Package: guix-patches;
Reported by: Clément Lassieur <clement <at> lassieur.org>
Date: Fri, 24 Nov 2017 22:52:02 UTC
Severity: normal
Tags: fixed
Done: clement <at> lassieur.org (Clément Lassieur)
Bug is archived. No further changes may be made.
Message #8 received at 29433 <at> debbugs.gnu.org (full text, mbox):
From: Clément Lassieur <clement <at> lassieur.org> To: 29433 <at> debbugs.gnu.org Subject: [PATCH 1/2] services: prosody: Add support for disable-sasl-mechanisms. Date: Fri, 24 Nov 2017 23:52:57 +0100
* doc/guix.texi (Messaging Services): Update accordingly.
* gnu/services/messaging.scm (prosody-configuration)[disable-sasl-mechanisms]:
New field.
---
doc/guix.texi | 11 ++++++++---
gnu/services/messaging.scm | 6 ++++++
2 files changed, 14 insertions(+), 3 deletions(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index dc2da7a45..a008b1c0a 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -14029,6 +14029,11 @@ See @url{http://prosody.im/doc/modules/mod_tls}.
Defaults to @samp{#f}.
@end deftypevr
+@deftypevr {@code{prosody-configuration} parameter} string-list disable-sasl-mechanisms
+Set of mechanisms that will never be offered. See
+@url{https://prosody.im/doc/modules/mod_saslauth}.
+@end deftypevr
+
@deftypevr {@code{prosody-configuration} parameter} boolean s2s-require-encryption?
Whether to force all server-to-server connections to be encrypted or not.
See @url{http://prosody.im/doc/modules/mod_tls}.
@@ -14106,7 +14111,7 @@ See @url{http://prosody.im/doc/configure#virtual_host_settings}.
Available @code{virtualhost-configuration} fields are:
-all these @code{prosody-configuration} fields: @code{admins}, @code{use-libevent?}, @code{modules-enabled}, @code{modules-disabled}, @code{groups-file}, @code{allow-registration?}, @code{ssl}, @code{c2s-require-encryption?}, @code{s2s-require-encryption?}, @code{s2s-secure-auth?}, @code{s2s-insecure-domains}, @code{s2s-secure-domains}, @code{authentication}, @code{log}, @code{http-max-content-size}, @code{http-external-url}, @code{raw-content}, plus:
+all these @code{prosody-configuration} fields: @code{admins}, @code{use-libevent?}, @code{modules-enabled}, @code{modules-disabled}, @code{groups-file}, @code{allow-registration?}, @code{ssl}, @code{c2s-require-encryption?}, @code{disable-sasl-mechanisms}, @code{s2s-require-encryption?}, @code{s2s-secure-auth?}, @code{s2s-insecure-domains}, @code{s2s-secure-domains}, @code{authentication}, @code{log}, @code{http-max-content-size}, @code{http-external-url}, @code{raw-content}, plus:
@deftypevr {@code{virtualhost-configuration} parameter} string domain
Domain you wish Prosody to serve.
@end deftypevr
@@ -14128,7 +14133,7 @@ Defaults to @samp{()}.
Available @code{int-component-configuration} fields are:
-all these @code{prosody-configuration} fields: @code{admins}, @code{use-libevent?}, @code{modules-enabled}, @code{modules-disabled}, @code{groups-file}, @code{allow-registration?}, @code{ssl}, @code{c2s-require-encryption?}, @code{s2s-require-encryption?}, @code{s2s-secure-auth?}, @code{s2s-insecure-domains}, @code{s2s-secure-domains}, @code{authentication}, @code{log}, @code{http-max-content-size}, @code{http-external-url}, @code{raw-content}, plus:
+all these @code{prosody-configuration} fields: @code{admins}, @code{use-libevent?}, @code{modules-enabled}, @code{modules-disabled}, @code{groups-file}, @code{allow-registration?}, @code{ssl}, @code{c2s-require-encryption?}, @code{disable-sasl-mechanisms}, @code{s2s-require-encryption?}, @code{s2s-secure-auth?}, @code{s2s-insecure-domains}, @code{s2s-secure-domains}, @code{authentication}, @code{log}, @code{http-max-content-size}, @code{http-external-url}, @code{raw-content}, plus:
@deftypevr {@code{int-component-configuration} parameter} string hostname
Hostname of the component.
@end deftypevr
@@ -14181,7 +14186,7 @@ Defaults to @samp{()}.
Available @code{ext-component-configuration} fields are:
-all these @code{prosody-configuration} fields: @code{admins}, @code{use-libevent?}, @code{modules-enabled}, @code{modules-disabled}, @code{groups-file}, @code{allow-registration?}, @code{ssl}, @code{c2s-require-encryption?}, @code{s2s-require-encryption?}, @code{s2s-secure-auth?}, @code{s2s-insecure-domains}, @code{s2s-secure-domains}, @code{authentication}, @code{log}, @code{http-max-content-size}, @code{http-external-url}, @code{raw-content}, plus:
+all these @code{prosody-configuration} fields: @code{admins}, @code{use-libevent?}, @code{modules-enabled}, @code{modules-disabled}, @code{groups-file}, @code{allow-registration?}, @code{ssl}, @code{c2s-require-encryption?}, @code{disable-sasl-mechanisms}, @code{s2s-require-encryption?}, @code{s2s-secure-auth?}, @code{s2s-insecure-domains}, @code{s2s-secure-domains}, @code{authentication}, @code{log}, @code{http-max-content-size}, @code{http-external-url}, @code{raw-content}, plus:
@deftypevr {@code{ext-component-configuration} parameter} string component-secret
Password which the component will use to log in.
@end deftypevr
diff --git a/gnu/services/messaging.scm b/gnu/services/messaging.scm
index b66d6ddb9..c75c71585 100644
--- a/gnu/services/messaging.scm
+++ b/gnu/services/messaging.scm
@@ -391,6 +391,12 @@ using them. See @url{http://prosody.im/doc/advanced_ssl_config}."
See @url{http://prosody.im/doc/modules/mod_tls}."
common)
+ (disable-sasl-mechanisms
+ (string-list '("DIGEST-MD5"))
+ "Set of mechanisms that will never be offered. See
+@url{https://prosody.im/doc/modules/mod_saslauth}."
+ common)
+
(s2s-require-encryption?
(boolean #f)
"Whether to force all server-to-server connections to be encrypted or not.
--
2.15.0
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.