From 4be7984a0e77eddffd0be7309d788c7d9f065013 Mon Sep 17 00:00:00 2001 From: Badlop Date: Mon, 26 Sep 2011 18:11:18 +0200 Subject: Update ejabberd version number to 2.1.9 --- doc/guide.html | 100 +++++++++++++++++++++++++++++++++++++++++---------------- 1 file changed, 72 insertions(+), 28 deletions(-) (limited to 'doc/guide.html') diff --git a/doc/guide.html b/doc/guide.html index 24bb2d306..c2eb4bf6d 100644 --- a/doc/guide.html +++ b/doc/guide.html @@ -6,7 +6,7 @@ - ejabberd 2.1.7 + ejabberd 2.1.9 Installation and Operation Guide @@ -76,7 +76,7 @@ BLOCKQUOTE.figure DIV.center DIV.center HR{display:none;}


- +
ejabberd 2.1.7
ejabberd 2.1.9
 
Installation and Operation Guide

@@ -306,8 +306,9 @@ Note that the Windows service is a feature still in development, and for example it doesn’t read the file ejabberdctl.cfg.

On a *nix system, if you want ejabberd to be started as daemon at boot time, copy ejabberd.init from the ’bin’ directory to something like /etc/init.d/ejabberd (depending on your distribution). -Create a system user called ejabberd; -it will be used by the script to start the server. +Create a system user called ejabberd, +give it write access to the directories database/ and logs/, and set that as home; +the script will start the server with that user. Then you can call /etc/inid.d/ejabberd start as root to start the server.

If ejabberd doesn’t start correctly in Windows, try to start it using the shortcut in desktop or start menu. If the window shows error 14001, the solution is to install: @@ -525,8 +526,8 @@ Using ejabberdctl (see section 4.1):

  • Using a XMPP client and In-Band Registration (see section 3.3.19).
  • Edit the ejabberd configuration file to give administration rights to the XMPP account you created: -
    {acl, admins, {user, "admin1", "example.org"}}.
-{access, configure, [{allow, admins}]}.
+
    {acl, admin, {user, "admin1", "example.org"}}.
+{access, configure, [{allow, admin}]}.
 
    You can grant administrative privileges to many XMPP accounts,
 and also to accounts in other XMPP servers.
  • Restart ejabberd to load the new configuration. @@ -1051,17 +1052,40 @@ internal (default) — See section 3.1.4. 3.2.2 and 3.2.4.
  • anonymous — See section 3.1.4.
  • pam — See section 3.1.4. -

    • Account creation is only supported by internal, external and odbc methods.

    +

    Account creation is only supported by internal, external and odbc methods.

    The option resource_conflict defines the action when a client attempts to +login to an account with a resource that is already connected. +The option syntax is: +

    {resource_conflict, setresource|closenew|closeold}.

    +The possible values match exactly the three possibilities described in +XMPP Core: section 7.7.2.2. +The default value is closeold. +If the client uses old Jabber Non-SASL authentication (XEP-0078), +then this option is not respected, and the action performed is closeold.

    Internal

    ejabberd uses its internal Mnesia database as the default authentication method. -The value internal will enable the internal authentication method.

    Examples: +The value internal will enable the internal authentication method.

    The option {auth_password_format, plain|scram} +defines in what format the users passwords are stored: +

    +plain
    +The password is stored as plain text in the database. +This is risky because the passwords can be read if your database gets compromised. +This is the default value. +This format allows clients to authenticate using: +the old Jabber Non-SASL (XEP-0078), SASL PLAIN, +SASL DIGEST-MD5, and SASL SCRAM-SHA-1.
    scram
    +The password is not stored, only some information that allows to verify the hash provided by the client. +It is impossible to obtain the original plain password from the stored information; +for this reason, when this value is configured it cannot be changed to plain anymore. +This format allows clients to authenticate using: SASL PLAIN and SASL SCRAM-SHA-1. +

    Examples:

    External Script

    In this authentication method, when ejabberd starts, @@ -1208,9 +1232,9 @@ declarations of ACLs in the configuration file have the following syntax:

    {user_regexp, Regexp}
    Matches any local user with a name that matches Regexp on local virtual hosts. Example: 
    {acl, tests, {user_regexp, "^test[0-9]*$"}}.
-
    {user_regexp, UserRegexp, Server}
    Matches any user with a name +
    {user_regexp, Regexp, Server}
    Matches any user with a name that matches Regexp at server Server. Example: -
    {acl, tests, {user_Userregexp, "^test", "example.org"}}.
+
    {acl, tests, {user_regexp, "^test", "example.org"}}.
    {server_regexp, Regexp}
    Matches any JID from the server that matches Regexp. Example: 
    {acl, icq, {server_regexp, "^icq\\."}}.
@@ -1701,6 +1725,16 @@ This option specifies whether to verify LDAP server certificate or not when TLS
 When hard is enabled ejabberd doesn’t proceed if a certificate is invalid.
 When soft is enabled ejabberd proceeds even if check fails.
 The default is false which means no checks are performed.
+
    {ldap_tls_cacertfile, Path}
    +Path to file containing PEM encoded CA certificates. This option is needed +(and required) when TLS verification is enabled. +
    {ldap_tls_depth, Number}
    +Specifies the maximum verification depth when TLS verification is enabled, +i.e. how far in a chain of certificates the verification process can proceed +before the verification is considered to fail. +Peer certificate = 0, CA certificate = 1, higher level CA certificate = 2, etc. +The value 2 thus means that a chain can at most contain peer cert, +CA cert, next CA cert, and an additional CA cert. The default value is 1.
    {ldap_port, Number}
    Port to connect to your LDAP server. The default port is 389 if encryption is disabled; and 636 if encryption is enabled. If you configure a value, it is stored in ejabberd’s database. @@ -1710,6 +1744,7 @@ the value previously stored in the database will be used instead of the default is "" which means ‘anonymous connection’.
    {ldap_password, Password}
    Bind password. The default value is "". +
    {ldap_deref_aliases, never|always|finding|searching}
    Whether or not to dereference aliases. The default is never.

    Example: 

    {auth_method, ldap}.
 {ldap_servers, ["ldap.example.org"]}.
@@ -1931,7 +1966,7 @@ all entries end with a comma:
 mod_offlineOffline message storage (XEP-0160mod_offline_odbcOffline message storage (XEP-0160)supported DB (*)
 mod_pingXMPP Ping and periodic keepalives (XEP-0199) 
-mod_privacyDetect presence subscription flood 
+mod_pres_counterDetect presence subscription flood 
 mod_privacyBlocking Communication (XEP-0016mod_privacy_odbcBlocking Communication (XEP-0016)supported DB (*)
 mod_privatePrivate XML Storage (XEP-0049) 
@@ -2077,7 +2112,7 @@ able to send such messages).
 
    Examples: