Open Source

Compliance Test XEP-0363

Von

27. November 2018

6770

Connect — PublicDomainPictures / Pixabay

Am Sonntag bekam ich die Meldung, dass mein XMPP-Server den informativen Test XEP-0363: HTTP File Upload (CORS Headers) nicht bestanden hat, obwohl der Upload aktiviert war. Abhilfe schaffte hier ein Upgrade der Community-Module von Prosody.

cd /usr/lib/prosody/prosody-modules

1	cd /usr/lib/prosody/prosody-modules

hg pull --update

1	hg pull --update

prosodyctl restart

1	prosodyctl restart

Meine aktuelle Konfiguration sieht im Moment so aus:

pidfile = "/var/run/prosody/prosody.pid"

storage = "sql"

sql = {
    driver = "MySQL";
    database = "prosody";
    host = "localhost";
    username = "benutzername";
    password = "passwort";
}

plugin_paths = { "/usr/lib/prosody/prosody-modules" }

admins = {"intux@intux.de" }
modules_enabled = {
	"roster";
	"saslauth";
 	"tls";
	"dialback";
	"disco";
	"private";
	"blocklist";
	"version";
	"uptime";
	"time";
	"ping";
	"posix";
	"pep";
	"register";
	"admin_adhoc";
	"motd";
	"welcome";
	"proxy65";
	"watchregistrations";
	"register_web";
	"admin_web";
	"http_upload";
	"mam";
	"csi";
	"carbons";
	"smacks";
	"lastlog";
	"cloud_notify";
	"omemo_all_access";
	"server_contact_info";
	"profile";
	"vcard_legacy";
	"pep_vcard_avatar";
	"websocket";
}

log = {
 debug = "/var/log/prosody/prosody.log";
 error = "/var/log/prosody/prosody.err";
}

legacy_ssl_ports = { 5223 }

default_archive_policy = false;
archive_expires_after = "1m";

c2s_require_encryption = true
s2s_require_encryption = true
s2s_secure_auth = true
s2s_secure_domains = { "blabber.im", "trashserver.net", "jabber.de", "c0by.de", "jabber.org", "xmpp.org", "xmpp.maltris.org", "oprtr.org" }
s2s_insecure_domains = {}

proxy65_ports = { 5212 }

authentication = "internal_hashed"

consider_websocket_secure = true;
cross_domain_bosh = true;
consider_bosh_secure = true;

allow_registration = true
register_web_template = "/etc/prosody/register-templates/Prosody-Web-Registration-Theme";
min_seconds_between_registrations = 300
registration_blacklist = { "83.218.198.86", "109.185.243.100", "93.114.0.93", "93.114.11.136", "92.114.216.80" }

ssl = {
	protocol = "tlsv1_2";
        key = "/etc/prosody/certs/privkey.pem";
        certificate = "/etc/prosody/certs/fullchain.pem";

        dhparam = "/etc/prosody/certs/dh-4096.pem";

        ciphers = "EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:EDH+aRSA:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:!SEED:!AES128:!CAMELLIA128";

        options = { "no_sslv2", "no_sslv3", "no_ticket", "no_compression", "cipher_server_preference", "single_dh_use", "single_ecdh_use" }

}

contact_info = {
  abuse = { "mailto:abuse@intux.de", "xmpp:intux@intux.de" };
  admin = { "mailto:admin@intux.de", "xmpp:intux@intux.de" };
  feedback = { "mailto:admin@intux.de", "xmpp:intux@intux.de" };
  sales = { "mailto:admin@intux.de", "xmpp:intux@intux.de" };
  security = { "mailto:admin@intux.de", "xmpp:intux@intux.de" };
  support = { "xmpp:intux@intux.de", "xmpp:intux@intux.de" };
}

VirtualHost "intux.de"

Component "proxy.intux.de" "proxy65"

	proxy65_acl = { "intux.de" }

Component "conference.intux.de" "muc"
        name = "intux.de Chatrooms"
        restrict_room_creation = false
        max_history_messages = 500
        modules_enabled = {
                "mam_muc",
		"vcard_muc",
        }
        muc_log_by_default = false

Component "upload.intux.de" "http_upload"

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

pidfile = "/var/run/prosody/prosody.pid"

storage = "sql"

sql = {

driver = "MySQL";

database = "prosody";

host = "localhost";

username = "benutzername";

password = "passwort";

}

plugin_paths = { "/usr/lib/prosody/prosody-modules" }

admins = {"intux@intux.de" }

modules_enabled = {

"roster";

"saslauth";

"tls";

"dialback";

"disco";

"private";

"blocklist";

"version";

"uptime";

"time";

"ping";

"posix";

"pep";

"register";

"admin_adhoc";

"motd";

"welcome";

"proxy65";

"watchregistrations";

"register_web";

"admin_web";

"http_upload";

"mam";

"csi";

"carbons";

"smacks";

"lastlog";

"cloud_notify";

"omemo_all_access";

"server_contact_info";

"profile";

"vcard_legacy";

"pep_vcard_avatar";

"websocket";

}

log = {

debug = "/var/log/prosody/prosody.log";

error = "/var/log/prosody/prosody.err";

}

legacy_ssl_ports = { 5223 }

default_archive_policy = false;

archive_expires_after = "1m";

c2s_require_encryption = true

s2s_require_encryption = true

s2s_secure_auth = true

s2s_secure_domains = { "blabber.im", "trashserver.net", "jabber.de", "c0by.de", "jabber.org", "xmpp.org", "xmpp.maltris.org", "oprtr.org" }

s2s_insecure_domains = {}

proxy65_ports = { 5212 }

authentication = "internal_hashed"

consider_websocket_secure = true;

cross_domain_bosh = true;

consider_bosh_secure = true;

allow_registration = true

register_web_template = "/etc/prosody/register-templates/Prosody-Web-Registration-Theme";

min_seconds_between_registrations = 300

registration_blacklist = { "83.218.198.86", "109.185.243.100", "93.114.0.93", "93.114.11.136", "92.114.216.80" }

ssl = {

protocol = "tlsv1_2";

key = "/etc/prosody/certs/privkey.pem";

certificate = "/etc/prosody/certs/fullchain.pem";

dhparam = "/etc/prosody/certs/dh-4096.pem";

ciphers = "EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:EDH+aRSA:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:!SEED:!AES128:!CAMELLIA128";

options = { "no_sslv2", "no_sslv3", "no_ticket", "no_compression", "cipher_server_preference", "single_dh_use", "single_ecdh_use" }

}

contact_info = {

abuse = { "mailto:abuse@intux.de", "xmpp:intux@intux.de" };

admin = { "mailto:admin@intux.de", "xmpp:intux@intux.de" };

feedback = { "mailto:admin@intux.de", "xmpp:intux@intux.de" };

sales = { "mailto:admin@intux.de", "xmpp:intux@intux.de" };

security = { "mailto:admin@intux.de", "xmpp:intux@intux.de" };

support = { "xmpp:intux@intux.de", "xmpp:intux@intux.de" };

}

VirtualHost "intux.de"

Component "proxy.intux.de" "proxy65"

proxy65_acl = { "intux.de" }

Component "conference.intux.de" "muc"

name = "intux.de Chatrooms"

restrict_room_creation = false

max_history_messages = 500

modules_enabled = {

"mam_muc",

"vcard_muc",

}

muc_log_by_default = false

Component "upload.intux.de" "http_upload"

Compliance Test XEP-0363

Kommentieren Sie den Artikel Antwort abbrechen

Wetter

Bücher

WordPress 6 Schnelleinstieg

Nextcloud Schnelleinstieg

WordPress 6 – Das umfassende Handbuch

Linux Mint 20 – Praxiswissen für Ein- und Umsteiger

Raspberry Pi – Das umfassende Handbuch

Redaktionstipp

Raspberry Pi OS Bullseye -> Bookworm

Bruteforce-Einträge in Nextcloud-Datenbank löschen

PHP8.2-fpm für Nextcloud 28

Beliebte Beiträge

Nextcloud auf Uberspace

Dateien kopieren via SSH

Raspberry Pi mit Windows PC direkt verbinden

Inhaber und Autor

Beliebte Kategorie