--- jabberd14-1.6.1.1.orig/debian/NEWS.Debian
+++ jabberd14-1.6.1.1/debian/NEWS.Debian
@@ -0,0 +1,74 @@
+jabberd14 (1.6.1.1-5) unstable; urgency=low
+
+ * Since release 1.6.1.1-4, the hostname of jabberd14 server can be specified
+ in /etc/default/jabberd14 to avoid unnecessary modification of jabber.xml.
+ If the hostname of your server was set in jabber.xml, please take note
+ you may need to set this value in /etc/default/jabberd14 since any
+ value specified in this file will take precedence over jabber.xml. By
+ default "localhost" will be the hostname used if none is specified.
+
+ -- Miguel Landaeta <miguel@miguel.cc> Sun, 03 Jan 2010 22:50:27 -0430
+
+jabberd14 (1.6.1.1-1) unstable; urgency=low
+
+ * Upstream renamed this project to jabberd14.
+
+ * Path of server components now is /usr/lib/libjabberd14.
+
+ * jabber.xml format used since 1.6.0 is incompatible with previous versions
+
+ The format of jabber.xml used since 1.6.0 is not backward compatible
+ with the used in 1.4.x. To learn about these changes, see
+ README.config, check jabber.xml(5) manpage or review a copy of
+ that file in /usr/share/doc/jabberd14/examples.
+
+ A basic jabber.xml is provided as guide in /etc/jabber, take care to
+ adapt or your jabberd instance could not start correctly.
+
+ * Default data storage is a SQL database
+
+ Since jabberd14 1.6.0 the default data storage is a SQL database
+ (MySQL or PostgreSQL). However, this package is configured to
+ store data in plain XML files compatible with the ones used
+ in versions previous to 1.6.0.
+
+ To use SQL data storage consult UPGRADE, README.SQL and the examples
+ available in /usr/share/doc/jabberd14.
+ In the future, this package will be available in several "flavors"
+ (e.g. jabberd14-mysql, jabberd14-pgsql, etc) properly configured for
+ SQL data storage.
+
+ * Default location for filesystem data storage now is /var/spool/jabberd
+
+ Previous to 1.6.0, the default location for filesystem data store
+ was /var/lib/jabber. Since jabberd14 1.6.0, the default location
+ for this is /var/spool/jabberd.
+
+ When jabberd14 1.6.1.1 is installed, this package automatically
+ check if directory /var/lib/jabber exists. If this is true,
+ then data contained in that directory is copied to /var/spool/jabberd.
+ Since /var/lib/jabber is now useless, it is up to the user to
+ remove or keep this directory in her system. Additionally, jabberd
+ daemon now runs as user jabberd, not jabber as used to. So, probably
+ remains old data files owned by jabber user in /var/lib/jabber.
+
+ Make sure your datafiles have correct permissions and are located
+ in a proper directory or your jabberd instance could not start correctly.
+
+ * Registration requests must be XEP-0077-conformant
+
+ By default, jabberd14 now checks registration requests,
+ that all data requested in the configuration file is submitted by
+ the client. This causes problems with some non XEP-0077-conformant
+ clients (certain versions of Psi and Kopete were reported).
+ If you want to keep compatibility with them, configure your server
+ to only request the <username/>, or offer account registration
+ on your web-site. For configuration examples see the included
+ jabber.xml.dist file.
+
+ * Quick configuration feature is now provided by /etc/default/jabberd14
+
+ The quick configuration feature provided by /etc/jabber/jabber.cfg
+ file was superseded by /etc/default/jabberd14.
+
+ -- Miguel Landaeta <miguel@miguel.cc> Tue, 17 Feb 2009 11:21:36 -0430
--- jabberd14-1.6.1.1.orig/debian/xdbfiletool.8
+++ jabberd14-1.6.1.1/debian/xdbfiletool.8
@@ -0,0 +1,56 @@
+.TH "XDBFILETOOL" 1 "April 2006" "User Commands"
+.SH NAME
+xdbfiletool \- Jabberd14 Jabber/XMPP server XDB file management tool
+.SH SYNOPSIS
+.B xdbfiletool
+[\fIOPTION ...\fR]
+.SH DESCRIPTION
+This tool allows for various manipulations on XDB files that can be
+used by the Jabber/XMPP server as database backend.
+It supports spool file conversions, getting, setting and deleting nodes.
+.SH OPTIONS
+.TP
+.B \-b, \-\-basedir=<path>
+Base dir of the spool.
+.TP
+.B \-c, \-\-config=<path>
+Configuration file to use.
+.TP
+.B \-\-convert
+Convert from plain spool to hashspool.
+.TP
+.B \-d, \-\-del=<path>
+Delete a node in the spool file.
+.TP
+.B \-g, \-\-get=<path>
+Get a node in the spool file.
+.TP
+.B \-\-getpath=<JabberID>
+Get the path to a file of a user.
+.TP
+.B \-h, \-\-hashspool
+Use hashed spool directory.
+.TP
+.B \-j, \-\-jid=<JabberID>
+JabberID for get/set/del operation.
+.TP
+.B \-n, \-\-namespace=<prefix>:<URI>
+Define a namespace prefix.
+.TP
+.B \-s, \-\-set=<path> <value>
+Set a node in the spool file.
+.TP
+.B \-\-usage
+Display a brief usage message.
+.TP
+.B \-V, \-\-version
+Print server version.
+.TP
+.B \-?, \-\-help
+Show the help message of the application and exit.
+.SH SEE ALSO
+The Jabberd14 website: http://www.jabberd.org/.
+.SH AUTHOR
+The Jabberd14 project.
+.PP
+This manual page was written by Paul van Tilburg <paulvt@debian.org>.
--- jabberd14-1.6.1.1.orig/debian/jabberd14.preinst
+++ jabberd14-1.6.1.1/debian/jabberd14.preinst
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+# Remove a no-longer used conffile
+rm_conffile() {
+ local PKGNAME="$1"
+ local CONFFILE="$2"
+
+ [ -e "$CONFFILE" ] || return 0
+
+ local md5sum="$(md5sum $CONFFILE | sed -e 's/ .*//')"
+ local old_md5sum="$(dpkg-query -W -f='${Conffiles}' $PKGNAME | \
+ sed -n -e "\' $CONFFILE ' { s/ obsolete$//; s/.* //; p }")"
+ if [ "$md5sum" != "$old_md5sum" ]; then
+ echo "Obsolete conffile $CONFFILE has been modified by you."
+ echo "Saving as $CONFFILE.dpkg-bak ..."
+ mv -f "$CONFFILE" "$CONFFILE".dpkg-bak
+ else
+ echo "Removing obsolete conffile $CONFFILE ..."
+ rm -f "$CONFFILE"
+ fi
+}
+
+case "$1" in
+install|upgrade)
+ rm_conffile jabber "/etc/init.d/jabber"
+ update-rc.d jabber remove
+ rm_conffile jabber "/etc/jabber/jabber.cfg"
+ rm_conffile jabber "/etc/logrotate.d/jabber"
+ ;;
+*)
+ echo "preinst called with unknown argument \`$1'" >&2
+ exit 1
+ ;;
+esac
+
+#DEBHELPER#
+
+exit 0
--- jabberd14-1.6.1.1.orig/debian/jabberd14.manpages
+++ jabberd14-1.6.1.1/debian/jabberd14.manpages
@@ -0,0 +1 @@
+debian/xdbfiletool.8
--- jabberd14-1.6.1.1.orig/debian/changelog
+++ jabberd14-1.6.1.1/debian/changelog
@@ -0,0 +1,406 @@
+jabberd14 (1.6.1.1-5+squeeze1) stable-security; urgency=high
+
+ * Non-maintainer upload by the Security Team.
+ * Prevent entity expansion in order to prevent about
+ the billion laughs DoS attack (CVE-2011-1754.dpatch).
+
+ -- Nico Golde <nion@debian.org> Tue, 31 May 2011 00:12:20 +0200
+
+jabberd14 (1.6.1.1-5) unstable; urgency=low
+
+ * Fixed connection breakage due to net.ipv6.bindv6only=1. (Closes: #561705).
+ * Notified in NEWS.Debian the new way of configuring server hostname.
+ (Closes: #561391).
+ * Really removed obsolete conffiles on upgrade. (Closes: #561388).
+
+ -- Miguel Landaeta <miguel@miguel.cc> Fri, 15 Jan 2010 14:34:30 -0430
+
+jabberd14 (1.6.1.1-4) unstable; urgency=low
+
+ * Fixed reading of settings from /etc/default/jabberd. (Closes: #552281).
+ * Fixed detecting of IPv6 support. (Closes: #546545).
+ * Fixed crashing on old ssl protocol. (Closes: #546544).
+ * Added support to easy configuration using /etc/default/jabberd14
+ to allow setting of basic options without editing jabber.xml.
+ * Removed obsolete conffiles on upgrade. (Closes: #546814).
+ * Fixed patch-system-but-no-source-readme lintian warning and bumped
+ Standards-Version to 3.8.3.
+ * Fixed FTBFS with g++-4.4. (Closes: #560342).
+ * Fixed FTBFS with binutils-gold. (Closes: #554924).
+
+ -- Miguel Landaeta <miguel@miguel.cc> Fri, 11 Dec 2009 19:40:55 -0430
+
+jabberd14 (1.6.1.1-3) unstable; urgency=low
+
+ * Replaced Build-Depends on libmysqlclient15-dev with libmysqlclient-dev
+ and dropped its version restriction since it's already satisfied with
+ stable. (Closes: #542131).
+
+ -- Miguel Landaeta <miguel@miguel.cc> Mon, 17 Aug 2009 21:41:37 -0430
+
+jabberd14 (1.6.1.1-2) unstable; urgency=low
+
+ * Added Vcs-* fields.
+ * Fixed a typo in init script that was causing startup errors.
+ (Closes: #532419)
+ * Fixed dir-or-file-in-var-run lintian error and bumped
+ Standards-Version to 3.8.2.
+ * Fixed piuparts error regarding left files on system after purging.
+ * Added NEWS.Debian for announce server-breaking incompatability
+ warnings. (Closes: #528129)
+ * Fixed bug with copy of user data files to the new spool directory
+ on upgrades from 1.4.x to 1.6.x versions. (Closes: 523095)
+ * Disabled logging via syslog. Now jabberd writes itself to its
+ logfile in /var/log/jabberd.
+
+ -- Miguel Landaeta <miguel@miguel.cc> Sat, 25 Jul 2009 01:07:05 -0430
+
+jabberd14 (1.6.1.1-1) unstable; urgency=low
+
+ [ Miguel Landaeta ]
+ * New maintainer. (Closes: #471408)
+ * New upstream release. (Closes: #329680, #430529)
+ * debian/copyright:
+ - Upstream now uses license GPL-2+. (Closes: #302417)
+ - Implement a version of the copyright format proposal.
+ * Bumped standards version to 3.8.0; no changes required.
+ * Provided a new binary package libjabberd2 and renamed
+ jabber-dev package to libjabberd2-dev.
+ * Updated debian/jabberd14.postinst:
+ - Copy spool data from /var/lib/jabber to /var/spool/jabberd.
+
+ [ Paul van Tilburg ]
+ * Renamed source and binary packages to jabberd14; conflict with
+ and provide jabber. (Closes: #404816).
+ * Updated debian/rules since jabberd14 now uses autotools; converted it
+ to use CDBS. (Closes: #337542).
+ * Added --enable-ipv6 flag for configure in debian/rules.
+ (Closes: #334414, #386601).
+ * Added debian/jabber.xml.xdb_file to install as default configuration;
+ use file-based XDB for now.
+ * Updated debian/control:
+ - Changed build-depend from libssl-dev to libgnutls-dev.
+ - Added build-depends on libpopt-dev, cdbs and pkg-config.
+ - Removed the build-depend on procps.
+ - Added depend on openssl to be able to generate dhparams.pem.
+ - Changed ${jabber:Provides} into hardcoded jabber-1.4
+ - Slight update to the description of the libjabber2-dev package.
+ (Closes: #404816).
+ * Added the Homepage field.
+ * Updated and created more files for debhelper to be used with
+ jabberd14, libjabberd2 and libjabberd2-dev packages.
+ * Added a watch file.
+ * Added depend on lsb-base (>= 3.0-6) and updated init script to use
+ LSB functions. (Closes: #350337, #489071, #407166).
+ * Added a man page for xdbfiletool: debian/xdbfiletool.8.
+ * Dropped depend on jabber-common.
+ * Removed debian/jabberd14.preinst, it wasn't doing anything anymore.
+ * Updated debian/jabberd.14.post{inst,rm}:
+ - Create/remove jabberd system user and group. (Closes: #438871).
+ - Generate/remove /etc/jabber/dhparams.pem.
+ - Chown and chmod/clean the configuration and spool directory.
+
+ -- Miguel Landaeta <miguel@miguel.cc> Tue, 17 Feb 2009 11:21:36 -0430
+
+jabber (1.4.3-3.6) unstable; urgency=low
+
+ * Really patch configure to fix build on GNU/kFreeBSD (closes:
+ #512611).
+
+ -- Aurelien Jarno <aurel32@debian.org> Sat, 07 Feb 2009 14:49:45 +0100
+
+jabber (1.4.3-3.5) unstable; urgency=low
+
+ * QA Upload.
+ * Set maintainer to Debian QA Group.
+ * Fix build on GNU/kFreeBSD (closes: #512611)
+
+ -- Aurelien Jarno <aurel32@debian.org> Fri, 06 Feb 2009 02:45:10 +0100
+
+jabber (1.4.3-3.4) unstable; urgency=low
+
+ * Non-maintainer upload.
+ * Added LSB formatted dependency info in init.d script (closes: #460855)
+
+ -- Peter Eisentraut <petere@debian.org> Tue, 01 Apr 2008 22:23:32 +0200
+
+jabber (1.4.3-3.3) unstable; urgency=high
+
+ * Non-maintainer upload.
+ * High-urgency upload for RC bugfix.
+ * Revert the change in -3.1 to enable IPv6 support, because jabberd
+ currently only supports IPv4 *or* IPv6, you can't enable both at the
+ same time -- and obviously we need IPv4 support to work.
+ Closes: #405565, reopens: #334414.
+
+ -- Steve Langasek <vorlon@debian.org> Fri, 2 Mar 2007 03:24:58 -0800
+
+jabber (1.4.3-3.2) unstable; urgency=high
+
+ * Non-maintainer upload.
+ * init-ssl.dpatch: Properly initialize the OpenSSL library; fixes issues
+ when using OpenSSL 0.9.8, patch originally from Sugree Phatanapherom.
+ (Closes: #405461)
+
+ -- Steinar H. Gunderson <sesse@debian.org> Wed, 28 Feb 2007 18:07:55 +0100
+
+jabber (1.4.3-3.1) unstable; urgency=medium
+
+ [ Sergei Golovan ]
+ * added patch, which increases buffers for storing string representation
+ of time (Closes: #337526)
+ * bumped standards version to 3.7.2
+
+ [ Andreas Barth ]
+ * non-maintainer upload
+ * rebuild should change dependency from libpth2 to libpth20. Closes: #404378
+ * add IPv6-support. Closes: #334414
+ * fix typos in description and jabberd.8. Closes: #300020, #337538
+ * Update description, partly fixes #404816.
+
+ -- Andreas Barth <aba@not.so.argh.org> Sat, 30 Dec 2006 10:10:28 +0000
+
+jabber (1.4.3-3) unstable; urgency=low
+
+ * added patch to correct libexpat vulnerability (Closes: #272408)
+ * corrected typo referencing MSM instead of MSN (Closes: #269284)
+
+ -- Jamin W. Collins <jcollins@asgardsrealm.net> Sun, 19 Sep 2004 17:48:56 -0600
+
+jabber (1.4.3-2) unstable; urgency=low
+
+ * removed jabber-dev dependency on jabber (Closes: #243049)
+
+ -- Jamin W. Collins <jcollins@asgardsrealm.net> Sat, 10 Apr 2004 18:03:39 -0600
+
+jabber (1.4.3-1) unstable; urgency=low
+
+ * new upstream version
+ * now using dpatch to apply source changes
+ * added libpth2 and libpth-dev dependancies
+
+ -- Jamin W. Collins <jcollins@asgardsrealm.net> Sun, 16 Nov 2003 13:17:08 -0700
+
+jabber (1.4.2a-13) unstable; urgency=low
+
+ * added dependancy on jabber-common
+ * now runs as jabber:adm LSB 1.3 (Closes: #211346)
+ * added dependancy on procps (Closes: #216087)
+ * updated config ownership to jabber:adm and 0640
+ * updated jabber.xml SRV lookup to use "jabber-server" (Closes: #212125)
+ - http://www.jabber.org/ietf/draft-ietf-xmpp-core-18.html
+
+ -- Jamin W. Collins <jcollins@asgardsrealm.net> Fri, 17 Oct 2003 13:44:07 -0600
+
+jabber (1.4.2a-12) unstable; urgency=low
+
+ * added versioned depends to jabber-dev (Closes: #195300)
+ * added umask 0027 to jabber log files (Closes: #139883)
+ * updated to init.d script to allow jabber.d directory to be missing
+ * new standards version
+ * updated purge to handle missing log files
+ * removed use of dh_undocumented
+ * updated ownership of log files to daemon:adm
+
+ -- Jamin W. Collins <jcollins@asgardsrealm.net> Fri, 12 Sep 2003 13:31:57 -0600
+
+jabber (1.4.2a-11) unstable; urgency=low
+
+ * corrected init script bashism (Closes: #195108)
+ * added description indication that this is not a client (Closes: #177097)
+ * restart now sleeps 3 seconds between stop and start (Closes: #202518)
+ * added /etc/jabber/jabber.d hook directory and init script support
+ * changed location of jabber-config to /usr/lib/jabber
+ * added one line fix to mod_auth_0k.c
+ * updated postrm to play nice and share directories
+
+ -- Jamin W. Collins <jcollins@asgardsrealm.net> Wed, 23 Jul 2003 11:27:52 -0600
+
+jabber (1.4.2a-10) unstable; urgency=low
+
+ * added pth-1.4.0 headers to the jabber-dev package
+ * added jabber-conf (platform-settings) to jabber-dev package
+ * updated postrm script (Closes: #178313)
+ * added . to init output (Closes: #187958)
+
+ -- Jamin W. Collins <jcollins@asgardsrealm.net> Sun, 13 Apr 2003 12:12:15 -0600
+
+jabber (1.4.2a-9) unstable; urgency=low
+
+ * added patch from Chris Shafer <wcshafer@cablespeed.com> (Closes: #175108)
+ * cleaned up output of init.d script restart (Closes: #174483)
+ * removed man page duplication (Closes: #176785)
+ * modified the jabber config to stop possible SSL DOS (Closes: #153772)
+
+ -- Jamin W. Collins <jcollins@asgardsrealm.net> Thu, 16 Jan 2003 14:15:11 -0600
+
+jabber (1.4.2a-8) unstable; urgency=low
+
+ * corrected logic for checking jabber.pid validity (Closes: #173555)
+ * added logrotate script (Closes: #147075)
+
+ -- Jamin W. Collins <jcollins@asgardsrealm.net> Sun, 22 Dec 2002 10:04:34 -0600
+
+jabber (1.4.2a-7) unstable; urgency=low
+
+ * added logic to check validity of jabber.pid
+ (Closes: Bug #101826)
+ * switched to Debhelper compatibility level 4
+ (Closes: Bug #153606)
+ * updated init.d script to verify service stop on restart
+ (Closes: Bug #152456)
+ * more recent standards version
+
+ -- Jamin W. Collins <jcollins@asgardsrealm.net> Tue, 10 Dec 2002 13:21:08 -0600
+
+jabber (1.4.2a-6) unstable; urgency=low
+
+ * new maintainer
+
+ -- Jamin W. Collins <jcollins@asgardsrealm.net> Wed, 27 Nov 2002 14:15:07 -0600
+
+jabber (1.4.2a-5) unstable; urgency=low
+
+ * added config.sub by running libtoolize --force --copy
+ (Closes: Bug #153230, #142194)
+ * wont package transports, but you can du with -dev package now
+ (Closes: Bug #93862, #119151)
+ * upload to main (Closes: Bug #153770)
+
+ -- Bernd Eckenfels <ecki@debian.org> Tue, 23 Jul 2002 21:20:07 +0200
+
+jabber (1.4.2a-4) unstable; urgency=low
+
+ * reupload
+
+ -- Bernd Eckenfels <ecki@debian.org> Wed, 3 Jul 2002 21:48:04 +0200
+
+jabber (1.4.2a-3) unstable; urgency=low
+
+ * fixed rules sillyness (install/chmod) reported by Michael Leuchtenburg
+
+ -- Bernd Eckenfels <ecki@debian.org> Fri, 28 Jun 2002 03:44:09 +0200
+
+jabber (1.4.2a-2) unstable; urgency=high
+
+ * added jabber-dev patch from Jason Thomas (Closes: Bug #97576)
+ * allowed plain authentication since it is needed for creating users
+ (Closes: Bug #138530)
+ * added minimum required versin to libssl09 (Closes: Bug #145927)
+
+ -- Bernd Eckenfels <ecki@debian.org> Sat, 25 May 2002 19:23:27 +0200
+
+jabber (1.4.2a-1.1) unstable; urgency=low
+
+ * NMU
+ * Fix hppa problems. Closes: #142194
+
+ -- LaMont Jones <lamont@debian.org> Sun, 21 Apr 2002 21:49:39 -0600
+
+jabber (1.4.2a-1) unstable; urgency=high
+
+ * repackaged new upstream version with libpth-1.4.0
+ * build package with included libpth (Closes: #139797)
+ * added call to distclean for the pth-1.4.0 subdir
+
+ -- Bernd Eckenfels <ecki@debian.org> Sun, 7 Apr 2002 19:45:50 +0200
+
+jabber (1.4.2-3) unstable; urgency=low
+
+ * fixed reload pid location (Closes: #134525)
+ NOTE: change this in jabber.xml to /var/run/jabber/jabber.pid
+ * fixed homedir (Closes: #134293)
+ * added qualified path to record.log (failure on startup) (Closes: #134529)
+ * thanks to Jason Thomas for patches!
+
+ -- Bernd Eckenfels <ecki@debian.org> Mon, 18 Feb 2002 04:22:36 +0100
+
+jabber (1.4.2-2) unstable; urgency=low
+
+ * fixed section
+
+ -- Bernd Eckenfels <ecki@debian.org> Mon, 11 Feb 2002 05:21:24 +0100
+
+jabber (1.4.2-1) unstable; urgency=low
+
+ * new upstream version
+ * enabled ssl build (Closes: Bug #99313)
+ * rebuild with libpth14 installed (Closes: Bug #129098)
+ * removed hostnae "localhost" from welcome message
+ * made -g depending on DEB_BUILD_OPTION, use dh_strip to strip (naked?)
+
+ -- Bernd Eckenfels <ecki@debian.org> Fri, 8 Feb 2002 23:23:10 +0100
+
+jabber (1.4.1-2) unstable; urgency=low
+
+ * added manpage from Jeronimo Pellegrini
+ * upload to non-US because of SSL support
+
+ -- Bernd Eckenfels <ecki@debian.org> Tue, 4 Dec 2001 00:33:34 +0100
+
+jabber (1.4.1-1) unstable; urgency=low
+
+ * now upstream version (Closes: #109541)
+ * Description already fixed (Closes: #78977)
+ * added undocumented link for jabberd as requested in #82647, #94408
+ * more recent standards version
+ * added note about not adding line breaks in <spool> (Closes: #109056)
+
+ -- Bernd Eckenfels <ecki@debian.org> Fri, 14 Sep 2001 05:02:59 +0200
+
+jabber (1.4-2) unstable; urgency=low
+
+ * Non-NMU
+ * removed suidregister
+
+ -- Bernd Eckenfels <ecki@debian.org> Sun, 18 Mar 2001 02:52:17 +0100
+
+jabber (1.4-1.1) unstable; urgency=low
+
+ * NMU add missing #include to jabberd/lib/lib.h (Closes: #87071).
+
+ -- Ingo Saitz <ingo@debian.org> Fri, 16 Mar 2001 22:24:13 +0000
+
+jabber (1.4-1) unstable; urgency=low
+
+ * new upstream 1.4 final. No Auto-Upgrade supplied!
+
+ -- Bernd Eckenfels <ecki@debian.org> Sun, 18 Feb 2001 17:29:35 +0100
+
+jabber (1.3pre1-1) unstable; urgency=low
+
+ * quick new repackaging of new alpha 1.4 upstream release
+
+ -- Bernd Eckenfels <ecki@debian.org> Sun, 14 Jan 2001 02:53:51 +0100
+
+jabber (1.2-4) unstable; urgency=low
+
+ * xml error in sample config file fixed
+
+ -- Bernd Eckenfels <ecki@debian.org> Wed, 13 Dec 2000 17:54:38 +0100
+
+jabber (1.2-3) unstable; urgency=low
+
+ * fixed default option for hostname, so localhost is completely
+ overwritten with -h
+ * fixed patch (type in configure noticed by Chad)
+ * replace jabber-transport
+ * fixed the layout of the package description (Closes bug: #78977)
+
+ -- Bernd Eckenfels <ecki@debian.org> Mon, 11 Dec 2000 10:56:02 +0100
+
+jabber (1.2-2) unstable; urgency=low
+
+ * added log and spool dir, moved .so files to lib, first working version
+
+ -- Bernd Eckenfels <ecki@debian.org> Tue, 5 Dec 2000 01:35:15 +0100
+
+jabber (1.2-1) unstable; urgency=low
+
+ * renamed jabber-transport to jabber (new upstream)
+
+ -- Bernd Eckenfels <ecki@debian.org> Mon, 6 Nov 2000 23:39:49 +0100
+
+Local variables:
+mode: debian-changelog
+End:
--- jabberd14-1.6.1.1.orig/debian/jabberd14.postrm
+++ jabberd14-1.6.1.1/debian/jabberd14.postrm
@@ -0,0 +1,32 @@
+#! /bin/sh
+# postrm script for jabberd14
+#
+# see: dh_installdeb(1)
+
+set -e
+
+if [ "$1" = "purge" ] ; then
+ # Remove on-install generated dhparams.pem file.
+ rm -f /etc/jabber/dhparams.pem
+ # Remove potentially empty direcotries if they exist.
+ DIRS="/etc/jabber /var/run/jabberd"
+ for DIR in $DIRS; do
+ if [ -d $DIR ]; then
+ rmdir --ignore-fail-on-non-empty $DIR
+ fi
+ done
+
+ # Remote the jabberd system account.
+ if [ -x "$(command -v deluser)" ]; then
+ deluser --quiet --system jabberd > /dev/null || true
+ else
+ echo >&2 "Not removing jabberd system account because deluser command was not found"
+ fi
+fi
+
+# dh_installdeb will replace this with shell code automatically
+# generated by other debhelper scripts.
+
+#DEBHELPER#
+
+exit 0
--- jabberd14-1.6.1.1.orig/debian/watch
+++ jabberd14-1.6.1.1/debian/watch
@@ -0,0 +1,2 @@
+version=3
+http://download.jabberd.org/jabberd14/jabberd14-(.*)\.tar\.gz
--- jabberd14-1.6.1.1.orig/debian/jabberd14.examples
+++ jabberd14-1.6.1.1/debian/jabberd14.examples
@@ -0,0 +1 @@
+jabber.xml.dist
--- jabberd14-1.6.1.1.orig/debian/jabberd14.postinst
+++ jabberd14-1.6.1.1/debian/jabberd14.postinst
@@ -0,0 +1,72 @@
+#! /bin/sh
+# postinst script for jabberd14
+#
+# see: dh_installdeb(1)
+
+set -e
+
+# summary of how this script can be called:
+# * <postinst> `configure' <most-recently-configured-version>
+# * <old-postinst> `abort-upgrade' <new version>
+# * <conflictor's-postinst> `abort-remove' `in-favour' <package>
+# <new-version>
+# * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
+# <failed-install-package> <version> `removing'
+# <conflicting-package> <version>
+# for details, see http://www.debian.org/doc/debian-policy/ or
+# the debian-policy package
+#
+# quoting from the policy:
+# Any necessary prompting should almost always be confined to the
+# post-installation script, and should be protected with a conditional
+# so that unnecessary prompting doesn't happen if a package's
+# installation fails and the `postinst' is called with `abort-upgrade',
+# `abort-remove' or `abort-deconfigure'.
+
+case "$1" in
+ configure)
+ # Create the jabber system account.
+ adduser --system \
+ --quiet \
+ --disabled-password \
+ --no-create-home \
+ --home "/var/run/jabberd" \
+ --gecos "Jabberd14 daemon" \
+ --group jabberd
+
+ # Correct the permissions.
+ chown jabberd:jabberd /etc/jabber/jabber.xml
+ # content of /var/lib/jabber is copied to /var/spool/jabberd only if
+ # latter doesn't exist or is a empty directory
+ if ( ! [ -e /var/spool/jabberd ] || \
+ [ $(find /var/spool/jabberd -empty) ] ) && [ -d /var/lib/jabber ]; then
+ cp -a /var/lib/jabber/* /var/spool/jabberd
+ fi
+ chown -R jabberd:jabberd /var/spool/jabberd/
+ chown -R jabberd:jabberd /var/log/jabberd/
+ chmod 0750 /var/log/jabberd/
+ chmod 0640 /etc/jabber/jabber.xml
+ # Create dhparams.pem file if it doesn't exist yet.
+ if [ ! -e /etc/jabber/dhparams.pem ]; then
+ openssl dhparam 1024 > /etc/jabber/dhparams.pem
+ fi
+ ;;
+
+ abort-upgrade|abort-remove|abort-deconfigure)
+
+ ;;
+
+ *)
+ echo "postinst called with unknown argument \`$1'" >&2
+ exit 1
+ ;;
+esac
+
+# dh_installdeb will replace this with shell code automatically
+# generated by other debhelper scripts.
+
+#DEBHELPER#
+
+exit 0
+
+
--- jabberd14-1.6.1.1.orig/debian/rules
+++ jabberd14-1.6.1.1/debian/rules
@@ -0,0 +1,19 @@
+#!/usr/bin/make -f
+#
+# CDBS file to build the jabber package.
+
+# Uncomment this to turn on verbose mode.
+#export DH_VERBOSE=1
+
+include /usr/share/cdbs/1/rules/debhelper.mk
+include /usr/share/cdbs/1/class/autotools.mk
+include /usr/share/cdbs/1/rules/dpatch.mk
+
+DEB_CONFIGURE_SCRIPT_ENV := LDFLAGS="-Wl,--as-needed"
+DEB_CONFIGURE_EXTRA_FLAGS := --enable-ipv6 --sysconfdir=/etc/jabber \
+ --libdir=/usr/lib/jabberd14
+DEB_DH_MAKESHLIBS_ARGS_jabberd14 = -X/usr/lib/jabberd14
+
+# By default install the jabber.xml configuration for a file-based XDB.
+install/jabberd14::
+ cp debian/jabber.xml.xdb_file $(CURDIR)/debian/tmp/etc/jabber/jabber.xml
--- jabberd14-1.6.1.1.orig/debian/libjabberd2-dev.install
+++ jabberd14-1.6.1.1/debian/libjabberd2-dev.install
@@ -0,0 +1,2 @@
+debian/tmp/usr/include/jabber*.h
+debian/tmp/usr/lib/jabberd14/libjabberd.so /usr/lib
--- jabberd14-1.6.1.1.orig/debian/README.source
+++ jabberd14-1.6.1.1/debian/README.source
@@ -0,0 +1,5 @@
+This package uses dpatch to manage all modifications to the upstream
+source. Changes are stored in the source package as diffs in
+debian/patches and applied during the build.
+
+See /usr/share/doc/dpatch/README.source.gz for a detailed explanation.
--- jabberd14-1.6.1.1.orig/debian/jabberd14.docs
+++ jabberd14-1.6.1.1/debian/jabberd14.docs
@@ -0,0 +1,7 @@
+NEWS
+README*
+UPGRADE
+mysql.sql
+pgsql_createdb.sql
+xdb_postgresql.xml
+debian/NEWS.Debian
--- jabberd14-1.6.1.1.orig/debian/jabberd14.dirs
+++ jabberd14-1.6.1.1/debian/jabberd14.dirs
@@ -0,0 +1,4 @@
+etc/jabber
+usr/lib/jabberd14
+var/spool/jabberd
+var/log/jabberd
--- jabberd14-1.6.1.1.orig/debian/control
+++ jabberd14-1.6.1.1/debian/control
@@ -0,0 +1,86 @@
+Source: jabberd14
+Section: net
+Priority: optional
+Maintainer: Miguel Landaeta <miguel@miguel.cc>
+Standards-Version: 3.8.3
+Build-Depends: debhelper (>= 5), cdbs, pkg-config, libpth-dev (>= 2.0.0),
+ libgnutls-dev (>= 2.1.6), libexpat1-dev (>= 1.95.6),
+ libpopt-dev, libidn11-dev, dpatch (>= 2.0.21),
+ libmysqlclient-dev, libpq-dev (>= 8.1.15),
+ libtasn1-3-dev (>= 2.3), libgcrypt11-dev (>= 1.4.4)
+Homepage: http://jabberd.org/
+Vcs-Browser: http://git.debian.org/?p=collab-maint/jabberd14.git
+Vcs-Git: git://git.debian.org/collab-maint/jabberd14.git
+
+Package: jabber
+Depends: jabberd14, ${misc:Depends}
+Architecture: all
+Description: Transitional package for jabber rename
+ Package to ease upgrading from older jabber packages
+ to the new jabberd14 package.
+ .
+ This package can be purged at anytime once the jabberd14
+ package has been installed.
+
+Package: jabberd14
+Architecture: any
+Depends: adduser, lsb-base (>= 3.0-6), openssl,
+ libjabberd2 (= ${binary:Version}), ${shlibs:Depends},
+ ${misc:Depends}
+Conflicts: jabber-aim (<= 20030314-6), jabber-jit (<= 1.1.6-6),
+ jabber-jud (<= 0.4-7), jabber-muc (<= 0.5.2-6),
+ jabber-msn (<= 1.2.1-1.2.8rc1-1), jabber-yahoo (<= 2.2.0-1),
+ jabberd14-dev (<< ${source:Version}), jabber (<< 1.6.1.1-1)
+Replaces: jabber-transport, jabber-1.4, jabber (<< 1.6.1.1-1)
+Provides: jabber-transport, jabber-1.4, jabber
+Description: Instant messaging server using the Jabber/XMPP protocol
+ Jabber is a Free Instant Messaging System.
+ .
+ In this package you will find jabberd14, a message transport server
+ based on an XML Message Routing Infrastructure.
+ .
+ All this high-tech is simply used to provide you with your own IM Server.
+ See http://www.jabberd.org/ for more details.
+ .
+ Jabber supports connecting to AIM, ICQ, IRC, MSN and a lot of others, so
+ you can use all available IM systems from one client.
+ .
+ This package does not provide a Jabber/XMPP client. Some clients are
+ compared at http://en.wikipedia.org/wiki/List_of_Jabber_client_software
+
+Package: libjabberd2-dev
+Section: libdevel
+Architecture: any
+Depends: libjabberd2 (= ${binary:Version}), ${shlibs:Depends}, ${misc:Depends}
+Conflicts: jabberd14 (<< ${source:Version})
+Description: Development files for the Jabber/XMPP instant messaging server
+ Jabber is a Free Instant Messaging System.
+ .
+ In this package you will find the jabberd14 headers needed for building
+ jabberd14 plugins e.g. transports.
+ .
+ All this high-tech is simply used to provide you with your own IM Server.
+ See http://www.jabberd.org/ for more details.
+ .
+ Jabber supports connecting to AIM, ICQ, IRC, MSN and a lot of others, so
+ you can use all available IM systems from one client.
+
+Package: libjabberd2
+Section: libs
+Architecture: any
+Depends: ${shlibs:Depends}, ${misc:Depends}
+Conflicts: jabberd14 (<< ${source:Version})
+Description: Runtime library for the Jabber/XMPP instant messaging server
+ Jabber is a Free Instant Messaging System.
+ .
+ In this package you will find the runtime library for jabberd14, a message
+ transport server based on an XML Message Routing Infrastructure.
+ .
+ All this high-tech is simply used to provide you with your own IM Server.
+ See http://www.jabberd.org/ for more details.
+ .
+ Jabber supports connecting to AIM, ICQ, IRC, MSN and a lot of others, so
+ you can use all available IM systems from one client.
+ .
+ This package does not provide a Jabber/XMPP client. Some clients are
+ compared at http://en.wikipedia.org/wiki/List_of_Jabber_client_software
--- jabberd14-1.6.1.1.orig/debian/libjabberd2.install
+++ jabberd14-1.6.1.1/debian/libjabberd2.install
@@ -0,0 +1 @@
+debian/tmp/usr/lib/jabberd14/libjabberd.so.* usr/lib
--- jabberd14-1.6.1.1.orig/debian/jabberd14.init
+++ jabberd14-1.6.1.1/debian/jabberd14.init
@@ -0,0 +1,104 @@
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: jabberd14
+# Required-Start: $local_fs $syslog
+# Required-Stop: $local_fs $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Jabber/XMPP server
+# Description: Jabberd14 is the original server implementation of the
+# Jabber protocol, now known as XMPP.
+### END INIT INFO
+#
+# Init script to start the Jabberd14 daemon
+#
+# Created from Bernd Eckenfels <ecki@lina.inka.de>
+#
+# Written by Miquel van Smoorenburg <miquels@cistron.nl>.
+# Modified for Debian GNU/Linux
+# by Ian Murdock <imurdock@gnu.ai.mit.edu>.
+#
+# LSBized by Paul van Tilburg <paulvt@debian.org>
+#
+# Version: @(#)skeleton 1.8 03-Mar-1998 miquels@cistron.nl
+#
+# This file was automatically customized by dh-make on Sun, 21 May 2000 12:31:20 +0200
+
+PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
+DAEMON=/usr/sbin/jabberd
+NAME="jabberd14"
+DESC="Jabber/XMPP server"
+CONF=/etc/jabber/jabber.xml
+PID=/var/run/jabberd/jabber.pid
+SERVDIR=/etc/jabber/jabber.d/
+
+test -f $DAEMON -a -f $CONF || exit 0
+
+. /lib/lsb/init-functions
+
+# Set some parameters like the hostname.
+ENABLED=1
+PARAMS=""
+if test -f /etc/default/jabberd14; then
+ . /etc/default/jabberd14
+fi
+
+# Don't start if disabled!
+test "$ENABLED" != "0" || exit 0
+
+case "$1" in
+ start)
+ if ! [ -d $(dirname $PID) ]; then
+ mkdir -p -m 0755 $(dirname $PID)
+ chown jabberd:jabberd $(dirname $PID)
+ fi
+ if [ -e $PID ]; then
+ PIDDIR=/proc/$(cat $PID)
+ if [ -d ${PIDDIR} -a "$(readlink -f ${PIDDIR}/exe)" = "${DAEMON}" ]; then
+ log_success_msg "$DESC already started; not starting."
+ exit
+ else
+ log_success_msg "Removing stale PID file $PID."
+ rm -f $PIDFILE
+ fi
+ fi
+
+ log_daemon_msg "Starting $DESC" "$NAME"
+ start-stop-daemon --start --quiet --pidfile $PID \
+ --chuid jabberd:jabberd --exec $DAEMON -- --background $PARAMS
+ log_end_msg $?
+ if [ -d $SERVDIR ]; then
+ run-parts --arg=$1 $SERVDIR || true
+ fi
+ ;;
+ stop)
+ if [ -d $SERVDIR ]; then
+ run-parts --reverse --arg=$1 $SERVDIR || true
+ fi
+ log_daemon_msg "Stopping $DESC" "$NAME"
+ start-stop-daemon --stop --retry 5 --quiet --oknodo --pidfile $PID \
+ --chuid jabberd:jabberd --exec $DAEMON
+ log_end_msg $?
+ rm -f $PID
+ ;;
+ reload|force-reload)
+ log_action_begin_msg "Reloading $DESC" "$NAME"
+ start-stop-daemon --stop --signal 1 --quiet -pidfile $PID \
+ --chuid jabberd:jabberd --exec $DAEMON
+ log_action_end_msg $?
+ if [ -d $SERVDIR ]; then
+ run-parts --arg=$1 $SERVDIR || true
+ fi
+ ;;
+ restart)
+ $0 stop
+ $0 start
+ ;;
+ *)
+ N=/etc/init.d/$NAME
+ echo "Usage: $N {start|stop|restart|reload|force-reload}" >&2
+ exit 1
+ ;;
+esac
+
+exit 0
--- jabberd14-1.6.1.1.orig/debian/jabberd14.install
+++ jabberd14-1.6.1.1/debian/jabberd14.install
@@ -0,0 +1,7 @@
+debian/tmp/etc/jabber/*
+debian/tmp/usr/bin/jabberd usr/sbin
+debian/tmp/usr/bin/xdbfiletool
+debian/tmp/usr/lib/jabberd14/libjabberd?*.so*
+debian/tmp/usr/share/man/man5/jabber.xml.5
+debian/tmp/usr/share/man/man8/jabberd.8
+debian/tmp/usr/share/locale/*
--- jabberd14-1.6.1.1.orig/debian/copyright
+++ jabberd14-1.6.1.1/debian/copyright
@@ -0,0 +1,46 @@
+Format-Specification: http://wiki.debian.org/Proposals/CopyrightFormat
+Upstream-Name: jabberd14
+Upstream-Maintainer: Matthias Wimmer <m@tthias.eu>
+Upstream-Source: http://download.jabberd.org/jabberd14/
+
+Files: *
+Copyright: Copyright 1999-2002, Jabber.com, Inc.
+Copyright: Copyright 1998-1999, Jeremie Miller <jeremie@jabber.org>
+Copyright: Copyright 2006-2007, Matthias Wimmer <m@tthias.eu>
+License: GPL-2+
+ On Debian systems the full text of the GNU General Public License can be found
+ in the `/usr/share/common-licenses/GPL' file.
+
+Files: debian/*
+Copyright: Copyright 2000-2002, Bernd Eckenfels <ecki@debian.org>
+Copyright: Copyright 2002-2004, Jamin W. Collins <jcollins@asgardsrealm.net>
+Copyright: Copyright 2006, Sergei Golovan <sgolovan@nes.ru>
+Copyright: Copyright 2006, Andreas Barth <aba@not.so.argh.org>
+Copyright: Copyright 2007, Steve Langasek <vorlon@debian.org>
+Copyright: Copyright 2007, Steinar H. Gunderson <sesse@debian.org>
+Copyright: Copyright 2008, Peter Eisentraut <petere@debian.org>
+Copyright: Copyright 2008, Paul van Tilburg <paulvt@debian.org>
+Copyright: Copyright 2008, Aurelien Jarno <aurel32@debian.org>
+Copyright: Copyright 2008-2009, Miguel Landaeta <miguel@miguel.cc>
+License: GAP
+ Copying and distribution of this package, with or without modification, are
+ permitted in any medium without royalty provided the copyright notice and this
+ notice are preserved.
+
+Files: jabberd/gcrypt_init.c, jabberd/base/base_dir.cc,
+ jabberd/base/base_importspool.cc, jabberd/base/base_syslog.cc,
+ jabberd/base/base_unsubscribe.cc, jabberd/lib/crc32.cc,
+ jabberd/lib/hash.cc, jabberd/lib/hmac.cc, jabberd/lib/messages.cc,
+ jsm/serialization.cc, jsm/modules/mod_ping.cc, jsm/modules/mod_privacy.cc,
+ jsm/modules/mod_stat.cc, jsm/modules/mod_useridpolicy.cc,
+ xdb_file/xdbfiletool.cc, xdb_sql/xdb_sql.cc
+Copyright: Copyright 2006-2007, Matthias Wimmer <m@tthias.eu>
+License: GPL-2+
+ On Debian systems the full text of the GNU General Public License can be found
+ in the `/usr/share/common-licenses/GPL' file.
+
+Files: jabberd/subjectAltName_asn1_tab.c
+Copyright: Copyright 2008, GnuTLS
+License: LGPL-2+
+ On Debian systems the full text of the GNU Library General Public License can
+ be found in the `/usr/share/common-licenses/LGPL-2' file.
--- jabberd14-1.6.1.1.orig/debian/compat
+++ jabberd14-1.6.1.1/debian/compat
@@ -0,0 +1 @@
+5
--- jabberd14-1.6.1.1.orig/debian/jabberd14.default
+++ jabberd14-1.6.1.1/debian/jabberd14.default
@@ -0,0 +1,16 @@
+# This is a configuration file for /etc/init.d/jabberd14; it allows you to
+# perform common modifications to the behavior of the jabberd14 daemon
+# startup without editing the init script (and thus getting prompted by
+# dpkg on upgrades). We all love dpkg prompts.
+
+# (which is then passed to jabberd in the -h switch)
+HOSTNAME=localhost
+
+# (which is passed to jabberd in the -s switch)
+SPOOL=/var/spool/jabberd
+
+# Paramaters to pass to jabberd.
+PARAMS="-h $HOSTNAME -s $SPOOL"
+
+# Whether or not to start the Jabber/XMPP server; set to 0 to disable.
+ENABLED=1
--- jabberd14-1.6.1.1.orig/debian/jabber.xml.xdb_file
+++ jabberd14-1.6.1.1/debian/jabber.xml.xdb_file
@@ -0,0 +1,1017 @@
+<?xml version="1.0"?>
+<jabber xmlns:jabberd="http://jabberd.org/ns/configfile/replace" xmlns="http://jabberd.org/ns/configfile" xmlns:acl="http://jabberd.org/ns/acl">
+
+ <!-- This is the Jabber server configuration file. The file is broken -->
+ <!-- into different sections based on the services being managed by -->
+ <!-- jabberd, the server daemon. Most of the important sections have -->
+ <!-- comments and are easy to modify. -->
+ <!-- -->
+ <!-- The options here should be self-explaining if you read the -->
+ <!-- comments, that are in this file. More available configuration -->
+ <!-- options can be found in the manual page jabber.xml (5). -->
+ <!-- -->
+ <!-- The following tags in this configuration file have special -->
+ <!-- meaning: -->
+ <!-- -->
+ <!-- jabberd:include -->
+ <!-- Used to include other (XML) configuration files. The -->
+ <!-- included file should have the parent element of the -->
+ <!-- jabberd:include element as its root element (including the -->
+ <!-- same namespace!). In that case the parent element is not -->
+ <!-- included, but only its child elements. -->
+ <!-- In case that the included file has a different parent -->
+ <!-- element, the whole file (including the parent element) is -->
+ <!-- included. -->
+ <!-- -->
+ <!-- jabberd:cmdline -->
+ <!-- This can be used to replace values in the configuration -->
+ <!-- file, by values passed at the command line of jabberd. The -->
+ <!-- flag attribute of this element selects which command line -->
+ <!-- option is used for replacement. E.g. the command line option -->
+ <!-- '-x h:example.com' will set how -->
+ <!-- <jabberd:cmdline flag='h'>...</jabberd:cmdline> -->
+ <!-- gets replaced. -->
+ <!-- If no such option is passed on the command line, the element -->
+ <!-- will get replaced by its textual content in the -->
+ <!-- configuration file (in this case this would be '...'). -->
+ <!-- -->
+ <!-- The '-h foo' command line option is a short-hand for -->
+ <!-- '-x h:foo'. -->
+ <!-- The '-s foo' command line option is a short-hand for -->
+ <!-- '-x s:foo'. -->
+ <!-- -->
+ <!-- All text in this configuration file has to be encoded using the -->
+ <!-- UTF-8 charset, therefore you can place any character in this -->
+ <!-- configuration file as long as it is encoded correctly. -->
+ <!-- ASCII is a sub-set of UTF-8. Therefore you can also place any -->
+ <!-- ASCII string in this configuration file. -->
+ <!-- -->
+ <!-- Note as you comment things in and out that jabberd (and XML in -->
+ <!-- general) does not like comments within comments, so be careful -->
+ <!-- with your XML. :) -->
+ <!-- -->
+ <!-- If your configuration file is not working as expected, use an -->
+ <!-- XML validator to check your configuration file. E.g. you can -->
+ <!-- just use Firefox to open this file; or use 'xmllint jabber.xml' -->
+ <!-- to check this file. -->
+
+
+ <!-- The following <service/> section is for the session manager, the -->
+ <!-- most important component within the server. This section -->
+ <!-- contains the following types of information: -->
+ <!-- -->
+ <!-- * the server's hostname -->
+ <!-- * other basic server information -->
+ <!-- * the location of the session log file -->
+ <!-- * registration instructions for new users -->
+ <!-- * a welcome message for new users -->
+ <!-- * a list of agents with which users can register -->
+ <!-- * load rules for the modules within the session manager -->
+
+ <service id="sessions.localhost">
+
+ <!-- Replace all occurrences of "localhost" in this file by the -->
+ <!-- hostname of your Jabber server. Be aware changing the server's -->
+ <!-- name is all but impossible once users start to use the server. -->
+ <!-- So choose a name that is permanent (especially no Intranet -->
+ <!-- hostnames). -->
+ <!-- -->
+ <!-- Please do also not use IP addresses as your server name. Most -->
+ <!-- likely you will get into troubles sooner or later by using -->
+ <!-- them as your server name. And also it is not very convenient -->
+ <!-- to use them, as the server name is always part of a user's -->
+ <!-- address. You cannot just use the username as a Jabber address. -->
+ <!-- You always have to send your messages to 'username@domain'. -->
+ <!-- -->
+ <!-- Multiple <host/> entries are allowed - each one is for a -->
+ <!-- separate virtual server. (I.e. multiple domains do NOT share -->
+ <!-- the userbase.) -->
+ <!-- -->
+ <!-- Note: There must be no whitespace between the start and the -->
+ <!-- end tag of the host element. -->
+
+ <host><jabberd:cmdline flag="h">localhost</jabberd:cmdline></host>
+
+ <jsm xmlns="jabber:config:jsm">
+
+ <!-- The server's vCard is returned by the server, if a user -->
+ <!-- requests to get some information about the server. Having a -->
+ <!-- vCard is not required, but you can put here some basic -->
+ <!-- information about your server. -->
+ <!-- -->
+ <!-- If you want to return different vCards depending on the -->
+ <!-- language of the user, you can add multiple cards here and -->
+ <!-- use the xml:lang attribute to tell the server which one to -->
+ <!-- use for which language. -->
+ <!-- If the server has no vCard of the requested language, it -->
+ <!-- will send back the first vCard. -->
+
+ <vCard xmlns="vcard-temp" xml:lang="en">
+ <FN>jabberd14 server</FN>
+ <DESC>A Jabber Server using jabberd14!</DESC>
+ <URL>http://jabberd.org/</URL>
+ </vCard>
+
+ <vCard xmlns="vcard-temp" xml:lang="de">
+ <FN>jabberd14-Server</FN>
+ <DESC>Ein Jabber-Server, der jabberd14 benutzt.</DESC>
+ <URL>http://jabberd.org/</URL>
+ </vCard>
+
+ <!-- With the <register/> element, you configure which fields -->
+ <!-- a Jabber client is required to send when registering an user -->
+ <!-- account on your server. -->
+ <!-- When you add the notify attribute with a value of 'yes' to -->
+ <!-- the <register/> element, all administrators (users with the -->
+ <!-- acl right 'adminmsg') will get a notification message, when -->
+ <!-- a new user has registered. -->
+ <!-- -->
+ <!-- In contrast to older versions of jabberd14, this version now -->
+ <!-- checks that all requested fields are returned (as required -->
+ <!-- by XEP-0077). Some clients (e.g. Psi) have problems with -->
+ <!-- this, as they do not request the list of required fields -->
+ <!-- before submitting the registration request. -->
+ <!-- To allow also these clients, that do not conform to XEP-0077 -->
+ <!-- to register with your server, either implement registration -->
+ <!-- of accounts on your web-site, or configure your server to -->
+ <!-- only request (require) a username (i.e. remove the <name/> -->
+ <!-- and the <email/> element in the configuration below). -->
+ <!-- -->
+ <!-- If you want to allow inband-registration, you have to -->
+ <!-- request at least one element (e.g. just the <username/> -->
+ <!-- element). If you remove all requested elements, jabberd14 -->
+ <!-- will not allow inband registration, but will still reply -->
+ <!-- to registration get requests. (I.e. you can then use the -->
+ <!-- content of the <instructions/> element to give additional -->
+ <!-- information on why registration is not possible, or you can -->
+ <!-- use it to redirect the client to a web page, where account -->
+ <!-- registration is possible. -->
+
+ <!-- The following example requests the user to enter his real -->
+ <!-- name and an email address. The server checks, that both -->
+ <!-- fields are returned, but does not check their content (i.e. -->
+ <!-- even empty content is acceptable). -->
+ <register xmlns="jabber:iq:register" notify="yes">
+ <instructions>Choose a username and password to register with this server.</instructions>
+ <username/>
+ <name/>
+ <email/>
+ </register>
+
+ <!-- Other possible configurations: -->
+
+ <!-- The following example is compatible with the Psi Jabber -->
+ <!-- client and other clients, that are not XEP-0077 conformant. -->
+ <!-- You should use this configuration example, if you want to be -->
+ <!-- as compatible as possible, but you won't get the email -->
+ <!-- addresses of your users, that might be very helpful if they -->
+ <!-- forget their password and request a new one. -->
+ <!--
+ <register notify="yes" xmlns='jabber:iq:register'>
+ <instructions>Choose a username and password to register with this server.</instructions>
+ <username/>
+ </register>
+ -->
+
+ <!-- Do not allow inband-registration, but return the location of -->
+ <!-- a webpage, that allows the user to register an account: -->
+ <!--
+ <register xmlns='jabber:iq:register'>
+ <instructions>Please use our web-site to register this service.</instructions>
+ <x xmlns='jabber:x:oob'><url>http://example.com/register/</url></x>
+ </register>
+ -->
+
+ <!-- The following configuration does allow inband-registration, -->
+ <!-- but sends a URL pointing to an alternative registration page -->
+ <!-- to the client as well. -->
+ <!--
+ <register notify="yes" xmlns='jabber:iq:register'>
+ <instructions>Choose a username and password to register with this server.</instructions>
+ <username/>
+ <name/>
+ <email/>
+ <x xmlns='jabber:x:oob'><url>http://example.com/register/</url></x>
+ </register>
+ -->
+
+ <!-- After a user deletes his account on your server, the Jabber -->
+ <!-- address of this deleted account keeps getting reserved for -->
+ <!-- half a year. -->
+ <!-- With the following configuration option, you can change -->
+ <!-- duration which which deleted user accounts are blocked. -->
+ <!-- When you set this to '-1', unregistered accounts are blocked -->
+ <!-- forever. When you set this to '0', unregistered accounts -->
+ <!-- are not blocked at all and can be reregistered immediatelly. -->
+ <!-- All other values are interpreted as seconds. -->
+ <!-- -->
+ <!-- If you want to unblock an account manually, you just have -->
+ <!-- to remove the correspondant entry from the 'last' SQL table. -->
+ <regtimeout timeout="15768000"/>
+
+ <!-- The following configures a welcome note, that is sent to -->
+ <!-- every new user who registeres with your server (using -->
+ <!-- inband-registration of course). -->
+ <!-- -->
+ <!-- You can have multiple <welcome/> elements for different -->
+ <!-- languages. Put the default, that is sent whenever the server -->
+ <!-- has no message of the user's language at the first position. -->
+ <!-- -->
+ <!-- If you have no welcome note in your configuration file, no -->
+ <!-- welcome notes will be sent to your users. -->
+ <welcome xmlns="jabber:server" xml:lang="en">
+ <subject>Welcome!</subject>
+ <body>Welcome to the Jabber server at localhost -- we hope you enjoy this service!</body>
+ </welcome>
+
+ <welcome xmlns="jabber:server" xml:lang="de">
+ <subject>Herzlich Willkommen!</subject>
+ <body>Willkommen auf dem Jabberserver auf localhost -- wir hoffen Sie mögen diesen Dienst!</body>
+ </welcome>
+
+ <!-- With the <nounregister/> element, you can configure the -->
+ <!-- server to not allow deleting accounts. You might want to use -->
+ <!-- this, if other data is bound to the registration data and -->
+ <!-- therefore registration data should not get lost, or if you -->
+ <!-- want to do account deletion on your web-site instead. -->
+ <!-- -->
+ <!-- If you don't like the default error message jabberd14 is -->
+ <!-- returning, you can add a customized error message as a text -->
+ <!-- child node to this element. In that case you might want to -->
+ <!-- have multiple <nounregister/> elements with different values -->
+ <!-- of the xml:lang attribute. -->
+ <!--
+ <nounregister/>
+ -->
+
+ <!-- With the <noregistrationchange/> element you can configure -->
+ <!-- the server not to process registration data changes after -->
+ <!-- the user has been sucessfully registered. -->
+ <!-- You might want to use this, if your users are not allowed to -->
+ <!-- change the data using their Jabber client, e.g. because you -->
+ <!-- want them to change this data on your web-site to be able -->
+ <!-- to verify e-mail addresses of your users. -->
+ <!-- -->
+ <!-- If you don't like the default error message jabberd14 is -->
+ <!-- returning, you can add a customized error message as a text -->
+ <!-- child node to this element. In that case you might want to -->
+ <!-- have multiple <nounregister/> elements with different values -->
+ <!-- of the xml:lang attribute. -->
+ <!--
+ <noregistrationchange/>
+ -->
+
+ <!-- With the <nopasswordchange/> element you can configure -->
+ <!-- the server not to process password changes after the user -->
+ <!-- has been sucessfully registered. -->
+ <!-- You might want to use this, if your users are not allowed to -->
+ <!-- change the data using their Jabber client, e.g. because you -->
+ <!-- want them to change this data on your web-site to be able -->
+ <!-- to ensure a password policy. -->
+ <!-- -->
+ <!-- If you don't like the default error message jabberd14 is -->
+ <!-- returning, you can add a customized error message as a text -->
+ <!-- child node to this element. In that case you might want to -->
+ <!-- have multiple <nounregister/> elements with different values -->
+ <!-- of the xml:lang attribute. -->
+ <!--
+ <nopasswordchange/>
+ -->
+
+ <!-- With the <reply/> elements inside the <admin/> element, you -->
+ <!-- can set a message, that is returned to a user, whenever it -->
+ <!-- sents a message to the bare server's address. -->
+ <!-- If the server receives such a message, it does forward it -->
+ <!-- to all users having the 'adminmsg' acl right. -->
+ <!-- -->
+ <!-- You can have multiple <reply/> elements inside the <admin/> -->
+ <!-- element, to configure replies in different languages. -->
+ <admin>
+ <reply xml:lang='en' xmlns='jabber:server'>
+ <subject>Auto Reply</subject>
+ <body>This is a special administrative address. Your message was received and forwarded to server administrators.</body>
+ </reply>
+
+ <reply xml:lang='de' xmlns='jabber:server'>
+ <subject>Automatische Antwort</subject>
+ <body>Dies ist eine spezielle Administrationsadresse. Ihre Nachricht wurde empfangen und an die Server-Administratoren weitergeleitet.</body>
+ </reply>
+ </admin>
+
+ <!-- The following setting enables the server to automatically -->
+ <!-- update a user's registration with the first user directory -->
+ <!-- configured in the <browse/> section below, whenever the user -->
+ <!-- updates his vcard. -->
+ <!-- If you do not want to use this feature (e.g. because your -->
+ <!-- server is intranet-only and you do not operate your own -->
+ <!-- user's directory), you can just comment out or remove this -->
+ <!-- element. -->
+ <vcard2jud/>
+
+ <!-- The <browse/> element configures the services that a server -->
+ <!-- announces to its clients. -->
+ <!-- Note that this only configures which services are announced, -->
+ <!-- if these services should be working, they must exist either -->
+ <!-- on a foreign Jabber server, or you have to configure these -->
+ <!-- services elsewhere in your configuration with their own -->
+ <!-- <service/> element. -->
+ <!-- -->
+ <!-- If you want to announce different services (or maybe just -->
+ <!-- different names for your services) to your users depending -->
+ <!-- on their language, you can place multiple <browse/> elements -->
+ <!-- here, each having a different value of the xml:lang -->
+ <!-- attribute. -->
+ <!-- -->
+ <!-- For possible values of the category and type attribute of -->
+ <!-- the <item/> element, please see -->
+ <!-- http://www.xmpp.org/registrar/disco-categories.html -->
+ <!-- -->
+ <!-- If you want to have some service only visible for some users -->
+ <!-- you can use access control lists for that. (See the aim -->
+ <!-- transport's example below for an example.) -->
+ <!-- -->
+ <!-- In addition to the <item/>s configured below, the server -->
+ <!-- will also announce all users with the 'showasadmin' ACL -->
+ <!-- right to be an administrator of this server. -->
+ <!-- If you don't want this to happen, please to not give anybody -->
+ <!-- this ACL right. -->
+ <browse xmlns="jabber:iq:browse">
+
+ <!-- The following entry announces a reference to the global -->
+ <!-- Jabber users directory at jabber.org. -->
+ <!-- If you want to announce multiple user directories, you -->
+ <!-- can add them as multiple <item/>s. (E.g. a second -->
+ <!-- user directory, that is internal to your company.) -->
+ <!-- -->
+ <!-- If your server has no access to the public Jabber network -->
+ <!-- on the internet, you should remove the following item -->
+ <!-- as your users won't be able to use it anyway. -->
+ <item category="directory" type="user" jid="users.jabber.org" name="Jabber User Directory">
+ <ns>jabber:iq:search</ns>
+ <ns>jabber:iq:register</ns>
+ </item>
+
+ <!-- The following entry allows users with the s2s ACL right -->
+ <!-- to browse to the incoming and outgoing connections of the -->
+ <!-- server. -->
+ <item category="component" type="s2s" jid="s2s.localhost" name="connections to other servers" acl:if="s2s"/>
+
+ <!-- The following services are examples for popular transports -->
+ <!-- only. You will need to additionally install and configure -->
+ <!-- these services. See the documentation of the respective -->
+ <!-- transports for further information/instructions. -->
+
+ <!-- Example for announcing a transport/gateway to the AIM -->
+ <!-- network. -->
+ <!-- Note the acl:if attribute on the <item/> element. This -->
+ <!-- configures the server to only return this item if the -->
+ <!-- requesting user has the selected ACL right. (The -->
+ <!-- 'localusers' ACL right in this case.) -->
+ <!--
+ <item category="gateway" type="aim" jid="aim.localhost" name="AIM Transport" acl:if='localusers'>
+ <ns>jabber:iq:gateway</ns>
+ <ns>jabber:iq:register</ns>
+ </item>
+ -->
+
+ <!--
+ <item category="gateway" type="yahoo" jid="yahoo.localhost" name="Yahoo! Transport">
+ <ns>jabber:iq:gateway</ns>
+ <ns>jabber:iq:register</ns>
+ </item>
+ -->
+ </browse>
+
+ <!-- By default the server will tell Jabber clients which which -->
+ <!-- operating system and which version of it you are using. -->
+ <!-- If you consider this to be a security thread, you might -->
+ <!-- disable this feature using the following setting: -->
+ <!--
+ <mod_version>
+ <no_os_version/>
+ </mod_version>
+ -->
+
+ <!-- The following setting configures your server to store the -->
+ <!-- current presence of all online users to your SQL database. -->
+ <!-- This information is not needed by jabberd14 itself. It is -->
+ <!-- only stored there if you want to use it with other -->
+ <!-- applications, or you want to display it on your web-site. -->
+ <!-- If you do not need this information there, you can safely -->
+ <!-- comment out or remove the following setting. -->
+ <presence>
+ <presence2xdb/>
+ </presence>
+
+ <!-- The <history/> configuration element can be used to instruct -->
+ <!-- the session manager to store a copy of all messages to your -->
+ <!-- SQL database. -->
+ <!-- The <sent/> element inside this element is used to enable -->
+ <!-- storage of messages sent by your users. -->
+ <!-- The <recv/> element inside the <history/> element is used to -->
+ <!-- enable storage of messages received by your users. -->
+ <!-- The following optional attributes exist on these two -->
+ <!-- settings: -->
+ <!-- -->
+ <!-- special (default value is 'ignore'): -->
+ <!-- By default jabberd14 does not store some types of -->
+ <!-- special messages even if message logging is enabled -->
+ <!-- (error messages, headlines, and groupchat messages). -->
+ <!-- By setting this attribute to 'store' jabberd will -->
+ <!-- also store these special messages. -->
+ <!-- offline (default value is 'store', only for <recv/>): -->
+ <!-- By default jabberd14 does also store message it -->
+ <!-- reads from the offline storeage (i.e. that have been -->
+ <!-- received by the server while the user was offline). -->
+ <!-- When you set this to 'ignore' jabberd14 will not -->
+ <!-- store these message. You can use this setting to -->
+ <!-- improve performance, when you change your database -->
+ <!-- settings in a way, that the already stored offline -->
+ <!-- messages will not get deleted if a user reads them, -->
+ <!-- put only marked as read. -->
+ <!--
+ <history>
+ <sent special='ignore'/>
+ <recv special='ignore' offline='store'/>
+ </history>
+ -->
+
+ <!-- Configure which usernames are not acceptable for account -->
+ <!-- registration. -->
+ <!-- There are some usernames, that are blocked against account -->
+ <!-- registration by this default configuration file. This is -->
+ <!-- because users might associate special functions with these -->
+ <!-- account names. -->
+ <!-- Also you can configure usernames to have a minimum or -->
+ <!-- maximum length. -->
+ <!-- These settings do not affect existing accounts, but only -->
+ <!-- account registration. If you are registering accounts -->
+ <!-- manually or on your web-site by inserting the accounts to -->
+ <!-- your SQL database, these settings have no effect. -->
+ <mod_useridpolicy>
+ <!-- usernames that are not available for registration -->
+ <forbidden>admin</forbidden>
+ <forbidden>administrator</forbidden>
+ <forbidden>chatmaster</forbidden>
+ <forbidden>hostmaster</forbidden>
+ <forbidden>jabbermaster</forbidden>
+ <forbidden>postmaster</forbidden>
+ <forbidden>root</forbidden>
+ <forbidden>support</forbidden>
+ <forbidden>system</forbidden>
+ <forbidden>webmaster</forbidden>
+ <forbidden>xmpp</forbidden>
+ <!-- minimum and maximum length of usernames -->
+ <minlen>3</minlen>
+ <maxlen>16</maxlen>
+ </mod_useridpolicy>
+ </jsm>
+
+ <!-- The following section dynamically loads the individual modules -->
+ <!-- that make up the session manager. You normally do not want to -->
+ <!-- change anything here. -->
+ <!-- If you do, take note, that the order is important! -->
+ <load main="jsm">
+ <jsm>/usr/lib/jabberd14/libjabberdsm.so</jsm>
+ <mod_privacy>/usr/lib/jabberd14/libjabberdsm.so</mod_privacy>
+ <mod_stat>/usr/lib/jabberd14/libjabberdsm.so</mod_stat>
+ <mod_echo>/usr/lib/jabberd14/libjabberdsm.so</mod_echo>
+ <mod_roster>/usr/lib/jabberd14/libjabberdsm.so</mod_roster>
+ <mod_time>/usr/lib/jabberd14/libjabberdsm.so</mod_time>
+ <mod_vcard>/usr/lib/jabberd14/libjabberdsm.so</mod_vcard>
+ <mod_last>/usr/lib/jabberd14/libjabberdsm.so</mod_last>
+ <mod_version>/usr/lib/jabberd14/libjabberdsm.so</mod_version>
+ <mod_announce>/usr/lib/jabberd14/libjabberdsm.so</mod_announce>
+ <mod_browse>/usr/lib/jabberd14/libjabberdsm.so</mod_browse>
+ <mod_disco>/usr/lib/jabberd14/libjabberdsm.so</mod_disco>
+ <mod_admin>/usr/lib/jabberd14/libjabberdsm.so</mod_admin>
+ <mod_offline>/usr/lib/jabberd14/libjabberdsm.so</mod_offline>
+ <mod_ping>/usr/lib/jabberd14/libjabberdsm.so</mod_ping>
+ <mod_presence>/usr/lib/jabberd14/libjabberdsm.so</mod_presence>
+ <mod_useridpolicy>/usr/lib/jabberd14/libjabberdsm.so</mod_useridpolicy>
+ <mod_auth_digest>/usr/lib/jabberd14/libjabberdsm.so</mod_auth_digest>
+ <mod_auth_plain>/usr/lib/jabberd14/libjabberdsm.so</mod_auth_plain>
+ <mod_log>/usr/lib/jabberd14/libjabberdsm.so</mod_log>
+ <mod_register>/usr/lib/jabberd14/libjabberdsm.so</mod_register>
+ <mod_xml>/usr/lib/jabberd14/libjabberdsm.so</mod_xml>
+ </load>
+ </service>
+
+ <!-- The following section defines how data gets in files. -->
+ <!-- -->
+ <!-- Former versions of jabberd14 did by default use files to store -->
+ <!-- the user's data. This is still supported by jabberd14 1.6.0 and -->
+ <!-- you can use your existing storage configuration if you want to. -->
+ <xdb id="xdb">
+ <host/>
+ <load>
+ <xdb_file>/usr/lib/jabberd14/libjabberdxdbfile.so</xdb_file>
+ </load>
+ <xdb_file xmlns="jabber:config:xdb_file">
+ <spool>/var/spool/jabberd</spool>
+ </xdb_file>
+ </xdb>
+
+ <!-- While the main logic of your server resides in the session -->
+ <!-- manager (you configured it as the first <service/> in your -->
+ <!-- configuration file), some functionality has been separated from -->
+ <!-- the session manager. -->
+ <!-- One of the most important thinks, that have been separated from -->
+ <!-- the session manager is the so called 'client connection manager' -->
+ <!-- that gets configured now. -->
+ <!-- The client connection manager is responsible for accepting -->
+ <!-- incoming TCP/IP connections from your user's clients. It has -->
+ <!-- been separated to an own service, to be able to replace this -->
+ <!-- part of the server by other implementations, or run multiple -->
+ <!-- instances of this component (clustering). -->
+ <!-- The default implementation of the client connection manager is -->
+ <!-- able to handle up to about 500 concurrent users. If you plan to -->
+ <!-- serve more concurrent users, you should consider using the -->
+ <!-- alternative client connection manager of jabberd14 which is -->
+ <!-- called 'jadc2s' and can be downloaded from the jabberd web-site -->
+ <!-- as well. (http://download.jabberd.org/jadc2s/) -->
+ <!-- You will also want to use jadc2s if you want to enable SASL -->
+ <!-- authentication for your users. -->
+ <!-- With clustered instances of jadc2s, your server will be able -->
+ <!-- to handle several thousand concurrent users. -->
+ <!-- -->
+ <!-- If you do not want to change your client connection manager, you -->
+ <!-- normally do not have to change any of the following settings, -->
+ <!-- other then the commented ones. -->
+ <service id="c2s">
+ <load>
+ <pthsock_client>/usr/lib/jabberd14/libjabberdpthsock.so</pthsock_client>
+ </load>
+ <pthcsock xmlns="jabber:config:pth-csock">
+ <authtime>120</authtime>
+ <heartbeat>60</heartbeat>
+ <karma>
+ <init>10</init>
+ <max>10</max>
+ <inc>1</inc>
+ <dec>1</dec>
+ <penalty>-6</penalty>
+ <restore>10</restore>
+ </karma>
+
+ <!-- Use the following setting to configure the addresses and/or -->
+ <!-- ports your server is listening for incoming client -->
+ <!-- The configured example will listen on port 5222 of all your -->
+ <!-- IP addresses. -->
+ <!-- You can have multipe <ip/>-Elements to listen on multiple -->
+ <!-- ports or individual IP addresses. -->
+ <!-- See the additional examples, that are commented out. -->
+ <ip port="5222"/>
+
+ <!-- Listening only on the loopback address, if this is the only -->
+ <!-- configured address, your server will only accept connections -->
+ <!-- from clients resisting on the same host as the server. -->
+ <!--
+ <ip port="5222">127.0.0.1</ip>
+ -->
+
+ <!-- On Linux: Listening on any IPv4 and IPv6 address of your -->
+ <!-- server. On BSD: Listening on any IPv6 address of your -->
+ <!-- server. -->
+ <!--
+ <ip port="5222">::</ip>
+ -->
+
+ <!-- While jabberd14 supports modern clients using encryption -->
+ <!-- using the TLS protocol (which is a newer version of SSL) -->
+ <!-- on port as well as using unencrypted connections, some older -->
+ <!-- clients may need port 5223 to be open to connect encrypted -->
+ <!-- to the server. -->
+ <!-- Connecting to port 5222 using encryption should be prefered -->
+ <!-- over this legacy connection type to port 5223, as port 5222 -->
+ <!-- better supports virtual hosting. But for now you might -->
+ <!-- need to offer both ports. -->
+ <!-- -->
+ <!-- Note that jabberd14 does not distinguish between the old -->
+ <!-- and new ways to start encrypted connections by the port -->
+ <!-- number, but by the configuration element you use for them. -->
+ <!-- Therefore you should use the <tls/> configuration element -->
+ <!-- for port 5223 only, and use the <ip/> configuration element -->
+ <!-- for all other ports where clients connect to (typically this -->
+ <!-- will be port 5222). -->
+ <!-- Note as well, that the <tls/> configuration element has been -->
+ <!-- called <ssl/> in former versions of jabberd14. This element -->
+ <!-- is still considered to be an alias of the <tls/> config -->
+ <!-- element, and my still be used. -->
+ <!--
+ <tls port='5223'>127.0.0.1</tls>
+ <tls port='5223'>192.0.2.100</tls>
+ -->
+ </pthcsock>
+ </service>
+
+ <!-- The following section defines the logging of your Jabber server. -->
+ <!-- The default settings will configure your server to send log -->
+ <!-- messages to your system log using the 'daemon' facility. -->
+ <!--
+ <log id="elogger.localhost">
+ <host/>
+ <logtype/>
+ <format>[%t] (%h): %s</format>
+ <syslog>daemon</syslog>
+ </log>
+ -->
+
+ <!-- Alternatively you can use the following definition to instruct -->
+ <!-- jabberd14 to write itself to its logfile. -->
+ <log id="elogger.localhost">
+ <host/>
+ <logtype/>
+ <format>%d: [%t] (%h): %s</format>
+ <file>/var/log/jabberd/error.log</file>
+ </log>
+
+ <!-- The following service is responsible for DNS resolution of other -->
+ <!-- server's DNS records. If you do not want your server to federate -->
+ <!-- with the public Jabber network (e.g. because you are operating -->
+ <!-- your server only on your intranet) you can remove this service -->
+ <!-- (as well as the server-2-server connection manager below) from -->
+ <!-- your configuration file. -->
+ <!-- Normally you do not need to change the following configuration. -->
+ <!-- Changes are only needed if you want to cluster your server-2- -->
+ <!-- server connection manager. -->
+ <service id="dnsrv.localhost">
+ <host/>
+ <load>
+ <dnsrv>/usr/lib/jabberd14/libjabberddnsrv.so</dnsrv>
+ </load>
+ <dnsrv xmlns="jabber:config:dnsrv">
+ <resend service="_xmpp-server._tcp">s2s.localhost</resend>
+ <resend service="_jabber._tcp">s2s.localhost</resend>
+ <resend>s2s.localhost</resend>
+ </dnsrv>
+ </service>
+
+ <!-- The following service defines the so-called 'server-2-server -->
+ <!-- connection manager. It is responsible for establishing and -->
+ <!-- accepting TCP/IP connections with other Jabber servers. -->
+ <!-- Normally you do not have to change anything in this service. -->
+ <service id="s2s.localhost">
+ <load>
+ <dialback>/usr/lib/jabberd14/libjabberddialback.so</dialback>
+ </load>
+ <dialback xmlns="jabber:config:dialback">
+ <!-- using the following configuration option, you can disable, -->
+ <!-- enable, or force the usage of features for the interconnect -->
+ <!-- to other servers. -->
+ <!-- A setting is also applied to subdomains. E.g. a setting for -->
+ <!-- b.example.com is also used if the dialback component -->
+ <!-- establishes a connection to service.b.example.com. -->
+ <!-- To configure the default settings, omit the name attribute. -->
+ <!-- -->
+ <!-- Note: On incoming connections, the peer might not tell who -->
+ <!-- he is before we initialize our stream, and we do not know -->
+ <!-- then who the other side is. In that case the default -->
+ <!-- settings are used! -->
+ <!-- -->
+ <!-- xmpp-attribute: -->
+ <!-- 'yes': allow advertizing of stream version 1.0 -->
+ <!-- (this is the default) -->
+ <!-- 'no': do not advertize or use XMPP version '1.0' -->
+ <!-- -->
+ <!-- tls-attribute: -->
+ <!-- 'yes': allow usage of STARTTLS -->
+ <!-- (this is the default) -->
+ <!-- 'no': do not use/offer STARTTLS -->
+ <!-- 'force': require usage of STARTTLS -->
+ <!-- number: require usage of STARTTLS with a cipher -->
+ <!-- of at least (number) bits secret key length -->
+ <!-- -->
+ <!-- auth-attribute: -->
+ <!-- 'any': allow dialback as well as SASL EXTERNAL -->
+ <!-- authentication (this is the default) -->
+ <!-- 'db': only allow usage of dialback, disable SASL -->
+ <!-- 'sasl': only allow usage of SASL EXTERNAL -->
+ <!-- authentication -->
+ <!--
+ <host name='a.example.com' xmpp='no' tls='no'/>
+ <host name='b.example.com' xmpp='no'/>
+ <host name='c.example.com' tls='256' auth='sasl'/>
+ -->
+ <ip port="5269"/>
+ <karma>
+ <init>50</init>
+ <max>50</max>
+ <inc>4</inc>
+ <dec>1</dec>
+ <penalty>-5</penalty>
+ <restore>50</restore>
+ </karma>
+ </dialback>
+ </service>
+
+ <!-- The following service is used for easy integration of jabberd14 -->
+ <!-- into other applications. Other applications can send messages by -->
+ <!-- just putting stanzas as XML files with the .stanza file name -->
+ <!-- extension into the directory -->
+ <!-- /var/spool/jabberd/inject.localhost. -->
+ <!-- -->
+ <!-- Make sure that the directory and the files you place there are -->
+ <!-- readable and writeable by the user executing jabberd14. -->
+ <service id="inject.localhost">
+ <dir>
+ <!-- *.stanza files in this directory are read and processed by -->
+ <!-- jabberd14 -->
+ <in>/var/spool/jabberd/inject.localhost</in>
+
+ <!-- *.out files are placed to this directory of stanzas are -->
+ <!-- addressed to an address on the domain 'inject.localhost' -->
+ <!-- (you can change this domain with the id attribute of the -->
+ <!-- service element, or define additional domains by adding -->
+ <!-- <host/> elements to the service). -->
+ <!-- -->
+ <!-- This is disabled by default. Uncomment to enable this -->
+ <!-- feature. -->
+ <!--
+ <out>/var/spool/jabberd/inject.localhost</out>
+ -->
+ </dir>
+ </service>
+
+ <!-- update.jabber.org is long dead, but some clients still request -->
+ <!-- update information. In order to avoid errors in your logs, the -->
+ <!-- following service just drops data addressed to this service. -->
+ <service id="update.jabber.org">
+ <null/>
+ </service>
+
+ <!-- If you have any former transports, that are not there anymore, -->
+ <!-- you can use the <unsubscribe/> target to unsubscribe all roster -->
+ <!-- itemes for the transport's host from your users. -->
+ <!--
+ <service id='foobar.localhost'>
+ <unsubscribe>The foobar transport at localhost does not exist anymore</unsubscribe>
+ </service>
+ -->
+
+ <!-- If you want to add transports to your server, you have to -->
+ <!-- configure your jabberd14 server, to accept incoming connections -->
+ <!-- from these transports with the following type of configuration. -->
+ <!-- -->
+ <!-- Please note: -->
+ <!-- * You will require such a section for each transport you are -->
+ <!-- offering. -->
+ <!-- * Do not give away the credentials used to connect a transport -->
+ <!-- to your server. Everyone that can connect to your server -->
+ <!-- with the rights of a transport has access to jabberd14's -->
+ <!-- storage engine and can therefore e.g. access your user's -->
+ <!-- passwords! -->
+ <!-- * If you are operating the transports on the same host, it -->
+ <!-- is probably best to only accept incoming connections on the -->
+ <!-- IP address '127.0.0.1'. -->
+ <!--
+ <service id="aim.localhost">
+ <accept>
+ <ip>127.0.0.1</ip>
+ <port>7009</port>
+ <secret>jabber-rocks</secret>
+ </accept>
+ </service>
+ -->
+
+ <!-- The following <io/> configuration element contains global I/O -->
+ <!-- settings for your jabberd14 server. -->
+ <io>
+ <!-- The following section initializes TLS (also known as SSL). -->
+ <!-- -->
+ <!-- Note: the format of this configuration section has changed -->
+ <!-- from version 1.6.0 to version 1.6.1 of jabberd14, as many -->
+ <!-- features supported by GnuTLS where not be configurable by -->
+ <!-- the old format. -->
+ <!-- The old config format is still processed (with some smaller -->
+ <!-- exceptions), but it is better if you upgrade to the new -->
+ <!-- one. -->
+ <!-- -->
+ <!-- With the <credentials/> element here you can bind certificates -->
+ <!-- to domains. As well as you can configure some additional -->
+ <!-- settings, like the protocols and algorithms the TLS -->
+ <!-- implementation should use for this set of domains. -->
+ <!-- The configured domains are the local ones. E.g. you configure -->
+ <!-- the domain 'example.com' to configure which certificate -->
+ <!-- the server should use if a user connects to 'example.com'. -->
+ <!-- There is only one exception for this: For client connects on -->
+ <!-- the legacy port 5223, the server will not select the -->
+ <!-- credentials element by the domain the client connects to, but -->
+ <!-- by the IP address. -->
+ <!-- -->
+ <!-- The following elements are the most important settings which -->
+ <!-- you are typically interested in. For more available settings -->
+ <!-- please consult the jabber.xml man page. -->
+ <!-- -->
+ <!-- <domain/> Define a domain this definition should be used -->
+ <!-- for. The content of this element is a domain -->
+ <!-- for connects on ports 5222 and 5269, or an -->
+ <!-- IP address for connects on legacy port 5223. -->
+ <!-- <default/> Defines that this definition should be used for -->
+ <!-- all domains (or IP addresses), that have no -->
+ <!-- other definition. This element has no content. -->
+ <!-- <pem/> Defines a certificate or certificate chain in -->
+ <!-- PEM format to be loaded. The content of this -->
+ <!-- element is the filename. -->
+ <!-- By default both certificate and private key are -->
+ <!-- read from the same file. If the private key is -->
+ <!-- in a different file, the file for the private -->
+ <!-- key can be configured using the private-key -->
+ <!-- attribute of the <pem/> element. -->
+ <!-- You can have multiple <pem/> elements to load -->
+ <!-- multiple certificates. E.g. one for RSA and -->
+ <!-- another for DSS. -->
+ <!-- <ca/> Load the certificate of a certification -->
+ <!-- authority to be trusted. The content of this -->
+ <!-- element is the filename, that contains the -->
+ <!-- certificate of the certification authority. -->
+ <!-- By default this file is read as a PEM encoded -->
+ <!-- one. If it is DER encoded, you have to set the -->
+ <!-- type attribute of the <ca/> element to the -->
+ <!-- value 'der' (lower case!). -->
+ <!-- If the encoding is PEM, you can have multiple -->
+ <!-- or all certification authority certificates in -->
+ <!-- one file. But you can also (or must in the case -->
+ <!-- of DER encoding) have multiple <ca/> elements -->
+ <!-- all defining a single certificate. -->
+ <!-- If no <ca/> element is present, then the -->
+ <!-- certificates defined by the <cacertfile/> -->
+ <!-- element outside of <credentials/> are used as -->
+ <!-- the default. -->
+ <!-- <compression/> The compression algorithms, that should be -->
+ <!-- supported as well as their priority. The -->
+ <!-- content of this element is a whitespace -->
+ <!-- separated list of tokens. -->
+ <!-- If this is not configured, the defaults of the -->
+ <!-- TLS implementation are used. (Typically this -->
+ <!-- will only enable NULL, and therefore disable -->
+ <!-- compression.) -->
+ <!-- The following compression algorithms are -->
+ <!-- supported: -->
+ <!-- NULL Doing no compression at all, this is -->
+ <!-- needed for compatibility to -->
+ <!-- implementations, that do not support -->
+ <!-- compression at the TLS layer. -->
+ <!-- DEFLATE Compression using the deflate -->
+ <!-- algorithm. -->
+ <!-- LZO Compression using the LZO algorithm. -->
+ <!-- This is only supported if the GnuTLS -->
+ <!-- extra library has been linked to -->
+ <!-- jabberd14 (done automatically if it is -->
+ <!-- found by jabberd14's configure script) -->
+ <!-- else this token is ignored. -->
+ <!-- -->
+ <!-- With the <dhparams/> element right inside the <tls/> element, -->
+ <!-- you can configure a file containing parameters for Diffie -->
+ <!-- Hellmann key exchanges. If this configuration setting is not -->
+ <!-- present, jabberd14 will generated these parameters -->
+ <!-- automatically on each startup. This takes some time, therefore -->
+ <!-- you get a faster startup, if this setting is present. -->
+ <!-- -->
+ <!-- With the <cacertfile/> element right inside the <tls/> -->
+ <!-- element, you can configure a file that is used as the file -->
+ <!-- containing the certification authority certificates, if no -->
+ <!-- <ca/> element is present inside a <credentials/> element. -->
+ <!-- Multiple <cacertfile/> elements are possible, defining multipe -->
+ <!-- files to load. If a file loaded is in DER format, the element -->
+ <!-- has to have the type attribute set to the value 'der'. -->
+ <!-- -->
+ <!-- With the <crlfile/> element you can load CRL files. Multiple -->
+ <!-- <crlfile/> elements may be set. By default the CRL files are -->
+ <!-- expected to be in PEM format. If they are in DER format, the -->
+ <!-- configuration element has to have the type attribute set to -->
+ <!-- the value 'der'. -->
+ <tls>
+ <!--
+ <credentials>
+ <default/>
+ <domain>localhost</domain>
+ <domain>transport.localhost</domain>
+ <pem>/etc/jabber/your-certificate.pem</pem>
+ <ca type='pem'>/etc/jabber/cacerts.pem</ca>
+ <compression>LZO DEFLATE NULL</compression>
+ </credentials>
+ -->
+
+ <dhparams type='pem'>/etc/jabber/dhparams.pem</dhparams>
+ <cacertfile>/etc/jabber/cacerts.pem</cacertfile>
+ </tls>
+
+ <!-- The following section is used to allow or deny communications -->
+ <!-- from specified IP networks or addressses. If there is no -->
+ <!-- <allow/> section, then *all* IPs will be allowed to connect. -->
+ <!-- If you allow one block, then only that block may connect. Note -->
+ <!-- that <allow/> is checked before <deny/>, so if a specific -->
+ <!-- address is allowed but the network for that address is denied, -->
+ <!-- then that address will still be denied. -->
+ <!-- -->
+ <!-- If neither <allow/> nor <deny/> elements are present, your -->
+ <!-- server will accept incoming connections from any IP address. -->
+ <!--
+ <allow><ip>127.0.0.0</ip><mask>255.255.255.0</mask></allow>
+ <allow><ip>12.34.56.78</ip></allow>
+ <deny><ip>22.11.44.0</ip><mask>255.255.255.0</mask></deny>
+ -->
+
+ <!-- Bind to a specific IP address for outgoing connections. -->
+ <!--
+ <bind>192.0.2.55</bind>
+ -->
+
+ <!-- With this setting it is possible to configure jabberd to -->
+ <!-- detect incoming HTTP requests. Jabberd14 will then bounce the -->
+ <!-- user's agent to the configured URI. This might be especially -->
+ <!-- useful, if you run your jabber server on port 80 and want to -->
+ <!-- bounce web requests to a different domain. -->
+ <!--
+ <bounce>http://www.example.com/</bounce>
+ -->
+ </io>
+
+ <!-- Global configuration settings, affect a complete jabberd14 -->
+ <!-- process -->
+ <global>
+ <!-- Define mappings from language strings (used in XML) to locales -->
+ <!-- (used on the operating system). -->
+ <!-- These mappings are used to generate localized (translated) -->
+ <!-- messages. -->
+ <!-- Beside having the mapping defined, you need a language file -->
+ <!-- containing the action translations. -->
+ <!-- Note that you have to use locales, that use the UTF-8 -->
+ <!-- character encoding. (They typically end in '.UTF-8'.) Else -->
+ <!-- your server will send invalid XML data to your users and -->
+ <!-- peers. And the locales have to exist on your server as well, -->
+ <!-- else they will not work. -->
+ <locales>
+ <locale lang="de" locale="de_DE.UTF-8"/>
+ <locale lang="fr" locale="fr_FR.UTF-8"/>
+ <locale lang="hu" locale="hu_HU.UTF-8"/>
+ <locale lang="it" locale="it_IT.UTF-8"/>
+ <locale lang="nl" locale="nl_NL.UTF-8"/>
+ </locales>
+
+ <!-- Define access control lists. You can grant access to some -->
+ <!-- functionality of the server only to selected users. -->
+ <!-- To give a user access to a feature, place is JID inside -->
+ <!-- a jid element inside the relevant grant group. -->
+ <!-- The feature, that is controlled by a grant group is -->
+ <!-- selected using the feature attribute of the grant -->
+ <!-- element. A grant element with no feature attribute gives -->
+ <!-- the users inside access to all features. -->
+ <!-- -->
+ <!-- Currently defined features are: -->
+ <!-- 'motd': Set and change the message of the day -->
+ <!-- 'listsessions': Get the list of active sessions -->
+ <!-- 'adminmsg': Receive messages, that are sent to the -->
+ <!-- admin address of the server (i.e. just the domain name) -->
+ <!-- 's2s': read/change the status of the s2s componens -->
+ <!-- 'showasadmin': Advertize this user as being an administrator -->
+ <!-- of the server. -->
+ <!-- -->
+ <!-- Setting and changing the message of the day works like -->
+ <!-- that: You need to send a message to one of the following -->
+ <!-- addresses: -->
+ <!-- <message to='yourhostname/announce/online'> -->
+ <!-- <body>announcement here</body> -->
+ <!-- </message> -->
+ <!-- <message to='yourhostname/announce/motd'> -->
+ <!-- <body>message (of the day) that is sent only once to -->
+ <!-- all users that are logged in and additionally to new -->
+ <!-- ones as they log in</body> -->
+ <!-- </message> -->
+ <!-- -->
+ <!-- Sending to yourhostname/announce/motd/delete will remove -->
+ <!-- any existing motd, and to -->
+ <!-- yourhostname/announce/motd/update will only update the -->
+ <!-- motd without re-announcing to all logged in users. -->
+ <!--
+ <acl xmlns='http://jabberd.org/ns/acl'>
+ <grant feature='motd'>
+ <jid>xmpp@localhost</jid>
+ </grant>
+ <grant feature='listsessions'>
+ <jid>administrator@localhost</jid>
+ </grant>
+ <grant feature='adminmsg'>
+ <jid>xmpp@localhost</jid>
+ </grant>
+ <grant feature='showasadmin'>
+ <jid>administrator@localhost</jid>
+ </grant>
+ <grant feature='s2s'>
+ <jid>administrator@localhost</jid>
+ </grant>
+ <grant feature='localusers'>
+ <domain>example.com</domain>
+ <domain>example.net</domain>
+ </grant>
+ <grant>
+ <jid>admin@localhost</jid>
+ </grant>
+ </acl>
+ -->
+ </global>
+
+ <!-- This specifies the file to store the pid of the process in. -->
+ <pidfile>/var/run/jabberd/jabber.pid</pidfile>
+</jabber>
--- jabberd14-1.6.1.1.orig/debian/patches/CVE-2011-1754.dpatch
+++ jabberd14-1.6.1.1/debian/patches/CVE-2011-1754.dpatch
@@ -0,0 +1,29 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## CVE-2011-1754.dpatch by Nico Golde <nion@debian.org>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: No description.
+
+@DPATCH@
+diff -urNad '--exclude=CVS' '--exclude=.svn' '--exclude=.git' '--exclude=.arch' '--exclude=.hg' '--exclude=_darcs' '--exclude=.bzr' jabberd14-1.6.1.1~/jabberd/lib/xstream.cc jabberd14-1.6.1.1/jabberd/lib/xstream.cc
+--- jabberd14-1.6.1.1~/jabberd/lib/xstream.cc 2007-04-07 21:43:18.000000000 +0200
++++ jabberd14-1.6.1.1/jabberd/lib/xstream.cc 2011-05-31 00:12:01.000000000 +0200
+@@ -284,6 +284,7 @@
+
+ /* create expat parser and ensure cleanup */
+ newx->parser = XML_ParserCreateNS(NULL, XMLNS_SEPARATOR);
++ XML_SetDefaultHandler(newx->parser, NULL);
+ XML_SetUserData(newx->parser, (void *)newx);
+ XML_SetElementHandler(newx->parser, _xstream_startElement, _xstream_endElement);
+ XML_SetCharacterDataHandler(newx->parser, _xstream_charData);
+diff -urNad '--exclude=CVS' '--exclude=.svn' '--exclude=.git' '--exclude=.arch' '--exclude=.hg' '--exclude=_darcs' '--exclude=.bzr' jabberd14-1.6.1.1~/jabberd/mio_xml.cc jabberd14-1.6.1.1/jabberd/mio_xml.cc
+--- jabberd14-1.6.1.1~/jabberd/mio_xml.cc 2007-04-07 21:43:18.000000000 +0200
++++ jabberd14-1.6.1.1/jabberd/mio_xml.cc 2011-05-31 00:12:01.000000000 +0200
+@@ -290,6 +290,7 @@
+ /* Initialize the parser */
+ m->parser = XML_ParserCreateNS(NULL, XMLNS_SEPARATOR);
+ XML_SetUserData(m->parser, m);
++ XML_SetDefaultHandler(m->parser, NULL);
+ XML_SetElementHandler(m->parser, _mio_xstream_startElement, _mio_xstream_endElement);
+ XML_SetCharacterDataHandler(m->parser, _mio_xstream_CDATA);
+ XML_SetNamespaceDeclHandler(m->parser, _mio_xstream_startNamespaceDecl, _mio_xstream_endNamespaceDecl);
--- jabberd14-1.6.1.1.orig/debian/patches/fix_gnutls_api_changes.dpatch
+++ jabberd14-1.6.1.1/debian/patches/fix_gnutls_api_changes.dpatch
@@ -0,0 +1,71 @@
+#! /bin/sh -e
+## XX_mio_tls.dpatch by Martin Matuska <mm@freebsd.org>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: fix for API changes in libgnutls.
+## DP: Patch assumes key rings and files to be in base64 format, to detect the
+## DP: format an additional routine is required.
+## DP: Trustdb support was removed from gnutls and gnupg.
+
+
+[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts
+patch_opts="${patch_opts:--f --no-backup-if-mismatch}"
+
+if [ $# -ne 1 ]; then
+ echo >&2 "`basename $0`: script expects -patch|-unpatch as argument"
+ exit 1
+fi
+case "$1" in
+ -patch) patch $patch_opts -p1 < $0;;
+ -unpatch) patch $patch_opts -Rp1 < $0;;
+ *)
+ echo >&2 "`basename $0`: script expects -patch|-unpatch as argument"
+ exit 1;;
+esac
+
+exit 0
+@DPATCH@
+--- jabber-1.6.1.1.orig/jabberd/mio_tls.cc
++++ jabber-1.6.1.1/jabberd/mio_tls.cc
+@@ -612,7 +612,7 @@
+ }
+
+ // load OpenPGP key/certificate
+- ret = gnutls_certificate_set_openpgp_key_file(current_credentials, pubfile, privfile);
++ ret = gnutls_certificate_set_openpgp_key_file(current_credentials, pubfile, privfile, GNUTLS_OPENPGP_FMT_BASE64);
+ if (ret < 0) {
+ log_error(NULL, "Error loading OpenPGP key pub=%s/priv=%s: %s", pubfile, privfile, gnutls_strerror(ret));
+ continue;
+@@ -631,7 +631,7 @@
+ }
+
+ // load the OpenPGP keyring
+- ret = gnutls_certificate_set_openpgp_keyring_file(current_credentials, file);
++ ret = gnutls_certificate_set_openpgp_keyring_file(current_credentials, file, GNUTLS_OPENPGP_FMT_BASE64);
+ if (ret < 0) {
+ log_error(NULL, "Error loading OpenPGP keyring %s: %s", file, gnutls_strerror(ret));
+ continue;
+@@ -640,23 +640,6 @@
+ continue;
+ }
+
+- // load GnuPG trustdb
+- if (j_strcmp(xmlnode_get_localname(cur), "trustdb") == 0) {
+- char const *const file = xmlnode_get_data(cur);
+-
+- if (file == NULL) {
+- log_warn(NULL, "Initializing TLS subsystem: <trustdb/> element inside the TLS configuration, that does not contain a file-name.");
+- continue;
+- }
+-
+- // load the GnuPG trustdb
+- ret = gnutls_certificate_set_openpgp_trustdb(current_credentials, file);
+- if (ret < 0) {
+- log_error(NULL, "Error loading GnuPG trustdb %s: %s", file, gnutls_strerror(ret));
+- continue;
+- }
+- }
+-
+ // setup protocols to use
+ if (j_strcmp(xmlnode_get_localname(cur), "protocols") == 0) {
+ char const *const protocols_data = xmlnode_get_data(cur);
--- jabberd14-1.6.1.1.orig/debian/patches/disable_ipv6only.dpatch
+++ jabberd14-1.6.1.1/debian/patches/disable_ipv6only.dpatch
@@ -0,0 +1,75 @@
+#! /bin/sh -e
+## disable_ipv6only.dpatch by Miguel Landaeta <miguel@miguel.cc>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: new installations will be set with net.ipv6.bindv6only = 1,
+## DP: and since jabberd14 doesn't bind 2 sockets for IPv4 and IPv6,
+## DP: it is needed to disable IPV6_V6ONLY setting when IPv6 is used.
+## DP: This is just a workaround, upstream should be fix this eventually.
+## DP: For further reference, please see:
+## DP: * http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560137
+## DP: * http://lists.debian.org/debian-devel/2009/10/msg00541.html
+
+
+[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts
+patch_opts="${patch_opts:--f --no-backup-if-mismatch}"
+
+if [ $# -ne 1 ]; then
+ echo >&2 "`basename $0`: script expects -patch|-unpatch as argument"
+ exit 1
+fi
+case "$1" in
+ -patch) patch $patch_opts -p1 < $0;;
+ -unpatch) patch $patch_opts -Rp1 < $0;;
+ *)
+ echo >&2 "`basename $0`: script expects -patch|-unpatch as argument"
+ exit 1;;
+esac
+
+exit 0
+@DPATCH@
+diff --git a/jabberd/lib/socket.cc b/jabberd/lib/socket.cc
+index 7329074..2310132 100644
+--- a/jabberd/lib/socket.cc
++++ b/jabberd/lib/socket.cc
+@@ -46,7 +46,7 @@
+ * @return file handle of the new socket
+ */
+ int make_netsocket(u_short port, const char *host, int type) {
+- int s, flag = 1;
++ int s, flag = 1, flag_off = 0;
+ #ifdef WITH_IPV6
+ struct sockaddr_in6 sa;
+ struct in6_addr *saddr;
+@@ -69,6 +69,8 @@ int make_netsocket(u_short port, const char *host, int type) {
+ return(-1);
+ if(setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (char*)&flag, sizeof(flag)) < 0)
+ return(-1);
++ if(setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY, (char*)&flag_off, sizeof(flag_off)) < 0)
++ return(-1);
+
+ #ifdef WITH_IPV6
+ saddr = make_addr_ipv6(host);
+diff --git a/jabberd/mio.cc b/jabberd/mio.cc
+index 985229c..a7d9a63 100644
+--- a/jabberd/mio.cc
++++ b/jabberd/mio.cc
+@@ -599,7 +599,7 @@ static void* _mio_connect(void *arg) {
+ struct sockaddr_in sa;
+ struct in_addr* saddr;
+ #endif
+- int flag = 1,
++ int flag = 1, flag_off = 0,
+ flags;
+ mio newm;
+ pool p;
+@@ -638,7 +638,8 @@ static void* _mio_connect(void *arg) {
+ #endif
+
+ /* set socket options */
+- if (newm->fd < 0 || setsockopt(newm->fd, SOL_SOCKET, SO_REUSEADDR, (char*)&flag, sizeof(flag)) < 0) {
++ if (newm->fd < 0 || setsockopt(newm->fd, SOL_SOCKET, SO_REUSEADDR, (char*)&flag, sizeof(flag)) < 0
++ || setsockopt(newm->fd, IPPROTO_IPV6, IPV6_V6ONLY, (char*)&flag_off, sizeof(flag_off)) < 0) {
+ /* get the error message */
+ newm->connect_errmsg = strerror(errno);
+
--- jabberd14-1.6.1.1.orig/debian/patches/fix_installdir_locales.dpatch
+++ jabberd14-1.6.1.1/debian/patches/fix_installdir_locales.dpatch
@@ -0,0 +1,47 @@
+#! /bin/sh -e
+## patches/fix_installdir_locales.dpatch by Miguel Landaeta <miguel@miguel.cc>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: including $DESTDIR variable for locale data installation
+
+[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts
+patch_opts="${patch_opts:--f --no-backup-if-mismatch}"
+
+if [ $# -ne 1 ]; then
+ echo >&2 "`basename $0`: script expects -patch|-unpatch as argument"
+ exit 1
+fi
+case "$1" in
+ -patch) patch $patch_opts -p1 < $0;;
+ -unpatch) patch $patch_opts -Rp1 < $0;;
+ *)
+ echo >&2 "`basename $0`: script expects -patch|-unpatch as argument"
+ exit 1;;
+esac
+
+exit 0
+@DPATCH@
+--- jabberd14-1.6.1.1.orig/po/Makefile.am
++++ jabberd14-1.6.1.1/po/Makefile.am
+@@ -11,6 +11,6 @@
+
+ install-data-hook:
+ -for f in $(LANGS); do \
+- test -z "$(localedir)/$${f%.po}/LC_MESSAGES" || $(mkdir_p) "$(localedir)/$${f%.po}/LC_MESSAGES"; \
+- msgfmt -o "$(localedir)/$${f%.po}/LC_MESSAGES/jabberd14.mo" $$f; \
++ test -z "$(localedir)/$${f%.po}/LC_MESSAGES" || $(mkdir_p) "$(DESTDIR)$(localedir)/$${f%.po}/LC_MESSAGES"; \
++ msgfmt -o "$(DESTDIR)$(localedir)/$${f%.po}/LC_MESSAGES/jabberd14.mo" $$f; \
+ done
+--- jabberd14-1.6.1.1.orig/po/Makefile.in
++++ jabberd14-1.6.1.1/po/Makefile.in
+@@ -335,8 +335,8 @@
+
+ install-data-hook:
+ -for f in $(LANGS); do \
+- test -z "$(localedir)/$${f%.po}/LC_MESSAGES" || $(mkdir_p) "$(localedir)/$${f%.po}/LC_MESSAGES"; \
+- msgfmt -o "$(localedir)/$${f%.po}/LC_MESSAGES/jabberd14.mo" $$f; \
++ test -z "$(localedir)/$${f%.po}/LC_MESSAGES" || $(mkdir_p) "$(DESTDIR)$(localedir)/$${f%.po}/LC_MESSAGES"; \
++ msgfmt -o "$(DESTDIR)$(localedir)/$${f%.po}/LC_MESSAGES/jabberd14.mo" $$f; \
+ done
+ # Tell versions [3.59,3.63) of GNU make to not export all variables.
+ # Otherwise a system limit (for SysV at least) may be exceeded.
--- jabberd14-1.6.1.1.orig/debian/patches/00list
+++ jabberd14-1.6.1.1/debian/patches/00list
@@ -0,0 +1,9 @@
+link_as_needed
+fix_gnutls_api_changes
+fix_dpkg_shlibdeps_warning
+fix_installdir_locales
+fix_getaddrinfo_test
+fix_g++-4.4_ftbfs
+fix_binutils-gold_ftbfs
+disable_ipv6only
+CVE-2011-1754
--- jabberd14-1.6.1.1.orig/debian/patches/fix_getaddrinfo_test.dpatch
+++ jabberd14-1.6.1.1/debian/patches/fix_getaddrinfo_test.dpatch
@@ -0,0 +1,37 @@
+#! /bin/sh -e
+## fix_getaddrinfo_test.dpatch by Miguel Landaeta <miguel@miguel.cc>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: fix for a ./configure error about not detecting IPv6 capabilities.
+## DP: getaddrinfo call was failing due to undefined NULL value.
+
+
+[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts
+patch_opts="${patch_opts:--f --no-backup-if-mismatch}"
+
+if [ $# -ne 1 ]; then
+ echo >&2 "`basename $0`: script expects -patch|-unpatch as argument"
+ exit 1
+fi
+case "$1" in
+ -patch) patch $patch_opts -p1 < $0;;
+ -unpatch) patch $patch_opts -Rp1 < $0;;
+ *)
+ echo >&2 "`basename $0`: script expects -patch|-unpatch as argument"
+ exit 1;;
+esac
+
+exit 0
+@DPATCH@
+diff --git a/configure b/configure
+index 20ed3cc..b2e558f 100755
+--- jabberd14-1.6.1.1.orig/configure
++++ jabberd14-1.6.1.1/configure
+@@ -21171,6 +21171,7 @@ cat >>conftest.$ac_ext <<_ACEOF
+ #include <sys/types.h>
+ #include <sys/socket.h>
+ #include <netdb.h>
++#include <stddef.h>
+ int
+ main ()
+ {
--- jabberd14-1.6.1.1.orig/debian/patches/fix_dpkg_shlibdeps_warning.dpatch
+++ jabberd14-1.6.1.1/debian/patches/fix_dpkg_shlibdeps_warning.dpatch
@@ -0,0 +1,60 @@
+#! /bin/sh -e
+## fix_dpkg_shlibdeps_warning.dpatch by Thomas Anderson <gentoofan23@gentoo.org>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: fix for a dpkg-shlibdeps warning about improper linking.
+## DP: the warning was: "symbol debug__zones used by
+## DP: debian/jabberd14/usr/lib/libjabberd.so.2.0.0 found in none of the
+## DP: libraries.
+
+
+[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts
+patch_opts="${patch_opts:--f --no-backup-if-mismatch}"
+
+if [ $# -ne 1 ]; then
+ echo >&2 "`basename $0`: script expects -patch|-unpatch as argument"
+ exit 1
+fi
+case "$1" in
+ -patch) patch $patch_opts -p1 < $0;;
+ -unpatch) patch $patch_opts -Rp1 < $0;;
+ *)
+ echo >&2 "`basename $0`: script expects -patch|-unpatch as argument"
+ exit 1;;
+esac
+
+exit 0
+@DPATCH@
+--- jabberd14-1.6.1.1.orig/jabberd/jabberd.cc
++++ jabberd14-1.6.1.1/jabberd/jabberd.cc
+@@ -51,7 +51,6 @@
+
+ #include <popt.h>
+
+-xht debug__zones = NULL; /**< the debugging zones, that are enabled (key = zone string, value = zone string) */
+ extern int deliver__flag;
+ extern xmlnode greymatter__;
+
+--- jabberd14-1.6.1.1.orig/jabberd/jabberd.h
++++ jabberd14-1.6.1.1/jabberd/jabberd.h
+@@ -109,6 +109,8 @@
+ # include <gnutls/openpgp.h>
+ #endif
+
++static xht debug__zones = NULL; /**< the debugging zones, that are enabled (key = zone string, value = zone string) */
++
+ /** Packet types */
+ typedef enum { p_NONE, p_NORM, p_XDB, p_LOG, p_ROUTE } ptype;
+
+--- jabberd14-1.6.1.1.orig/xdb_file/xdbfiletool.cc
++++ jabberd14-1.6.1.1/xdb_file/xdbfiletool.cc
+@@ -37,7 +37,7 @@
+ * we have to remove these globals (or at least move them
+ * inside the library
+ */
+-xht debug__zones;
++extern xht debug__zones;
+
+ /* end of hack */
+
+
--- jabberd14-1.6.1.1.orig/debian/patches/fix_binutils-gold_ftbfs.dpatch
+++ jabberd14-1.6.1.1/debian/patches/fix_binutils-gold_ftbfs.dpatch
@@ -0,0 +1,41 @@
+#! /bin/sh -e
+## fix_g++-4.4_ftbfs.dpatch by Miguel Landaeta <miguel@miguel.cc>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: building jabberd with binutils-gold fails because this new version
+## DP: of linker is more stricter and requires all needed libraries listed
+## DP: when it is building executables.
+
+
+[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts
+patch_opts="${patch_opts:--f --no-backup-if-mismatch}"
+
+if [ $# -ne 1 ]; then
+ echo >&2 "`basename $0`: script expects -patch|-unpatch as argument"
+ exit 1
+fi
+case "$1" in
+ -patch) patch $patch_opts -p1 < $0;;
+ -unpatch) patch $patch_opts -Rp1 < $0;;
+ *)
+ echo >&2 "`basename $0`: script expects -patch|-unpatch as argument"
+ exit 1;;
+esac
+
+exit 0
+@DPATCH@
+diff --git a/configure b/configure
+index 20ed3cc..b01a3e1 100755
+--- a/configure
++++ b/configure
+@@ -23004,6 +23004,10 @@ fi
+ ac_define_dir=`eval echo $ac_define_dir`
+ CONFIG_DIR="$ac_define_dir"
+
++# add missing build-depends, yes I know this is a quick and dirty hack,
++# the correct way would be upstream fixing configure.ac in order to generate
++# a complete configure script
++LIBS="${LIBS} -ltasn1 -lgcrypt"
+
+ cat >>confdefs.h <<_ACEOF
+ #define CONFIG_DIR "$ac_define_dir"
--- jabberd14-1.6.1.1.orig/debian/patches/link_as_needed.dpatch
+++ jabberd14-1.6.1.1/debian/patches/link_as_needed.dpatch
@@ -0,0 +1,54 @@
+#! /bin/sh -e
+## as-needed.dpatch by Josselin Mouette <joss@debian.org>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: fix libtool incorrect argument reordering. (see #347650)
+
+
+[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts
+patch_opts="${patch_opts:--f --no-backup-if-mismatch}"
+
+if [ $# -ne 1 ]; then
+ echo >&2 "`basename $0`: script expects -patch|-unpatch as argument"
+ exit 1
+fi
+case "$1" in
+ -patch) patch $patch_opts -p1 < $0;;
+ -unpatch) patch $patch_opts -Rp1 < $0;;
+ *)
+ echo >&2 "`basename $0`: script expects -patch|-unpatch as argument"
+ exit 1;;
+esac
+
+exit 0
+@DPATCH@
+--- jabber-1.6.1.1.orig/ltmain.sh 2006-03-29 15:45:36.000000000 +0200
++++ jabber-1.6.1.1/ltmain.sh 2006-03-29 16:39:30.000000000 +0200
+@@ -1754,6 +1754,11 @@
+ arg=`$echo "X$arg" | $Xsed -e "s/^ //"`
+ ;;
+
++ -Wl,--as-needed)
++ deplibs="$deplibs $arg"
++ continue
++ ;;
++
+ -Wl,*)
+ args=`$echo "X$arg" | $Xsed -e "$sed_quote_subst" -e 's/^-Wl,//'`
+ arg=
+@@ -2094,6 +2099,15 @@
+ lib=
+ found=no
+ case $deplib in
++ -Wl,--as-needed)
++ if test "$linkmode,$pass" = "prog,link"; then
++ compile_deplibs="$deplib $compile_deplibs"
++ finalize_deplibs="$deplib $finalize_deplibs"
++ else
++ deplibs="$deplib $deplibs"
++ fi
++ continue
++ ;;
+ -mt|-mthreads|-kthread|-Kthread|-pthread|-pthreads|--thread-safe)
+ if test "$linkmode,$pass" = "prog,link"; then
+ compile_deplibs="$deplib $compile_deplibs"
--- jabberd14-1.6.1.1.orig/debian/patches/fix_g++-4.4_ftbfs.dpatch
+++ jabberd14-1.6.1.1/debian/patches/fix_g++-4.4_ftbfs.dpatch
@@ -0,0 +1,62 @@
+#! /bin/sh -e
+## fix_g++-4.4_ftbfs.dpatch by Miguel Landaeta <miguel@miguel.cc>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: quick and dirty hack to allow jabberd14 compilation under
+## DP: g++-4.4, a more stricter compiler than previous versions.
+
+
+[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts
+patch_opts="${patch_opts:--f --no-backup-if-mismatch}"
+
+if [ $# -ne 1 ]; then
+ echo >&2 "`basename $0`: script expects -patch|-unpatch as argument"
+ exit 1
+fi
+case "$1" in
+ -patch) patch $patch_opts -p1 < $0;;
+ -unpatch) patch $patch_opts -Rp1 < $0;;
+ *)
+ echo >&2 "`basename $0`: script expects -patch|-unpatch as argument"
+ exit 1;;
+esac
+
+exit 0
+@DPATCH@
+diff --git a/jabberd/lib/xmlnode.cc b/jabberd/lib/xmlnode.cc
+index 28ef9fe..d3aa513 100644
+--- a/jabberd/lib/xmlnode.cc
++++ b/jabberd/lib/xmlnode.cc
+@@ -910,8 +910,8 @@ xmlnode_list_item xmlnode_get_tags(xmlnode context_node, const char *path, xht n
+ }
+
+ /* separate this step from the next one, and check for a predicate in this step */
+- start_predicate = strchr(path, '[');
+- next_step = strchr(path, '/');
++ start_predicate = strchr((char*)path, '[');
++ next_step = strchr((char*)path, '/');
+ if (start_predicate == NULL && next_step == NULL) {
+ this_step = pstrdup(p, path);
+ } else if (start_predicate == NULL || start_predicate > next_step && next_step != NULL) {
+@@ -1833,7 +1833,7 @@ xmlnode xmlnode_select_by_lang(xmlnode_list_item nodes, const char* lang) {
+ if (lang != NULL && strchr(lang, '-') != NULL) {
+ snprintf(general_lang, sizeof(general_lang), "%s", lang);
+ if (strchr(lang, '-') != NULL) {
+- strchr(lang, '-')[0] = 0;
++ strchr((char*)lang, '-')[0] = 0;
+ } else {
+ general_lang[0] = 0;
+ }
+diff --git a/jabberd/log.cc b/jabberd/log.cc
+index 230c7d0..9a7bd13 100644
+--- a/jabberd/log.cc
++++ b/jabberd/log.cc
+@@ -86,7 +86,7 @@ static inline int _debug_log_zonefilter(char const* zone) {
+ char *pos, c = '\0';
+ if(zone != NULL && debug__zones != NULL)
+ {
+- pos = strchr(zone,'.');
++ pos = strchr((char *)zone,'.');
+ if(pos != NULL)
+ {
+ c = *pos;
![[patchlogo]](http://patch-tracker.debian.org/static/img/swirlpatch.png)