is the right place to report this issue.

It seems to me that the script linked here has an SQL injection vulnerability in line 75.The parameter in_user comes from the client and thus needs to be escaped:

dbcur.execute("SELECT %s,%s FROM %s WHERE %s = %%s"%(db_username_field, db_password_field, db_table, db_username_field), (in_user))

https://docs.ejabberd.im/admin/configuration/#mod-muc

It should be stated that the option mam has been depcrecated since version 18.06:

11:19:19.241 [error] Unknown option 'mam' of module 'mod_muc', available options are: user_presence_shaper, user_message_shaper, room_shaper, access_register, default_room_options, max_users, max_user_conferences, max_rooms_discoitems, max_roo m_desc, hosts, access, regexp_room_id, max_users_admin_threshold, max_room_id, host, access_persistent, queue_type, max_users_presence, max_room_name, name, history_size, ram_db_type, db_type, access_create, min_presence_interval, min_message_ interval, access_admin

Page address: http://docs.ejabberd.im/admin/
Link name: ejabberdctl Reference
Link target: http://docs.ejabberd.im/admin/ejabberctl/
Should be: http://docs.ejabberd.im/admin/ejabberdctl/

https://docs.ejabberd.im/admin/configuration/#external-script still describes the old caching behavior, which has changed with 17.06. I was unable to find good documentation of it anywhere else.

This is especially important to extauth, as the current cache (which is now on by default) results in false login refusals, if multiple passwords are valid, when using 'app passwords' or similar. They are hard to track down, believe me.

I'd like to PR some stuff...

Just a blank screen on docs.ejabberd.im :(

Some grammar and spelling mistakes in the XMPP Use Cases docs. Can I open a PR rectifying this?

When having "stream_management" under the listener module, ejabberd will complain in debug mode that this option is deprecated.
It is in fact, since 17.03, but the documentation about it is not yet updated.

https://blog.process-one.net/ejabberd-17-03/
https://docs.ejabberd.im/admin/configuration/#listening-module

It should be in the docs that XEP-0198 is now its own module and should be enabled with
mod_stream_mgmt

Eg. search for "sm_cache_size" see 10 results, the order is:

20.07
20.04
20.12
21.01
21.04

..which looks rather random

When compiling, I got this error:

src/mod_mam.erl:224: variable 'Opt' is unbound
ERROR: compile failed while processing /Users/david/Documents/HSWEB/mobile/apps/HiLois/ejabberd/ejabberd: rebar_abort
make: *** [deps/.built] Error 1

mod_fail2ban fails with the following config:

mod_fail2ban:
  c2s_auth_block_lifetime: 7200
  c2s_max_auth_failures: 50

Error with ejabberd 17.04:

[error] unknown option 'c2s_auth_block_lifetime' for module 'mod_fail2ban' will be likely ignored, available options are: 'access', 'c2s_auth_ban_lifetime', 'c2s_max_auth_failures'

We have more virtual hosts on one ejabberd server.
Since it is written to use an external database if the usage/load gets higher, we decided to use mysql/mariadb.

Following the 'official' way https://www.process-one.net/blog/install-and-configure-mariadb-with-ejabberd/
I noticed very fast, that this is not working for more then one virtual host.
The schema can not decide between them.

After digging arround I found the mysql.new.sql and I was lucky ... in the first moments.
But then I noticed that this is, up to now, not the official way.

So what should I do with my 21 (and growing) virtual hosts???

Using the 'unofficial' mysql.new.sql schema or different databases for each virtual host?

Btw. I use version 23.01-1 because it is the default package in debian 12 bookworm.

The documentation at https://docs.ejabberd.im/tutorials/mysql/
also shows the 'old' way and it is not explained how to use an own database per virtual host.
The new schema is not mentioned. Should we use it or not?

Please let the users know how to do it.