Prosody 0.7.0 released

We did it! We are very pleased to announce the release of Prosody 0.7.0.

Download links are below, but first let's take a look at some of the new features...

Efficient connection handling

One of the most significant changes in Prosody 0.7 is the added support for libevent, meaning Prosody can efficiently handle very large numbers of connections on a variety of platforms using epoll, kqueue, and a range of other mechanisms.

For more information see our libevent documentation.

Cyrus SASL authentication

There is also now support for Cyrus SASL to handle authentication, allowing the use of LDAP, PAM, SQL or a range of other authentication methods such as GSSAPI.

For more information see our Cyrus SASL backend documentation.

SCRAM authentication

Tobias Markmann has also added support for SCRAM, a new authentication mechanism that solves a lot of the problems and weaknesses found in the current and widely-used mechanisms. Prosody's SCRAM support has been successfully tested against development versions of Pidgin, Pandion, Gajim, Psi, Telepathy and the newcomer Swift.

Also in the area of authentication and security, we have decided to make Prosody advertise the 'PLAIN' SASL mechanism by default only when the client's connection to the server is encrypted. This means that even when encryption isn't enforced, clients will never be transmitting passwords in a form that can easily be reversed.

Privacy lists

For a while Thilo Cestonaro has been busy contributing plugins to our prosody-modules project. Finally this release pulls in two of his plugins, mod_privacy and mod_proxy65.

Privacy lists allow users to configure custom filters for messages, presence and queries. This is already supported by most clients, which allow you to create very flexible rule-based filters.

Sometimes privacy lists are far more powerful than you need though, so we also have a plugin (currently experimental) for a protocol known as "Simple Communications Blocking", which allows you to simply configure a list of JIDs you wish to block all communications with.

File transfer proxying

File transfer in XMPP has been notoriously unreliable. This is in large part due to ever-increasing presence of firewalls and NAT routers between users, preventing connections directly between clients.

Using mod_proxy65, a client can request that Prosody acts as an intermediary in a file transfer - both clients connect to the server, and the server will relay data between them.

Most clients already support this protocol (XEP-0065, as the name suggests), and so once configured on the server it should work with any modern client out of the box.

Setting up the file transfer proxy is described in our mod_proxy65 documentation.

Port multiplexing

An experimental new feature allows you to configure Prosody to run more than one kind of service on a single port. As an example you can handle both client-to-server and server-to-server connections on a single port, in fact, it even supports HTTP and BOSH! This means that you could serve XMPP clients on port 80, and still serve files over HTTP and allow BOSH connections on that port.

To try it out, simply set the list of ports in the config, for example: "ports = { 5222, 80 }" - no need to specify which service(s) each port is for.

Further port configuration is described in our documentation.

Error notification

Another relatively minor, but very useful change is that when Prosody fails to deliver a message over a server-to-server connection, it includes in the generated error message what caused the failure. The feature is probably best described with a screenshot (this is of Gajim):

Image showing connection failed message from Prosody

By providing this information we can allow client developers to provide better user interfaces. Error handling and reporting is in our experience one area where all the major clients have a lot of room for improvement. Hopefully this can help them on their way to more explanatory errors.

Proxy-less BOSH

BOSH is a great technology which allows XMPP to be used from web pages. However it has traditionally been rather restricted by Javascript's "same-origin" policy, which prevents a page from connecting to the XMPP server unless it is on the same domain and port.

Until now this has been solved by using a server proxy on the page's domain to forward requests to the XMPP server, or to use Flash to make the requests, via flxhr.

However browsers now are beginning to support a new specification known as Cross-Origin Resource Sharing (CORS). This allows a browser to ask for permission from the remote domain to send requests there.

Support for CORS is now implemented in Prosody, and a browser also supporting CORS can connect to Prosody via BOSH without using a proxy, and without using Flash. CORS works out of the box with Strophe.js.

Details on configuring CORS support to suit your setup can be found in our BOSH documentation.

Other changes

This release includes many other changes, features and improvements. These include compression for server-to-server streams, disabling support for the insecure SSLv2 protocol, fixes to make PEP support compatible with User Avatar, and non-anonymous rooms and room destruction for MUC.

There have also been numerous changes to improve performance, and compliance with the latest XMPP specifications.

As always, you can reach us in any of the usual places for feedback, bug reports or words of thanks :-)

Download

Windows: Installer | Zip

OS X: Installer (requires OS X 10.5 or newer, Intel (32bit/64bit) and PowerPC (32bit))

Debian/Ubuntu: 32-bit | 64-bit

Source tarball: prosody-0.7.0.tar.gz