Skip to content
This repository has been archived by the owner on Jan 10, 2022. It is now read-only.

ejabberd_c2s:wait_for_feature_request Error From XMpp while generating new USER id for client chat app #41

Open
BOXTECHSTUDIO opened this issue Sep 6, 2016 · 7 comments

Comments

@BOXTECHSTUDIO
Copy link

2016-09-05 19:34:51.079 [info] <0.498.0>@ejabberd_http:init:157 started: {gen_tcp,#Port<0.3947>}
2016-09-05 19:35:06.894 [info] <0.491.0>@ejabberd_listener🉑299 (#Port<0.3948>) Accepted connection 103.255.4.61:40738 -> 162.243.172.244:5222
2016-09-05 19:35:07.306 [info] <0.500.0>@ejabberd_c2s:wait_for_feature_request:789 ({socket_state,gen_tcp,#Port<0.3948>,<0.499.0>}) Failed authentication for 57a6697147e6e21b268b456d@server1..com from 193.355.4.61
2016-09-05 19:35:08.225 [info] <0.491.0>@ejabberd_listener🉑299 (#Port<0.3949>) Accepted connection 103.255.4.61:40739 -> 162.243.172.244:5222
2016-09-05 19:35:08.503 [info] <0.502.0>@ejabberd_c2s:wait_for_feature_request:789 ({socket_state,gen_tcp,#Port<0.3949>,<0.501.0>}) Failed authentication for 57a6697147e6e21b268b456d@server1.
.com from 193.355.4.61

Getting this error when XMPP try to create new USER I
https://guides.github.com/features/mastering-markdown/D and authenticate it. NEW CREATED id doesnt store in Ejabberd

@youmad
Copy link

youmad commented Sep 6, 2016

Could you please provide the ejabberd configuration?

@BOXTECHSTUDIO
Copy link
Author

ejabberd.txt

@BOXTECHSTUDIO
Copy link
Author

ejabberd configuration file

The parameters used in this configuration file are explained in more detail

in the ejabberd Installation and Operation Guide.

Please consult the Guide in case of doubts, it is included with

your copy of ejabberd, and is also available online at

http://www.process-one.net/en/ejabberd/docs/

The configuration file is written in YAML.

Refer to http://en.wikipedia.org/wiki/YAML for the brief description.

However, ejabberd treats different literals as different types:

- unquoted or single-quoted strings. They are called "atoms".

Example: dog, 'Jupiter', '3.14159', YELLOW

- numeric literals. Example: 3, -45.0, .0

- quoted or folded strings.

Examples of quoted string: "Lizzard", "orange".

Example of folded string:

> Art thou not Romeo,

and a Montague?

=======

LOGGING

loglevel: Verbosity of log files generated by ejabberd.

0: No ejabberd log at all (not recommended)

1: Critical

2: Error

3: Warning

4: Info

5: Debug

loglevel: 4

rotation: Describe how to rotate logs. Either size and/or date can trigger

log rotation. Setting count to N keeps N rotated logs. Setting count to 0

does not disable rotation, it instead rotates the file and keeps no previous

versions around. Setting size to X rotate log when it reaches X bytes.

To disable rotation set the size to 0 and the date to ""

Date syntax is taken from the syntax newsyslog uses in newsyslog.conf.

Some examples:

$D0 rotate every night at midnight

$D23 rotate every day at 23:00 hr

$W0D23 rotate every week on Sunday at 23:00 hr

$W5D16 rotate every week on Friday at 16:00 hr

$M1D0 rotate on the first day of every month at midnight

$M5D6 rotate on every 5th day of the month at 6:00 hr

log_rotate_size: 10485760
log_rotate_date: ""
log_rotate_count: 1

overload protection: If you want to limit the number of messages per second

allowed from error_logger, which is a good idea if you want to avoid a flood

of messages when system is overloaded, you can set a limit.

100 is ejabberd's default.

log_rate_limit: 100

watchdog_admins: Only useful for developers: if an ejabberd process

consumes a lot of memory, send live notifications to these XMPP

accounts.

watchdog_admins:

- "[email protected]"

================

SERVED HOSTNAMES

hosts: Domains served by ejabberd.

You can define one or several, for example:

hosts:

- "example.net"

- "example.com"

- "example.org"

hosts:

  • "server1.******.com"

route_subdomains: Delegate subdomains to other XMPP servers.

For example, if this ejabberd serves example.org and you want

to allow communication with an XMPP server called im.example.org.

route_subdomains: s2s

===============

LISTENING PORTS

listen: The ports ejabberd will listen on, which service each is handled

by and what options to start it with.

listen:

port: 5222
module: ejabberd_c2s
max_stanza_size: 65536
shaper: c2s_shaper
access: c2s
starttls: true
certfile: "/opt/ejabberd-15.09/conf/server.pem"

Custom OpenSSL options

protocol_options:

- "no_sslv3"

- "no_tlsv1"

  • port: 5269
    module: ejabberd_s2s_in
    max_stanza_size: 131072
    shaper: s2s_shaper

    ejabberd_service: Interact with external components (transports, ...)

    -

    port: 8888

    module: ejabberd_service

    access: all

    shaper_rule: fast

    ip: "127.0.0.1"

    hosts:

    "icq.example.org":

    password: "secret"

    "sms.example.org":

    password: "secret"

    ejabberd_stun: Handles STUN Binding requests

    -

    port: 3478

    transport: udp

    module: ejabberd_stun

    To handle XML-RPC requests that provide admin credentials:

    -

    port: 4560

    module: ejabberd_xmlrpc

  • port: 5280
    module: ejabberd_http
    request_handlers:
    "/websocket": ejabberd_http_ws

    "/pub/archive": mod_http_fileserver

    web_admin: true
    http_poll: false
    http_bind: true

    register: true

    captcha: false

s2s_use_starttls: Enable STARTTLS + Dialback for S2S connections.

Allowed values are: false optional required required_trusted

You must specify a certificate file.

s2s_use_starttls: optional

s2s_certfile: Specify a certificate file.

s2s_certfile: "/opt/ejabberd-15.09/conf/server.pem"

Custom OpenSSL options

s2s_protocol_options:

- "no_sslv3"

- "no_tlsv1"

domain_certfile: Specify a different certificate for each served hostname.

host_config:

"example.org":

domain_certfile: "/opt/ejabberd-15.09/conf/example_org.pem"

"example.com":

domain_certfile: "/opt/ejabberd-15.09/conf/example_com.pem"

S2S whitelist or blacklist

Default s2s policy for undefined hosts.

s2s_policy: s2s

Outgoing S2S options

Preferred address families (which to try first) and connect timeout

in milliseconds.

outgoing_s2s_families:

- ipv4

- ipv6

outgoing_s2s_timeout: 10000

==============

AUTHENTICATION

auth_method: Method used to authenticate the users.

The default method is the internal.

If you want to use a different method,

comment this line and enable the correct ones.

auth_method: odbc

Store the plain passwords or hashed for SCRAM:

auth_password_format: plain

auth_password_format: scram

Define the FQDN if ejabberd doesn't detect it:

fqdn: "server3.example.com"

Authentication using external script

Make sure the script is executable by ejabberd.

auth_method: external

extauth_program: "/path/to/authentication/script"

Authentication using ODBC

Remember to setup a database in the next section.

auth_method: odbc

Authentication using PAM

auth_method: pam

pam_service: "pamservicename"

Authentication using LDAP

auth_method: ldap

List of LDAP servers:

ldap_servers:

- "loalhost"

Encryption of connection to LDAP servers:

ldap_encrypt: none

ldap_encrypt: tls

Port to connect to on LDAP servers:

ldap_port: 389

ldap_port: 636

LDAP manager:

ldap_rootdn: "dc=example,dc=com"

Password of LDAP manager:

ldap_password: "******"

Search base of LDAP directory:

ldap_base: "dc=example,dc=com"

LDAP attribute that holds user ID:

ldap_uids:

- "mail": "%[email protected]"

LDAP filter:

ldap_filter: "(objectClass=shadowAccount)"

Anonymous login support:

auth_method: anonymous

anonymous_protocol: sasl_anon | login_anon | both

allow_multiple_connections: true | false

host_config:

"public.example.org":

auth_method: anonymous

allow_multiple_connections: false

anonymous_protocol: sasl_anon

To use both anonymous and internal authentication:

host_config:

"public.example.org":

auth_method:

- internal

- anonymous

==============

DATABASE SETUP

ejabberd by default uses the internal Mnesia database,

so you do not necessarily need this section.

This section provides configuration examples in case

you want to use other database backends.

Please consult the ejabberd Guide for details on database creation.

MySQL server:

odbc_type: mysql
odbc_server: "server1.***_.com"
odbc_database: "ejabberd"
odbc_username: "new"
odbc_password: "
_***1211"

If you want to specify the port:

odbc_port: 1234

PostgreSQL server:

odbc_type: pgsql

odbc_server: "server"

odbc_database: "database"

odbc_username: "username"

odbc_password: "password"

If you want to specify the port:

odbc_port: 1234

If you use PostgreSQL, have a large database, and need a

faster but inexact replacement for "select count(*) from users"

pgsql_users_number_estimate: true

ODBC compatible or MSSQL server:

odbc_type: odbc

odbc_server: "DSN=ejabberd;UID=ejabberd;PWD=ejabberd"

Number of connections to open to the database for each virtual host

odbc_pool_size: 10

Interval to make a dummy SQL request to keep the connections to the

database alive. Specify in seconds: for example 28800 means 8 hours

odbc_keepalive_interval: undefined

===============

TRAFFIC SHAPERS

shaper:

The "normal" shaper limits traffic speed to 1000 B/s

normal: 1000

The "fast" shaper limits traffic speed to 50000 B/s

fast: 50000

This option specifies the maximum number of elements in the queue

of the FSM. Refer to the documentation for details.

max_fsm_queue: 1000

###. ====================
###' ACCESS CONTROL LISTS
acl:

The 'admin' ACL grants administrative privileges to XMPP accounts.

You can put here as many accounts as you want.

admin:
user:
- "admin": "server1.******.com"

Blocked users

blocked:

user:

- "baduser": "example.org"

- "test"

Local users: don't modify this.

local:
user_regexp: ""

More examples of ACLs

jabberorg:

server:

- "jabber.org"

aleksey:

user:

- "aleksey": "jabber.ru"

test:

user_regexp: "^test"

user_glob: "test*"

Loopback network

loopback:
ip:
- "127.0.0.0/8"

Bad XMPP servers

bad_servers:

server:

- "xmpp.zombie.org"

- "xmpp.spam.com"

Define specific ACLs in a virtual host.

host_config:

"localhost":

acl:

admin:

user:

- "bob-local": "localhost"

============

ACCESS RULES

access:

Maximum number of simultaneous sessions allowed for a single user:

max_user_sessions:
all: 10

Maximum number of offline messages that users can have:

max_user_offline_messages:
admin: 5000
all: 100

This rule allows access only for local users:

local:
local: allow

Only non-blocked users can use c2s connections:

c2s:
blocked: deny
all: allow

For C2S connections, all users except admins use the "normal" shaper

c2s_shaper:
admin: none
all: normal

All S2S connections use the "fast" shaper

s2s_shaper:
all: fast

Only admins can send announcement messages:

announce:
admin: allow

Only admins can use the configuration interface:

configure:
admin: allow

Admins of this server are also admins of the MUC service:

muc_admin:
admin: allow

Only accounts of the local ejabberd server can create rooms:

muc_create:
local: allow

All users are allowed to use the MUC service:

muc:
all: allow

Only accounts on the local ejabberd server can create Pubsub nodes:

pubsub_createnode:
local: allow

In-band registration allows registration of any possible username.

To disable in-band registration, replace 'allow' with 'deny'.

register:
all: allow

Only allow to register from localhost

trusted_network:
loopback: allow

Do not establish S2S connections with bad servers

s2s:

bad_servers: deny

all: allow

By default the frequency of account registrations from the same IP

is limited to 1 account every 10 minutes. To disable, specify: infinity

registration_timeout: 600

Define specific Access Rules in a virtual host.

host_config:

"localhost":

access:

c2s:

admin: allow

all: deny

register:

all: deny

================

DEFAULT LANGUAGE

language: Default language used for server messages.

language: "en"

Set a different default language in a virtual host.

host_config:

"localhost":

language: "ru"

=======

CAPTCHA

Full path to a script that generates the image.

captcha_cmd: "/opt/ejabberd-15.09/lib/ejabberd-15.09/priv/tools/captcha.sh"

Host for the URL and port where ejabberd listens for CAPTCHA requests.

captcha_host: "example.org:5280"

Limit CAPTCHA calls per minute for JID/IP to avoid DoS.

captcha_limit: 5

=======

MODULES

Modules enabled in all ejabberd virtual hosts.

modules:
mod_adhoc: []
mod_admin_extra: []
mod_announce: # recommends mod_adhoc
access: announce
db_type: odbc
mod_last_odbc: []
mod_roster_odbc: []
mod_mam:
db_type: odbc
default: always
cache_size: integer
cache_lifetime: seconds

mod_blocking: [] # requires mod_privacy

mod_caps: []
mod_carboncopy: []
mod_configure: [] # requires mod_adhoc
mod_disco: []

mod_echo: []

mod_irc: []

mod_http_bind: []

mod_http_fileserver:

docroot: "/var/www"

accesslog: "/opt/ejabberd-15.09/logs/access.log"

mod_last: []
mod_muc:
## host: "conference.@host@"
access: muc
access_create: muc_create
access_persistent: muc_create
access_admin: muc_admin
mod_muc_admin: []

mod_muc_log: []

mod_offline:
access_max_user_messages: max_user_offline_messages

mod_ping: []

mod_pres_counter:

count: 5

interval: 60

mod_privacy: []
mod_private: []

mod_proxy65: []

mod_pubsub:
access_createnode: pubsub_createnode
## reduces resource comsumption, but XEP incompliant
ignore_pep_from_offline: true
## XEP compliant, but increases resource comsumption
## ignore_pep_from_offline: false
last_item_cache: false
plugins:
- "flat"
- "hometree"
- "pep" # pep requires mod_caps
mod_register:
##
## Protect In-Band account registrations with CAPTCHA.
##
## captcha_protected: true

##
## Set the minimum informational entropy for passwords.
##
## password_strength: 32

##
## After successful registration, the user receives
## a message with this subject and body.
##
welcome_message: 
  subject: "Welcome!"
  body: |-
    Hi.
    Welcome to this XMPP server.

##
## When a user registers, send a notification to
## these XMPP accounts.
##
## registration_watchers:
##   - "[email protected]"

##
## Only clients in the server machine can register accounts
##
ip_access: trusted_network

##
## Local c2s or remote s2s users cannot register accounts
##
## access_from: deny

access: register

mod_roster: []
mod_shared_roster: []

mod_time: []

mod_vcard: []
mod_version: []

Enable modules with custom options in a specific virtual host

append_host_config:

"localhost":

modules:

mod_echo:

host: "mirror.localhost"

Enable modules management via ejabberdctl for installation and

uninstallation of public/private contributed modules

(enabled by default)

allow_contrib_modules: true

Local Variables:

mode: yaml

End:

vim: set filetype=yaml tabstop=8

@youmad
Copy link

youmad commented Sep 6, 2016

loglevel: 4
log_rotate_size: 10485760
log_rotate_date: ""
log_rotate_count: 1
log_rate_limit: 100

hosts:
  - "server1.******.com"

listen: 
  - 
    port: 5222
    module: ejabberd_c2s
    max_stanza_size: 65536
    shaper: c2s_shaper
    access: c2s
    starttls: true
    certfile: "/opt/ejabberd-15.09/conf/server.pem"
  - 
    port: 5269
    module: ejabberd_s2s_in
    max_stanza_size: 131072
    shaper: s2s_shaper
  - 
    port: 5280
    module: ejabberd_http
    request_handlers:
      "/websocket": ejabberd_http_ws
    web_admin: true
    http_poll: false
    http_bind: true
    ## register: true
    captcha: false

auth_method: odbc

odbc_type: mysql
odbc_server: "server1.******.com"
odbc_database: "ejabberd"
odbc_username: "new"
odbc_password: "******1211"

shaper:
  normal: 1000
  fast: 50000

max_fsm_queue: 1000

acl:
  admin:
    user:
      - "admin": "server1.******.com"
  local: 
    user_regexp: ""
  loopback:
    ip:
      - "127.0.0.0/8"

access:
  max_user_sessions: 
    all: 10
  max_user_offline_messages: 
    admin: 5000
    all: 100
  local: 
    local: allow
  c2s: 
    blocked: deny
    all: allow
  c2s_shaper: 
    admin: none
    all: normal
  s2s_shaper: 
    all: fast
  announce: 
    admin: allow
  configure: 
    admin: allow
  muc_admin: 
    admin: allow
  muc_create: 
    local: allow
  muc: 
    all: allow
  pubsub_createnode: 
    local: allow
  register: 
    all: allow
  trusted_network: 
    loopback: allow

## By default the frequency of account registrations from the same IP
## is limited to 1 account every 10 minutes. To disable, specify: infinity
## registration_timeout: 600

language: "en"

modules: 
  mod_adhoc: []
  mod_admin_extra: []
  mod_announce: # recommends mod_adhoc
    access: announce
    db_type: odbc
  mod_last_odbc: []
  mod_roster_odbc: []
  mod_mam:
    db_type: odbc
    default: always
    cache_size: integer
    cache_lifetime: seconds
  mod_caps: []
  mod_carboncopy: []
  mod_configure: [] # requires mod_adhoc
  mod_disco: []
  mod_http_bind: []
  mod_last: []
  mod_muc: 
    access: muc
    access_create: muc_create
    access_persistent: muc_create
    access_admin: muc_admin
  mod_muc_admin: []
  mod_offline: 
    access_max_user_messages: max_user_offline_messages
  mod_privacy: []
  mod_private: []
  mod_pubsub: 
    access_createnode: pubsub_createnode
    ignore_pep_from_offline: true
    last_item_cache: false
    plugins: 
      - "flat"
      - "hometree"
      - "pep" # pep requires mod_caps
  mod_register: 
    welcome_message: 
      subject: "Welcome!"
      body: |-
        Hi.
        Welcome to this XMPP server.
    ip_access: trusted_network
    access: register
  mod_roster: []
  mod_shared_roster: []
  mod_vcard: []
  mod_version: []

allow_contrib_modules: true

@youmad
Copy link

youmad commented Sep 6, 2016

And please code you used to create new account? I can't find such ability with this lib. Maybe https://github.com/Ghitu/xmpp

@BOXTECHSTUDIO
Copy link
Author

prepare($query); $prepare->bind_param('ss',$username,$password); $prepare->execute(); if($prepare->error) { printf("Error: %s.\n", $prepare->error);die; } $prepare->close(); echo 'user inserted'; }else{ echo 'no parameter recieved'; } $connection->close(); return ;

@youmad
Copy link

youmad commented Sep 6, 2016

Do you use fabiang/xmpp creating user on remote host? I think your problem is not related to this library.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants