Your message dated Tue, 22 Apr 2014 12:32:05 +0000 with message-id <[email protected]> and subject line Bug#743836: fixed in prosody 0.8.2-4+deb7u2 has caused the Debian Bug report #743836, regarding prosody: Login fails with 'Unhandled c2s_unauthed stream element: compress' although package lua-zlib is installed to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 743836: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=743836 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: prosody Version: 0.8.2-4+deb7u1 Severity: normal Dear Maintainer, * What led up to the situation? After updating to 0.8.2-4+deb7u1 (because of DSA-2895-1), client logins fail with the above error when compression is active. * What exactly did you do (or not do) that was effective (or ineffective)? Disabling compression on clients allows them to log in. * What outcome did you expect instead? Because lua-zlib was already installed (and compression was working), I expected that prosody still allows logins with clients having compression enabled as before. -- System Information: Debian Release: 7.4 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: i386 (i686) Kernel: Linux 3.13.7-x86-linode57 (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages prosody depends on: ii adduser 3.113+nmu3 ii libc6 2.13-38+deb7u1 ii libidn11 1.25-2 ii liblua5.1-0 5.1.5-4 ii libssl1.0.0 1.0.1e-2+deb7u4 ii lua-expat [lua5.1-expat] 1.2.0-5+deb7u1 ii lua-filesystem [lua5.1-filesystem] 1.5.0+16+g84f1af5-1 ii lua-socket [lua5.1-socket] 2.0.2-8 ii lua5.1 5.1.5-4 ii ssl-cert 1.0.32 Versions of packages prosody recommends: ii lua-event [lua5.1-event] 0.4.1-2 ii lua-sec [lua5.1-sec] 0.4.1-1 Versions of packages prosody suggests: pn lua-dbi-mysql <none> pn lua-dbi-postgresql <none> pn lua-dbi-sqlite3 <none> ii lua-zlib 0.2-1 -- Configuration Files: /etc/prosody/migrator.cfg.lua changed: local data_path = '/var/lib/prosody'; input { type = "prosody_files"; path = data_path; } output { type = "prosody_files"; path = data_path; } --[[ input { type = "prosody_files"; path = data_path; } output { type = "prosody_sql"; driver = "SQLite3"; database = data_path.."/prosody.sqlite"; } ]] /etc/prosody/prosody.cfg.lua changed: -- Prosody Example Configuration File -- -- Information on configuring Prosody can be found on our -- website at http://prosody.im/doc/configure -- -- Tip: You can check that the syntax of this file is correct -- when you have finished by running: luac -p prosody.cfg.lua -- If there are any errors, it will let you know what and where -- they are, otherwise it will keep quiet. -- -- The only thing left to do is rename this file to remove the .dist ending, and fill in the -- blanks. Good luck, and happy Jabbering! ---------- Server-wide settings ---------- -- Settings in this section apply to the whole server and are the default settings -- for any virtual hosts -- This is a (by default, empty) list of accounts that are admins -- for the server. Note that you must create the accounts separately -- (see http://prosody.im/doc/creating_accounts for info) -- Example: admins = { "[email protected]", "[email protected]" } admins = { "[email protected]", "[email protected]" } -- Enable use of libevent for better performance under high load -- For more information see: http://prosody.im/doc/libevent --use_libevent = true; -- This is the list of modules Prosody will load on startup. -- It looks for mod_modulename.lua in the plugins folder, so make sure that exists too. -- Documentation on modules can be found at: http://prosody.im/doc/modules modules_enabled = { -- Generally required "roster"; -- Allow users to have a roster. Recommended ;) "saslauth"; -- Authentication for clients and servers. Recommended if you want to log in. "tls"; -- Add support for secure TLS on c2s/s2s connections "dialback"; -- s2s dialback support "disco"; -- Service discovery -- Not essential, but recommended "private"; -- Private XML storage (for room bookmarks, etc.) "vcard"; -- Allow users to set vCards "privacy"; -- Support privacy lists "compression"; -- Stream compression (Debian: requires lua-zlib module to work) -- Nice to have "legacyauth"; -- Legacy authentication. Only used by some old clients and bots. --"version"; -- Replies to server version requests "uptime"; -- Report how long server has been running "time"; -- Let others know the time here on this server "ping"; -- Replies to XMPP pings with pongs "pep"; -- Enables users to publish their mood, activity, playing music and more "register"; -- Allow users to register on this server using a client and change passwords "adhoc"; -- Support for "ad-hoc commands" that can be executed with an XMPP client -- Admin interfaces "admin_adhoc"; -- Allows administration via an XMPP client that supports ad-hoc commands --"admin_telnet"; -- Opens telnet console interface on localhost port 5582 -- Other specific functionality "bosh"; -- Enable BOSH clients, aka "Jabber over HTTP" --"httpserver"; -- Serve static files from a directory over HTTP "groups"; -- Shared roster support "announce"; -- Send announcement to all online users --"welcome"; -- Welcome users who register accounts --"watchregistrations"; -- Alert admins of registrations --"motd"; -- Send a message to users when they log in -- Debian: do not remove this module, or you lose syslog -- support "posix"; -- POSIX functionality, sends server to background, enables syslog, etc. }; -- These modules are auto-loaded, should you -- (for some mad reason) want to disable -- them then uncomment them below modules_disabled = { -- "presence"; -- Route user/contact status information -- "message"; -- Route messages -- "iq"; -- Route info queries -- "offline"; -- Store offline messages }; -- Disable account creation by default, for security -- For more information see http://prosody.im/doc/creating_accounts allow_registration = false; -- Debian: -- send the server to background. -- daemonize = true; -- Debian: -- Please, don't change this option since /var/run/prosody/ -- is one of the few directories Prosody is allowed to write to -- pidfile = "/var/run/prosody/prosody.pid"; -- These are the SSL/TLS-related settings. If you don't want -- to use SSL/TLS, you may comment or remove this ssl = { key = "/etc/prosody/certs/localhost.key"; certificate = "/etc/prosody/certs/localhost.cert"; } -- Only allow encrypted streams? Encryption is already used when -- available. These options will cause Prosody to deny connections that -- are not encrypted. Note that some servers do not support s2s -- encryption or have it disabled, including gmail.com and Google Apps -- domains. c2s_require_encryption = true --s2s_require_encryption = false -- Select the authentication backend to use. The 'internal' providers -- use Prosody's configured data storage to store the authentication data. -- To allow Prosody to offer secure authentication mechanisms to clients, the -- default provider stores passwords in plaintext. If you do not trust your -- server please see http://prosody.im/doc/modules/mod_auth_internal_hashed -- for information about using the hashed backend. authentication = "internal_plain" -- Select the storage backend to use. By default Prosody uses flat files -- in its configured data directory, but it also supports more backends -- through modules. An "sql" backend is included by default, but requires -- additional dependencies. See http://prosody.im/doc/storage for more info. --storage = "sql" -- Default is "internal" (Debian: "sql" requires one of the -- lua-dbi-sqlite3, lua-dbi-mysql or lua-dbi-postgresql packages to work) -- For the "sql" backend, you can uncomment *one* of the below to configure: --sql = { driver = "SQLite3", database = "prosody.sqlite" } -- Default. 'database' is the filename. --sql = { driver = "MySQL", database = "prosody", username = "prosody", password = "secret", host = "localhost" } --sql = { driver = "PostgreSQL", database = "prosody", username = "prosody", password = "secret", host = "localhost" } -- Logging configuration -- For advanced logging see http://prosody.im/doc/logging -- -- Debian: -- Logs info and higher to /var/log -- Logs errors to syslog also log = { -- Log files (change 'info' to 'debug' for debug logs): info = "/var/log/prosody/prosody.log"; error = "/var/log/prosody/prosody.err"; -- Syslog: { levels = { "error" }; to = "syslog"; }; } ----------- Virtual hosts ----------- -- You need to add a VirtualHost entry for each domain you wish Prosody to serve. -- Settings under each VirtualHost entry apply *only* to that host. VirtualHost "example.com" enabled = false -- Remove this line to enable this host -- Assign this host a certificate for TLS, otherwise it would use the one -- set in the global section (if any). -- Note that old-style SSL on port 5223 only supports one certificate, and will always -- use the global one. ssl = { key = "/etc/prosody/certs/lugh_cacert_ejabberd.key"; certificate = "/etc/prosody/certs/lugh_cacert_ejabberd.crt"; } ------ Components ------ -- You can specify components to add hosts that provide special services, -- like multi-user conferences, and transports. -- For more information on components, see http://prosody.im/doc/components ---Set up a MUC (multi-user chat) room server on conference.example.com: --Component "conference.example.com" "muc" -- Set up a SOCKS5 bytestream proxy for server-proxied file transfers: --Component "proxy.example.com" "proxy65" ---Set up an external component (default component port is 5347) -- -- External components allow adding various services, such as gateways/ -- transports to other networks like ICQ, MSN and Yahoo. For more info -- see: http://prosody.im/doc/components#adding_an_external_component -- --Component "gateway.example.com" -- component_secret = "password" ------ Additional config files ------ -- For organizational purposes you may prefer to add VirtualHost and -- Component definitions in their own config files. This line includes -- all config files in /etc/prosody/conf.d/ bosh_ports = { { port = 5280; path = "http-bind"; interface = "127.0.0.1"; } } consider_bosh_secure = true -- when proxying from HTTPS -> HTTP Include "conf.d/*.cfg.lua" -- no debconf information
--- End Message ---
--- Begin Message ---Source: prosody Source-Version: 0.8.2-4+deb7u2 We believe that the bug you reported is fixed in the latest version of prosody, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Enrico Tassi <[email protected]> (supplier of updated prosody package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sun, 20 Apr 2014 09:52:15 +0200 Source: prosody Binary: prosody Architecture: source amd64 Version: 0.8.2-4+deb7u2 Distribution: wheezy-security Urgency: high Maintainer: Matthew James Wild <[email protected]> Changed-By: Enrico Tassi <[email protected]> Description: prosody - Lightweight Jabber/XMPP server written in Lua Closes: 743836 Changes: prosody (0.8.2-4+deb7u2) wheezy-security; urgency=high . * Fixup to prosody-0.8-compression-dos-2.patch to prevent clients with compression enabled to disconnect (Closes: #743836): - compression-advertisement-fix.patch Checksums-Sha1: 29fa54bb97cfa39391d113ca490565fb7665ad1d 1868 prosody_0.8.2-4+deb7u2.dsc f8e444f827f96f063670740836b9cbfaa6f7f79e 13755 prosody_0.8.2-4+deb7u2.debian.tar.gz 26d8ffbc9873a45e8015ccbdbf9677e2d27c3d5b 198272 prosody_0.8.2-4+deb7u2_amd64.deb Checksums-Sha256: e0ee72391d3735929574ee578d9def5c942efdc05930b7bb2f9738407a380691 1868 prosody_0.8.2-4+deb7u2.dsc bedb6a4e6499f304dd657fc5b16d208502fcfb5bc48fb2f454f6610a27592a6d 13755 prosody_0.8.2-4+deb7u2.debian.tar.gz 61344669ba13a638f2ce9d146f27415cc719169d46132209d9989873b4ea4519 198272 prosody_0.8.2-4+deb7u2_amd64.deb Files: 689f24fc6fb96d7855a4164af8521128 1868 net extra prosody_0.8.2-4+deb7u2.dsc 411a249115895d75a9bcbb1a4bc0d9b8 13755 net extra prosody_0.8.2-4+deb7u2.debian.tar.gz 852ac59e4248cf4fe0df7033f6dbbade 198272 net extra prosody_0.8.2-4+deb7u2_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJTU33LAAoJECUFM8yim3ZPB9cQAKfTuHrU2Gir3FcB8+XmAjgw GCoS2Fu5D6e+tax20VbCc+rWVqnr2A27fGaflX1gRZUAtIoEdpxk3n8CrIYb8Fd7 GNr2fFnVlSRfpBZ3UyZNUIxbLgpRUDIO8l6EyN8ZLeFPBJ9TgC/IKhHiMPSl/VQo Tp4YVGZM1Ay5Lq4hJO987fNDpQ5IRc+Q8b6la2VO+i9+qjDLFU7qKQOprvy283b0 +MPMLqA3WzZRdZE9539l6Il1YBTOo5+mdaY0R1ZMDtBscstlro1PuUNyE3wme7J3 jwjUWvQ/S9ZMnoNbOzNwo93J/oMrm8sO9CtlE19gBpGB3skJ3yCF9HbuttijAEAY pxaZPhOoxonO9qJhz/Kmt+EleJ/X8DH/LwMZ+bf/4bQTE3M5RejSw46LcRHZ6Tjd Ii0tqgGPReNwEPfVNMrdpfkusbvL/GqncFsuaiSWh7nUI6Lri5TF4PXkRGl5wjWm cUGIhh9EXagIN4FRRSmHHLxz66frq3KVkKwIRND181FVlCf5bhuDKQExnYbIrWHw 9XHIgCTgweY0991Efwp0EXIVfcpx9XeE6a2MFuHFYjcDK/0jPwqsTxel1274B2PM AaHYH4EFdOyFnRHCxJVQ6x+mXe4HVVvCUelq4mlhNigqEjJ+TboHJ0hzLNyE72HU xsWLcf5qW7wPUp91GRwZ =swuV -----END PGP SIGNATURE-----
--- End Message ---

