Skip to main content.

Quick search for all users in a jud

I posted the original patch to the jadmin mailing list.

I made some simple changes to allow users to quickly display a list of all the users in a jud. Depending on your Jabber client, you can either just click on the search button and all the users will be displayed, or if your Jabber client forces you to enter some search criteria (JabberIM), you can just enter a single asterisk (*) in any of the search fields, then just click on the search button to display a list of all the users. Also, it's worth noting that it might not be a good idea to implement these patches on servers with a large number of users in the jud.

If anyone is interested, I created the patch as follows (using jabber-1.4.1 and jud-0.4):

# cd /usr/local/jabber-1.4.1/jud-0.4
# cp -p jud_search.c jud_search.c.orig
# vi jud_search.c

made changes

# diff -Nurd jud_search.c.orig jud_search.c > jud_search.patch

Download the patch

Basically just copy/paste this into "/usr/local/jabber-1.4.1/jud-0.4/jud_search.patch", then apply the patch as follows:

# cd /usr/local/jabber-1.4.1/jud-0.4
# patch -p0 < jud_search.patch
# make

Done.

Installing Jabber Server on FreeBSD

Note: You need to compile using "gmake" instead of just "make".

Configuring SSL for your Jabber Server

Note: I suggest you obtain Jabber-1.4.x via CVS since it contains a patch to fix a Denial of Service problem with SSL connections.

  1. Obtain the latest Jabber Server.
  2. Follow the steps at Jabberd Admin Guide, but use "./configure --enable-ssl" instead of just "./configure". This assumes you have already downloaded and installed OpenSSL
  3. Follow this guide. Generate your SSL pem file using this simple script (originally posted here).
  4. Your Jabber Server should now be able to accept SSL connections on port 5223.

Securing jabber in a chroot (FreeBSD)

Assumes jabber is installed in "/usr/local/jabber"

cd /usr/local/jabber

mkdir -p usr/libexec
mkdir usr/lib
mkdir etc

cp /usr/libexec/ld-elf.so.1 usr/libexec/
cp /usr/lib/libssl.so.2 usr/lib/
cp /usr/lib/libcrypto.so.2 usr/lib/
cp /usr/local/lib/libpth.so.14 usr/lib/
cp /usr/lib/libc.so.4 usr/lib/

# need this for s2s and dnsrv
cp /etc/resolv.conf etc/

echo "jabber:*:1001:1001::0:0:Jabber:/:/sbin/nologin" > etc/passwd
pwd_mkdb -d etc etc/passwd

cd /usr/local
chown -R root.wheel jabber

cd /usr/local/jabber
chown -R 1001.1001 spool

I created a var dir for all the log files

mkdir -p var/log
mkdir var/run
cd var
chown 1001.1001 run
touch var/log/record.log
touch var/log/error.log
chown 1001.1001 var/log/record.log
chown 1001.1001 var/log/error.log

Simple jabberd control script (FreeBSD)

Download the script below, here.

#!/bin/sh

JPIDFILE="/usr/local/jabber/var/run/jabberd.pid"
JLOGFILE="/usr/local/jabber/var/log/jabberd.log"

case "$1" in
  start)
    # Start jabberd (but check if already running first)
    ps -axc | grep jabberd > /dev/null 2>&1
    if [ "$?" -eq 0 ]
    then
      echo "jabberd is already running!"
      exit 1
    fi

    if [ -f $JPIDFILE ]
    then
      echo "jabberd.pid file exists, removing"
      rm -f $JPIDFILE
    fi

    echo -n "Starting jabberd: "
    echo

    # non chrooted
    #su jabber -c '/usr/local/jabber/jabberd/jabberd -B'

    # chrooted
    chroot /usr/local/jabber /jabberd/jabberd -H / -U jabber 2>$JLOGFILE &
    ;;
  stop)
    # Stop daemons.
    echo -n "Stopping jabberd: "
    echo
    killall -KILL -v jabberd

    if [ -f $JPIDFILE ]
    then
      echo "jabberd.pid file exists, removing"
      rm -f $JPIDFILE
    fi
    ;;
  restart)
    $0 stop
    $0 start
    ;;
  reload)
    echo "Reloading jabber.xml config"
    kill -HUP `/bin/cat $JPIDFILE`
    ;;
  *)
    echo "Usage: $0 {start|stop|restart|reload}"
    exit 1
esac

exit 0

Extending Jabber authentication using xdb_auth/check

Note: Due to other commitments, I no longer have the time to develop and support this code. I hope you still find it useful and enjoy using Jabber.

This is an example Perl script that uses the new auth/check method in 1.4.2. It is based on Jer's original script found here. There seems to be a problem with the original script as detailed here

This version uses DJ Adams' Jabber::Connection Perl modules instead of XML::Stream. So far, performance seems better and I haven't experienced any problems. The code is a cross between Jer's original xdb_auth_test.pl and DJ's RSS Newsagent script from his book "Programming Jabber".

For more information on the auth/check method, see the Jabber-1.4.2 change log, under the heading 'XDB "check" and Authentication Modules'.

Note:

  1. Using this technique requires that the clients authenticate with plain the plain text password (obviously) so it should be used carefully, only on internal servers or when SSL is enabled.
  2. You need an experimental version of Jabber::Connection
  3. You will probably need to edit the "use lib qw(/usr/local/jabber/xdb_auth_cpile);" line in xdb_auth_cpile.pl to reflect the location of your xdb_auth_cpile.pm file.

xdb_auth_cpile-1.7.pl
xdb_auth_cpile.pm (User password is "test")
xdb_auth_cpile.README
example "xdb_auth_cpile.xml" config

Authenticating using IMAP, LDAP, MYSQL, PAM, POP3, RADIUS, SMB:

I have also created a tarball which makes it very easy to change the authentication method.

I have included a few examples of how to extend the authentication method. You will need to rename the file you wish to use:
E.g.
rename xdb_auth_cpile.pm.imap to xdb_auth_cpile.pm
OR
rename xdb_auth_cpile.pm.ldap to xdb_auth_cpile.pm
OR
rename xdb_auth_cpile.pm.mysql to xdb_auth_cpile.pm
OR
rename xdb_auth_cpile.pm.pam to xdb_auth_cpile.pm
OR
rename xdb_auth_cpile.pm.pop3 to xdb_auth_cpile.pm
OR
rename xdb_auth_cpile.pm.radius to xdb_auth_cpile.pm
OR
rename xdb_auth_cpile.pm.smb to xdb_auth_cpile.pm
OR
rename xdb_auth_cpile.pm.test to xdb_auth_cpile.pm

Download: xdb_auth_cpile-1.7/1.8.tar.gz

Restricting nicknames in chatrooms

This patch restricts users from changing their nicknames within a conference room. Their nickname is forced to be the same as their actual Jabber username

Download the patch

Checkout the conference module from the CVS on jabberstudio.org then apply the patch as follows.

# cd /usr/local/jabber-1.4.2
# patch < conference.patch
# cd conference
# make

Done.