Update mix.lock

Add odbc connection robustness (#2428 )
Update xmpp
2018-09-26 15:01:27 +02:00 · 2018-09-25 16:59:49 +02:00 · 2018-09-25 16:18:16 +02:00 · 2018-09-25 14:31:22 +02:00 · 2018-09-25 10:55:57 +02:00 · 2018-09-25 10:55:56 +02:00
385 changed files with 10965 additions and 20542 deletions
@@ -1,15 +1,21 @@
-> What version of ejabberd are you using?
+Environment
+-----------
+- ejabberd version: 18.06
+- Erlang version: `erl +V`
+- OS: Linux (Debian)
+- Installed from: source | distro package | official deb/rpm | official binary installer | other

+Configuration (only if needed): grep -Ev '^$|^\s*#' ejabberd.yml
+---------------------------------------------------------------------------
+```yaml
+loglevel: 4
+...
+```

+Errors from error.log/crash.log
+-------------------------------
+No errors

-> What operating system (version) are you using?
-
-
-
-> How did you install ejabberd (source, package, distribution)?
-
-
-
-> What did not work as expected? Are there error messages in the log? What
-> was the unexpected behavior? What was the expected result?
-
+Bug description
+---------------
+Nothing works, plz halp :(
@@ -6,7 +6,6 @@ otp_release:
  - 19.2

 services:
-  - riak
  - redis-server

 before_install:
@@ -31,16 +30,6 @@ install:

 before_script:
  # Ulimit: See Travis-CI issue report: https://github.com/travis-ci/travis-ci/issues/3328
-  - echo 'ulimit -n 4096' > riak
-  - sudo mv riak /etc/default/riak
-  - mkdir "$PWD/ebin"
-  - sed 's/^storage_backend.*/storage_backend = leveldb/' /etc/riak/riak.conf > riak.conf
-  - sudo mv riak.conf /etc/riak/riak.conf
-  - echo "[{riak_kv, [{add_paths, [\"$PWD/ebin/\"]}]}]." > advanced.config
-  - sudo mv advanced.config /etc/riak/advanced.config
-  - sudo service riak restart
-  - sudo riak-admin wait-for-service riak_kv 'riak@127.0.0.1'
-  - sudo riak-admin test
  - mysql -u root -e "CREATE USER 'ejabberd_test'@'localhost' IDENTIFIED BY 'ejabberd_test';"
  - mysql -u root -e "CREATE DATABASE ejabberd_test;"
  - mysql -u root -e "GRANT ALL ON ejabberd_test.* TO 'ejabberd_test'@'localhost';"
@@ -50,23 +39,24 @@ before_script:

 script:
  - ./autogen.sh
-  - ./configure --prefix=/tmp/ejabberd --enable-all --disable-odbc
+  - ./configure --prefix=/tmp/ejabberd --enable-all --disable-odbc --disable-riak
  - make
-  - make install
+  - make install -s
  - make xref
  - sed -i -e 's/ct:pal/ct:log/' test/suite.erl
  - ln -sf ../sql priv/
+  - echo "" >> rebar.config
+  - echo '{ct_extra_params, "-verbosity 20"}.' >> rebar.config
  - escript ./rebar skip_deps=true ct -v
-  - grep -q 'TEST COMPLETE, \([[:digit:]]*\) ok, .* of \1 ' logs/raw.log
+  - grep -q 'TEST COMPLETE,.* 0 failed' logs/raw.log

 after_script:
  - find logs -name suite.log -exec cat '{}' ';'

 after_failure:
  - find logs -name exunit.log -exec cat '{}' ';'
-  # Try checking Riak database logs
-  - tail -n 100000 /var/log/riak/*.log
  - find logs -name ejabberd.log -exec cat '{}' ';'
+  - find logs -name suite.log -exec cat '{}' ';' | awk 'BEGIN{RS="\n=case";FS="\n"} /=result\s*failed/ {print "=case" $0}

 after_success:
  - coveralls-merge erlang.json
@@ -0,0 +1,46 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+In the interest of fostering an open and welcoming environment, we as contributors and maintainers pledge to making participation in our project and our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience, nationality, personal appearance, race, religion, or sexual identity and orientation.
+
+## Our Standards
+
+Examples of behavior that contributes to creating a positive environment include:
+
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for the community
+* Showing empathy towards other community members
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery and unwelcome sexual attention or advances
+* Trolling, insulting/derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or electronic address, without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a professional setting
+
+## Our Responsibilities
+
+Project maintainers are responsible for clarifying the standards of acceptable behavior and are expected to take appropriate and fair corrective action in response to any instances of unacceptable behavior.
+
+Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct, or to ban temporarily or permanently any contributor for other behaviors that they deem inappropriate, threatening, offensive, or harmful.
+
+## Scope
+
+This Code of Conduct applies both within project spaces and in public spaces when an individual is representing the project or its community. Examples of representing a project or community include using an official project e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event. Representation of a project may be further defined and clarified by project maintainers.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the project team at conduct@process-one.net. The project team will review and investigate all complaints, and will respond in a way that it deems appropriate to the circumstances. The project team is obligated to maintain confidentiality with regard to the reporter of an incident. Further details of specific enforcement policies may be posted separately.
+
+Project maintainers who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the project's leadership.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, available at [http://contributor-covenant.org/version/1/4][version]
+
+[homepage]: http://contributor-covenant.org
+[version]: http://contributor-covenant.org/version/1/4/
@@ -1,120 +0,0 @@
-FROM debian:jessie-slim
-MAINTAINER Rafael Römhild <rafael@roemhild.de>
-
-ENV EJABBERD_BRANCH=17.08 \
-    EJABBERD_USER=ejabberd \
-    EJABBERD_HTTPS=true \
-    EJABBERD_STARTTLS=true \
-    EJABBERD_S2S_SSL=true \
-    EJABBERD_HOME=/opt/ejabberd \
-    EJABBERD_DEBUG_MODE=false \
-    HOME=$EJABBERD_HOME \
-    PATH=$EJABBERD_HOME/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/sbin \
-    DEBIAN_FRONTEND=noninteractive \
-    XMPP_DOMAIN=localhost \
-    # Set default locale for the environment
-    LC_ALL=C.UTF-8 \
-    LANG=en_US.UTF-8 \
-    LANGUAGE=en_US.UTF-8
-
-# Add ejabberd user and group
-RUN groupadd -r $EJABBERD_USER \
-    && useradd -r -m \
-       -g $EJABBERD_USER \
-       -d $EJABBERD_HOME \
-       $EJABBERD_USER
-
-# Install packages and perform cleanup
-RUN set -x \
-    && buildDeps=' \
-        git-core \
-        build-essential \
-        automake \
-        libssl-dev \
-        zlib1g-dev \
-        libexpat-dev \
-        libyaml-dev \
-        libsqlite3-dev \
-        erlang-src erlang-dev \
-    ' \
-    && requiredAptPackages=' \
-        wget \
-        locales \
-        ldnsutils \
-        python2.7 \
-        python-jinja2 \
-        ca-certificates \
-        libyaml-0-2 \
-        erlang-base erlang-snmp erlang-ssl erlang-ssh erlang-webtool \
-        erlang-tools erlang-xmerl erlang-corba erlang-diameter erlang-eldap \
-        erlang-eunit erlang-ic erlang-odbc erlang-os-mon \
-        erlang-parsetools erlang-percept erlang-typer \
-        python-mysqldb \
-        imagemagick \
-    ' \
-    && apt-key adv \
-        --keyserver keys.gnupg.net \
-        --recv-keys 434975BD900CCBE4F7EE1B1ED208507CA14F4FCA \
-    && apt-get update \
-    && apt-get install -y $buildDeps $requiredAptPackages --no-install-recommends \
-    && dpkg-reconfigure locales && \
-        locale-gen C.UTF-8 \
-    && /usr/sbin/update-locale LANG=C.UTF-8 \
-    && echo 'en_US.UTF-8 UTF-8' >> /etc/locale.gen \
-    && locale-gen \
-    && cd /tmp \
-    && git clone https://github.com/processone/ejabberd.git \
-        --branch $EJABBERD_BRANCH --single-branch --depth=1 \
-    && cd ejabberd \
-    && chmod +x ./autogen.sh \
-    && ./autogen.sh \
-    && ./configure --enable-user=$EJABBERD_USER \
-        --enable-all \
-        --disable-tools \
-        --disable-pam \
-    && make debug=$EJABBERD_DEBUG_MODE \
-    && make install \
-    && mkdir $EJABBERD_HOME/ssl \
-    && mkdir $EJABBERD_HOME/conf \
-    && mkdir $EJABBERD_HOME/backup \
-    && mkdir $EJABBERD_HOME/upload \
-    && mkdir $EJABBERD_HOME/database \
-    && mkdir $EJABBERD_HOME/module_source \
-    && cd $EJABBERD_HOME \
-    && rm -rf /tmp/ejabberd \
-    && rm -rf /usr/local/etc/ejabberd \
-    && ln -sf $EJABBERD_HOME/conf /usr/local/etc/ejabberd \
-    && chown -R $EJABBERD_USER: $EJABBERD_HOME \
-    && rm -rf /var/lib/apt/lists/* \
-    && apt-get purge -y --auto-remove $buildDeps
-
-RUN wget -P /usr/local/share/ca-certificates/cacert.org http://www.cacert.org/certs/root.crt http://www.cacert.org/certs/class3.crt; \
-    update-ca-certificates
-
-# Create logging directories
-RUN mkdir -p /var/log/ejabberd
-RUN touch /var/log/ejabberd/crash.log /var/log/ejabberd/error.log /var/log/ejabberd/erlang.log
-
-# Wrapper for setting config on disk from environment
-# allows setting things like XMPP domain at runtime
-ADD ./docker/run.sh /sbin/run
-
-# Add run scripts
-ADD ./docker/scripts $EJABBERD_HOME/scripts
-ADD https://raw.githubusercontent.com/rankenstein/ejabberd-auth-mysql/master/auth_mysql.py $EJABBERD_HOME/scripts/lib/auth_mysql.py
-RUN chmod a+rx $EJABBERD_HOME/scripts/lib/auth_mysql.py
-
-# Add config templates
-ADD ./docker/conf /opt/ejabberd/conf
-
-# Continue as user
-USER $EJABBERD_USER
-
-# Set workdir to ejabberd root
-WORKDIR $EJABBERD_HOME
-
-VOLUME ["$EJABBERD_HOME/database", "$EJABBERD_HOME/ssl", "$EJABBERD_HOME/backup", "$EJABBERD_HOME/upload"]
-EXPOSE 4560 5222 5269 5280 5443
-
-CMD ["start"]
-ENTRYPOINT ["run"]
@@ -58,6 +58,9 @@ JSDIR = $(PRIVDIR)/js
 # /usr/lib/ejabberd/priv/sql
 SQLDIR = $(PRIVDIR)/sql

+# /usr/lib/ejabberd/priv/lua
+LUADIR = $(PRIVDIR)/lua
+
 # /var/lib/ejabberd/
 SPOOLDIR = $(DESTDIR)@localstatedir@/lib/ejabberd

@@ -85,6 +88,11 @@ else
  CHOWN_OUTPUT=&1
  INIT_USER=$(INSTALLUSER)
 endif
+# if no group was enabled, don't set privileges or ownership
+INSTALLGROUP=@INSTALLGROUP@
+ifneq ($(INSTALLGROUP),)
+  G_USER=-g $(INSTALLGROUP)
+endif

 all: deps src

@@ -97,6 +105,7 @@ deps/.got:
 	$(REBAR) get-deps && :> deps/.got

 deps/.built: deps/.got
+	$(REBAR) configure-deps
 	$(REBAR) compile && :> deps/.built

 src: deps/.built
@@ -136,7 +145,10 @@ ifeq ($(MAKECMDGOALS),copy-files-sub)
 DEPS:=$(sort $(shell $(REBAR) -q list-deps|$(SED) -ne '/ TAG / s/ .*// p; / REV / s/ .*// p; / BRANCH / s/ .*// p'))

 DEPS_FILES=$(call FILES_WILDCARD,$(foreach DEP,$(DEPS),deps/$(DEP)/ebin/*.beam deps/$(DEP)/ebin/*.app deps/$(DEP)/priv/* deps/$(DEP)/priv/lib/* deps/$(DEP)/priv/bin/* deps/$(DEP)/include/*.hrl deps/$(DEP)/COPY* deps/$(DEP)/LICENSE* deps/$(DEP)/lib/*/ebin/*.beam deps/$(DEP)/lib/*/ebin/*.app))
-DEPS_FILES_FILTERED=$(filter-out %/epam %/eimp %/mac_listener deps/elixir/ebin/elixir.app,$(DEPS_FILES))
+
+BINARIES=deps/epam/priv/bin/epam deps/eimp/priv/bin/eimp deps/fs/priv/mac_listener
+
+DEPS_FILES_FILTERED=$(filter-out $(BINARIES) deps/elixir/ebin/elixir.app,$(DEPS_FILES))
 DEPS_DIRS=$(sort deps/ $(foreach DEP,$(DEPS),deps/$(DEP)/) $(dir $(DEPS_FILES)))

 MAIN_FILES=$(filter-out %/configure.beam,$(call FILES_WILDCARD,ebin/*.beam ebin/*.app priv/msgs/*.msg priv/css/*.css priv/img/*.png priv/js/*.js priv/lib/* include/*.hrl COPYING))
@@ -146,27 +158,26 @@ define DEP_VERSION_template
 DEP_$(1)_VERSION:=$(shell $(SED) -e '/vsn/!d;s/.*, *"/$(1)-/;s/".*//' $(2) 2>/dev/null)
 endef

+DELETE_TARGET_SO=$(if $(subst X.soX,,X$(suffix $(1))X),,rm -f $(call TO_DEST,$(1));)
+
 $(foreach DEP,$(DEPS),$(eval $(call DEP_VERSION_template,$(DEP),deps/$(DEP)/ebin/$(DEP).app)))
 $(eval $(call DEP_VERSION_template,ejabberd,ebin/ejabberd.app))

 define COPY_template
-$(call TO_DEST,$(1)): $(1) $(call TO_DEST,$(dir $(1))) ; $$(INSTALL) -m 644 $(1) $(call TO_DEST,$(1))
+$(call TO_DEST,$(1)): $(1) $(call TO_DEST,$(dir $(1))) ; $(call DELETE_TARGET_SO, $(1)) $$(INSTALL) -m 644 $(1) $(call TO_DEST,$(1))
+endef
+
+define COPY_BINARY_template
+$(call TO_DEST,$(1)): $(1) $(call TO_DEST,$(dir $(1))) ; rm -f $(call TO_DEST,$(1)); $$(INSTALL) -m 755 $$(O_USER) $(1) $(call TO_DEST,$(1))
 endef

 $(foreach file,$(DEPS_FILES_FILTERED) $(MAIN_FILES),$(eval $(call COPY_template,$(file))))

+$(foreach file,$(BINARIES),$(eval $(call COPY_BINARY_template,$(file))))
+
 $(sort $(call TO_DEST,$(MAIN_DIRS) $(DEPS_DIRS))):
 	$(INSTALL) -d $@

-$(call TO_DEST,deps/epam/priv/bin/epam): $(LIBDIR)/%: deps/epam/priv/bin/epam $(call TO_DEST,deps/epam/priv/bin/)
-	$(INSTALL) -m 750 $(O_USER) $< $@
-
-$(call TO_DEST,deps/eimp/priv/bin/eimp): $(LIBDIR)/%: deps/eimp/priv/bin/eimp $(call TO_DEST,deps/eimp/priv/bin/)
-	$(INSTALL) -m 755 $(O_USER) $< $@
-
-$(call TO_DEST,deps/fs/priv/mac_listener): $(LIBDIR)/%: deps/fs/priv/mac_listener $(call TO_DEST,deps/fs/priv/)
-	$(INSTALL) -m 755 $(O_USER) $< $@
-
 $(call TO_DEST,priv/sql/lite.sql): sql/lite.sql $(call TO_DEST,priv/sql)
 	$(INSTALL) -m 644 $< $@

@@ -175,6 +186,8 @@ $(call TO_DEST,priv/bin/captcha.sh): tools/captcha.sh $(call TO_DEST,priv/bin)

 copy-files-sub2: $(call TO_DEST,$(DEPS_FILES) $(MAIN_FILES) priv/bin/captcha.sh priv/sql/lite.sql)

+.PHONY: $(call TO_DEST,$(DEPS_FILES) $(MAIN_DIRS) $(DEPS_DIRS))
+
 endif

 copy-files:
@@ -273,6 +286,8 @@ uninstall-binary:
 	rm -fr $(JSDIR)
 	rm -f  $(SQLDIR)/*.sql
 	rm -fr $(SQLDIR)
+	rm -fr $(LUADIR)/*.lua
+	rm -fr $(LUADIR)
 	rm -fr $(PRIVDIR)
 	rm -fr $(EJABBERDDIR)

@@ -93,7 +93,6 @@ Moreover, ejabberd comes with a wide range of other state-of-the-art features:
  - Users Directory based on users vCards.
  - Publish-Subscribe component with support for Personal Eventing.
  - Support for web clients: HTTP Polling and HTTP Binding (BOSH).
-  - IRC transport.
  - Component support: interface with networks such as AIM, ICQ and MSN.


@@ -112,8 +111,6 @@ To compile ejabberd you need:
 - OpenSSL 1.0.0 or higher, for STARTTLS, SASL and SSL encryption.
 - Zlib 1.2.3 or higher, for Stream Compression support (XEP-0138). Optional.
 - PAM library. Optional. For Pluggable Authentication Modules (PAM).
- - GNU Iconv 1.8 or higher, for the IRC Transport (mod_irc). Optional. Not
-   needed on systems with GNU Libc.
 - ImageMagick's Convert program. Optional. For CAPTCHA challenges.

 If your system splits packages in libraries and development headers, you must
@@ -1,14 +0,0 @@
-XmppAddr { iso(1) identified-organization(3)	
-           dod(6) internet(1) security(5) mechanisms(5) pkix(7)
-	   id-on(8) id-on-xmppAddr(5) }
-
-DEFINITIONS EXPLICIT TAGS ::=
-BEGIN
-
-id-on-xmppAddr  OBJECT IDENTIFIER ::= { iso(1) identified-organization(3)
-                dod(6) internet(1) security(5) mechanisms(5) pkix(7)
-                id-on(8) 5 }
-
-XmppAddr ::= UTF8String
-
-END
@@ -94,9 +94,6 @@ defmodule Ejabberd.ConfigFile do
  module :mod_disco do
  end

-  module :mod_irc do
-  end
-
  module :mod_http_bind do
  end

@@ -565,7 +565,6 @@ modules:
  mod_configure: {} # requires mod_adhoc
  mod_disco: {}
  ## mod_echo: {}
-  mod_irc: {}
  mod_http_bind: {}
  ## mod_http_fileserver:
  ##   docroot: "/var/www"
@@ -197,12 +197,12 @@ AC_ARG_ENABLE(elixir,
 esac],[if test "x$elixir" = "x"; then elixir=false; fi])

 AC_ARG_ENABLE(iconv,
-[AC_HELP_STRING([--enable-iconv], [enable iconv support (default: yes)])],
+[AC_HELP_STRING([--enable-iconv], [enable iconv support (default: no)])],
 [case "${enableval}" in
  yes) iconv=true ;;
  no)  iconv=false ;;
  *) AC_MSG_ERROR(bad value ${enableval} for --enable-iconv) ;;
-esac],[if test "x$iconv" = "x"; then iconv=true; fi])
+esac],[if test "x$iconv" = "x"; then iconv=false; fi])

 AC_ARG_ENABLE(debug,
 [AC_HELP_STRING([--enable-debug], [enable debug information (default: yes)])],
@@ -244,14 +244,6 @@ AC_ARG_ENABLE(sip,
  *) AC_MSG_ERROR(bad value ${enableval} for --enable-sip) ;;
 esac],[if test "x$sip" = "x"; then sip=false; fi])

-AC_ARG_ENABLE(graphics,
-[AC_HELP_STRING([--enable-graphics], [enable support for graphic images manipulation (default: yes)])],
-[case "${enableval}" in
-  yes) graphics=true ;;
-  no)  graphics=false ;;
-  *) AC_MSG_ERROR(bad value ${enableval} for --enable-graphics) ;;
-esac],[if test "x$graphics" = "x"; then graphics=true; fi])
-
 AC_CONFIG_FILES([Makefile
 		 vars.config
 		 src/ejabberd.app.src])
@@ -269,8 +261,19 @@ if test "$ENABLEUSER" != ""; then
  echo "allow this system user to start ejabberd: $ENABLEUSER"
  AC_SUBST([INSTALLUSER], [$ENABLEUSER])
 fi
-
-ERLANG_DEPRECATED_TYPES_CHECK
+ENABLEGROUP=""
+AC_ARG_ENABLE(group,
+  [AS_HELP_STRING([--enable-group[[[[=GROUP]]]]], [allow this system group to start ejabberd (default: no)])],
+  [case "${enableval}" in
+     yes) ENABLEGROUP=`groups |head -n 1` ;;
+     no) ENABLEGROUP="" ;;
+     *) ENABLEGROUP=$enableval
+   esac],
+  [])
+if test "$ENABLEGROUP" != ""; then
+  echo "allow this system group to start ejabberd: $ENABLEGROUP"
+  AC_SUBST([INSTALLGROUP], [$ENABLEGROUP])
+fi

 if test "$sqlite" = "true"; then
   AX_LIB_SQLITE3([3.6.19])
@@ -279,6 +282,17 @@ if test "$sqlite" = "true"; then
   fi
 fi

+enabled_backends=""
+for backend in odbc mysql pgsql sqlite riak redis; do
+    if eval test x\${$backend} = xtrue; then
+       if test "x$enabled_backends" = "x"; then
+          enabled_backends=$backend
+       else
+          enabled_backends="$enabled_backends, $backend"
+       fi
+    fi
+done
+
 AC_SUBST(hipe)
 AC_SUBST(roster_gateway_workaround)
 AC_SUBST(new_sql_schema)
@@ -297,12 +311,12 @@ AC_SUBST(iconv)
 AC_SUBST(stun)
 AC_SUBST(sip)
 AC_SUBST(debug)
-AC_SUBST(graphics)
 AC_SUBST(tools)
 AC_SUBST(latest_deps)
 AC_SUBST(system_deps)
 AC_SUBST(CFLAGS)
 AC_SUBST(CPPFLAGS)
 AC_SUBST(LDFLAGS)
+AC_SUBST(enabled_backends)

 AC_OUTPUT
@@ -1,402 +0,0 @@
-ejabberd container
-
- [Introduction](#introduction)
-    - [Version](#version)
- [Quick Start](#quick-start)
- [Usage](#usage)
-    - [Persistence](#persistence)
-    - [SSL Certificates](#ssl-certificates)
-    - [Base Image](#base-image)
-    - [Cluster Example](#cluster-example)
- [Runtime Configuration](#runtime-configuration)
-    - [Served Hostnames](#served-hostnames)
-    - [Authentication](#authentication)
-    - [Admins](#admins)
-    - [Users](#users)
-    - [SSL](#ssl)
-    - [Erlang](#erlang)
-    - [Modules](#modules)
-    - [Logging](#logging)
-    - [Mount Configurations](#mount-configurations)
- [Maintenance](#maintenance)
-    - [Register Users](#register-users)
-    - [Creating Backups](#creating-backups)
-    - [Restoring Backups](#restoring-backups)
- [Debug](#debug)
-    - [Erlang Shell](#erlang-shell)
-    - [System Shell](#system-shell)
-    - [System Commands](#system-commands)
- [Exposed Ports](#exposed-ports)
-
-# Introduction
-
-This [ejabberd][] docker container is based on the work done by [rroemhild][]. See more [in this blogpost][].
-This container includes the necessary files to build your own containerized ejabberd,
-but *IT IS NOT* used to generate official images on the docker [hub][].
-This container is not maintained by [ProcessOne][].
-
-[ProcessOne][] provides and maintain official containers on the docker [hub][], which targets developers for now and will becomes production ready in a near future.
-These [new containers] allow to build and run ejabberd in a simple and lightweight environment.
-
-[ejabberd]: https://www.ejabberd.im/
-[rroemhild]: https://github.com/rroemhild/docker-ejabberd/
-[in this blogpost]: https://blog.process-one.net/ejabberd-16-12/
-[hub]: https://hub.docker.com/r/ejabberd/ecs/
-[new containers]: https://github.com/processone/docker-ejabberd/
-[ProcessOne]: https://www.process-one.net/
-
-## Version
-
-Current Version: `17.08`
-
-Docker Tag Names are based on ejabberd versions in git [branches][] and [tags][]. The image tag `:latest` is based on the master branch.
-
-[tags]: https://github.com/rroemhild/docker-ejabberd/tags
-[branches]: https://github.com/rroemhild/docker-ejabberd/branches
-
-# Quick Start
-
-You can start of with the following container:
-
-```bash
-docker run -d \
-    --name "ejabberd" \
-    -p 5222:5222 \
-    -p 5269:5269 \
-    -p 5280:5280 \
-    -h 'xmpp.example.de' \
-    -e "XMPP_DOMAIN=example.de" \
-    -e "ERLANG_NODE=ejabberd" \
-    -e "EJABBERD_ADMINS=admin@example.de admin2@example.de" \
-    -e "EJABBERD_USERS=admin@example.de:password1234 admin2@example.de" \
-    -e "TZ=Europe/Berlin" \
-    rroemhild/ejabberd
-```
-
-or with the [docker-compose](examples/docker-compose/docker-compose.yml) example
-
-```bash
-wget https://raw.githubusercontent.com/rroemhild/docker-ejabberd/master/examples/docker-compose/docker-compose.yml
-docker-compose up
-```
-
-# Usage
-
-## Persistence
-
-For storage of the application data, you can mount volumes at
-
-* `/opt/ejabberd/ssl`
-* `/opt/ejabberd/backup`
-* `/opt/ejabberd/upload`
-* `/opt/ejabberd/database`
-
-or use a data container
-
-```bash
-docker create --name ejabberd-data rroemhild/ejabberd-data
-docker run -d --name ejabberd --volumes-from ejabberd-data rroemhild/ejabberd
-```
-
-## SSL Certificates
-
-TLS is enabled by default and the run script will auto-generate two snake-oil certificates during boot if you don't provide your SSL certificates.
-
-To use your own certificates, there are two options.
-
-1. Mount the volume `/opt/ejabberd/ssl` to a local directory with the `.pem` files:
-
-    * /tmp/ssl/host.pem (SERVER_HOSTNAME)
-    * /tmp/ssl/xmpp_domain.pem (XMPP_DOMAIN)
-
-    Make sure that the certificate and private key are in one `.pem` file. If one file is missing it will be auto-generated. I.e. you can provide your certificate for your **XMMP_DOMAIN** and use a snake-oil certificate for the `SERVER_HOSTNAME`.
-
-2. Specify the certificates via environment variables: **EJABBERD_SSLCERT_HOST** and **EJABBERD_SSLCERT_EXAMPLE_COM**. For the
-domain certificates, make sure you match the domain names given in **XMPP_DOMAIN** and replace dots and dashes with underscore.
-
-## Base Image
-
-Build your own ejabberd container image and add your config templates, certificates or [extend](#cluster-example) it for your needs.
-
-```
-FROM rroemhild/ejabberd
-ADD ./ejabberd.yml.tpl /opt/ejabberd/conf/ejabberd.yml.tpl
-ADD ./ejabberdctl.cfg.tpl /opt/ejabberd/conf/ejabberdctl.cfg.tpl
-ADD ./example.com.pem /opt/ejabberd/ssl/example.com.pem
-```
-
-If you need root privileges switch to `USER root` and go back to `USER ejabberd` when you're done.
-
-## Cluster Example
-
-The [docker-compose-cluster](examples/docker-compose-cluster) example demonstrates how to extend this container image to setup a multi-master cluster.
-
-# Runtime Configuration
-
-You can additionally provide extra runtime configuration in a downstream image by replacing the config template `ejabberd.yml.tpl` with one based on this image's template and include extra interpolation of environment variables. The template is parsed by Jinja2 with the runtime environment (equivalent to Python's `os.environ` available as `env`).
-
-## Served Hostnames
-
-By default the container will serve the XMPP domain `localhost`. In order to serve a different domain at runtime, provide the **XMPP_DOMAIN** variable with a domain name. You can add more domains separated with whitespace.
-
-```
-XMPP_DOMAIN=example.ninja xyz.io test.com
-```
-
-## Authentication
-
-Authentication methods can be set with the **EJABBERD_AUTH_METHOD** environment variable. The default authentication mode is `internal`.
-
-Supported authentication methods:
-
-* anonymous
-* internal
-* external
-* ldap
-
-Internal and anonymous authentication example:
-
-```
-EJABBERD_AUTH_METHOD=internal anonymous
-```
-
-[External authentication](http://docs.ejabberd.im/admin/guide/configuration/#external-script) example:
-```
-EJABBERD_AUTH_METHOD=external
-EJABBERD_EXTAUTH_PROGRAM="/opt/ejabberd/scripts/authenticate-user.sh"
-EJABBERD_EXTAUTH_INSTANCES=3
-EJABBERD_EXTAUTH_CACHE=600
-```
-**EJABBERD_EXTAUTH_INSTANCES** must be an integer with a minimum value of 1. **EJABBERD_EXTAUTH_CACHE** can be set to "false" or an integer value representing cache time in seconds. Note that caching should not be enabled if internal auth is also enabled.
-
-### Password format
-
-The variable `EJABBERD_AUTH_PASSWORD_FORMAT` controls in which format user passwords are
-stored. Possible values are `plain` and `scram`. The default is to store
-[SCRAM](https://en.wikipedia.org/wiki/Salted_Challenge_Response_Authentication_Mechanism)bled
-passwords, meaning that it is impossible to obtain the original plain password from the
-stored information.
-
-NOTE: SCRAM does not work with SIP/TURN foreign authentication methods. In this case, you
-may have to disable the option. More details can be found here:
-https://docs.ejabberd.im/admin/configuration/#internal
-
-If using SCRAM with an SQL database that has plaintext passwords stored, use the command
-
-```
-ejabberdctl convert_to_scram example.org
-```
-
-to convert all your existing plaintext passwords to scrambled format.
-
-### MySQL Authentication
-
-Set `EJABBERD_AUTH_METHOD=external` and `EJABBERD_EXTAUTH_PROGRAM=/opt/ejabberd/scripts/lib/auth_mysql.py` to enable MySQL authentication. Use the following environment variables to configure the database connection and the layout of the database. Password changing, registration, and unregistration are optional features and are enabled only if the respective queries are provided.
-
- **AUTH_MYSQL_HOST**: The MySQL host
- **AUTH_MYSQL_USER**: Username to connect to the MySQL host
- **AUTH_MYSQL_PASSWORD**: Password to connect to the MySQL host
- **AUTH_MYSQL_DATABASE**: Database name where to find the user information
- **AUTH_MYSQL_HASHALG**: Format of the password in the database. Default is cleartext. Options are `crypt`, `md5`, `sha1`, `sha224`, `sha256`, `sha384`, `sha512`. `crypt` is recommended, as it is salted. When setting the password, `crypt` uses SHA-512 (prefix `$6$`).
- **AUTH_MYSQL_QUERY_GETPASS**: Get the password for a user. Use the placeholders `%(user)s`, `%(host)s`. Example: `SELECT password FROM users WHERE username = CONCAT(%(user)s, '@', %(host)s)`
- **AUTH_MYSQL_QUERY_SETPASS**: Update the password for a user. Leave empty to disable. Placeholder `%(password)s` contains the hashed password. Example: `UPDATE users SET password = %(password)s WHERE username = CONCAT(%(user)s, '@', %(host)s)`
- **AUTH_MYSQL_QUERY_REGISTER**: Register a new user. Leave empty to disable. Example: `INSERT INTO users ( username, password ) VALUES ( CONCAT(%(user)s, '@', %(host)s), %(password)s )`
- **AUTH_MYSQL_QUERY_UNREGISTER**: Removes a user. Leave empty to disable. Example: `DELETE FROM users WHERE username = CONCAT(%(user)s, '@', %(host)s)`
-
-Note that the MySQL authentication script writes a debug log into the file `/var/log/ejabberd/extauth.log`. To get its content, execute the following command:
-
-```bash
-docker exec -ti ejabberd tail -n50 -f /var/log/ejabberd/extauth.log
-```
-
-To find out more about the mysql authentication script, check out the [ejabberd-auth-mysql](https://github.com/rankenstein/ejabberd-auth-mysql) repository.
-
-### LDAP Auth
-
-Full documentation http://docs.ejabberd.im/admin/guide/configuration/#ldap.
-
-Connection
-
- **EJABBERD_LDAP_SERVERS**: List of IP addresses or DNS names of your LDAP servers. This option is required.
- **EJABBERD_LDAP_ENCRYPT**: The value `tls` enables encryption by using LDAP over SSL. The default value is: `none`.
- **EJABBERD_LDAP_TLS_VERIFY**: `false|soft|hard` This option specifies whether to verify LDAP server certificate or not when TLS is enabled. The default is `false` which means no checks are performed.
- **EJABBERD_LDAP_TLS_CACERTFILE**: Path to file containing PEM encoded CA certificates.
- **EJABBERD_LDAP_TLS_DEPTH**: Specifies the maximum verification depth when TLS verification is enabled. The default value is 1.
- **EJABBERD_LDAP_PORT**: The default port is `389` if encryption is disabled; and `636` if encryption is enabled.
- **EJABBERD_LDAP_ROOTDN**: Bind DN. The default value is "" which means ‘anonymous connection’.
- **EJABBERD_LDAP_PASSWORD**: Bind password. The default value is "".
- **EJABBERD_LDAP_DEREF_ALIASES**: `never|always|finding|searching`
-   Whether or not to dereference aliases. The default is `never`.
-
-Authentication
-
- **EJABBERD_LDAP_BASE**: LDAP base directory which stores users accounts. This option is required.
- **EJABBERD_LDAP_UIDS**: `ldap_uidattr:ldap_uidattr_format` The default attributes are `uid:%u`.
- **EJABBERD_LDAP_FILTER**: RFC 4515 LDAP filter. The default Filter value is undefined.
- **EJABBERD_LDAP_DN_FILTER**: `{ Filter: FilterAttrs }` This filter is applied on the results returned by the main filter. By default ldap_dn_filter is undefined.
-
-## Admins
-
-Set one or more admin user (seperated by whitespace) with the **EJABBERD_ADMINS** environment variable. You can register admin users with the **EJABBERD_USERS** environment variable during container startup, use you favorite XMPP client or the `ejabberdctl` command line utility.
-
-```
-EJABBERD_ADMINS=admin@example.ninja
-```
-
-## Users
-
-Automatically register users during container startup. Uses random password if you don't provide a password for the user. Format is `JID:PASSWORD`. Register more users separated with whitespace.
-
-Register the admin user from **EJABBERD_ADMINS** with a give password:
-
-```
-EJABBERD_USERS=admin@example.ninja:password1234
-```
-
-Or without a random password printed to stdout (check container logs):
-
-```
-EJABBERD_USERS=admin@example.ninja
-```
-
-Register more than one user:
-
-```
-EJABBERD_USERS=admin@example.ninja:password1234 user1@test.com user1@xyz.io
-```
-
-## SSL
- **EJABBERD_SKIP_MAKE_SSLCERT**: Skip generating ssl certificates. Default: false
- **EJABBERD_SSLCERT_HOST**: SSL Certificate for the hostname.
- **EJABBERD_SSLCERT_EXAMPLE_COM**: SSL Certificates for XMPP domains.
- **EJABBERD_STARTTLS**: Set to `false` to disable StartTLS for client to server connections. Defaults
- to `true`.
- **EJABBERD_S2S_SSL**: Set to `false` to disable SSL in server 2 server connections. Defaults to `true`.
- **EJABBERD_HTTPS**: If your proxy terminates SSL you may want to disable HTTPS on port 5280 and 5443. Defaults to `true`.
- **EJABBERD_PROTOCOL_OPTIONS_TLSV1**: Allow TLSv1 protocol. Defaults to `false`.
- **EJABBERD_PROTOCOL_OPTIONS_TLSV1_1**: Allow TLSv1.1 protocol. Defaults to `true`.
- **EJABBERD_CIPHERS**: Cipher suite. Defaults to `HIGH:!aNULL:!3DES`.
- **EJABBERD_DHPARAM**: Set to `true` to use or generate custom DH parameters. Defaults to `false`.
- **EJABBERD_SKIP_MAKE_DHPARAM**: Skip generating DH params. Default: false
-
-## Erlang
- **ERLANG_NODE**: Allows to explicitly specify erlang node for ejabberd. Set to `ejabberd` lets erlang add the hostname. Defaults to `ejabberd@localhost`.
- **ERLANG_COOKIE**: Set erlang cookie. Defaults to auto-generated cookie.
- **ERLANG_OPTIONS**: Overwrite additional options passed to erlang while starting ejabberd.
-
-## Modules
- **EJABBERD_SKIP_MODULES_UPDATE**: If you do not need to update ejabberd modules specs, skip the update task and speedup start. Defaults to `false`.
- **EJABBERD_MOD_MUC_ADMIN**: Activate the mod_muc_admin module. Defaults to `false`.
- **EJABBERD_MOD_ADMIN_EXTRA**: Activate the mod_muc_admin module. Defaults to `true`.
- **EJABBERD_REGISTER_TRUSTED_NETWORK_ONLY**: Only allow user registration from the trusted_network access rule. Defaults to `true`.
- **EJABBERD_MOD_VERSION**: Activate the mod_version module. Defaults to `true`.
- **EJABBERD_SOURCE_MODULES**: List of modules, which will be installed from sources localized in ${EJABBERD_HOME}/module_source.
- **EJABBERD_CONTRIB_MODULES**: List of modules, which will be installed from contrib repository.
- **EJABBERD_RESTART_AFTER_MODULE_INSTALL**: If any modules were installed, restart the server, if the option is enabled.
- **EJABBERD_CUSTOM_AUTH_MODULE_OVERRIDE**: If a custom module was defined for handling auth, we need to override the pre-defined auth methods in the config.
-
-## Logging
-
-Use the **EJABBERD_LOGLEVEL** environment variable to set verbosity. Defaults to `4` (Info).
-
-```
-loglevel: Verbosity of log files generated by ejabberd.
-0: No ejabberd log at all (not recommended)
-1: Critical
-2: Error
-3: Warning
-4: Info
-5: Debug
-```
-
-## Mount Configurations
-
-If you prefer to use your own configuration files and avoid passing docker environment variables (```-e```), you can do so by mounting a host directory.
-Pass in an additional ```-v``` to the ```docker run``` command, like so:
-```
-docker run -d \
-    --name "ejabberd" \
-    -p 5222:5222 \
-    -p 5269:5269 \
-    -p 5280:5280 \
-    -h 'xmpp.example.de' \
-    -v /<host_path>/conf:/opt/ejabberd/conf \
-    rroemhild/ejabberd
-```
-
-Your ```/<host_path>/conf``` folder should look like so:
-
-```
-/<host_path>/conf/
-├── ejabberdctl.cfg
-├── ejabberd.yml
-└── inetrc
-```
-
-Example configuration files can be downloaded from the ejabberd [github](https://github.com/rroemhild/ejabberd) page.
-
-When these files exist in ```/opt/ejabberd/conf```, the run script will ignore the configuration templates.
-
-# Maintenance
-
-The `ejabberdctl` command is in the search path and can be run by:
-
-```bash
-docker exec CONTAINER ejabberdctl help
-```
-
-## Register Users
-
-```bash
-docker exec CONTAINER ejabberdctl register user XMPP_DOMAIN PASSWORD
-```
-
-## Creating Backups
-
-Create a backupfile with ejabberdctl and copy the file from the container to localhost
-
-```bash
-docker exec CONTAINER ejabberdctl backup /opt/ejabberd/backup/ejabberd.backup
-docker cp CONTAINER:/opt/ejabberd/backup/ejabberd.backup /tmp/ejabberd.backup
-```
-
-## Restoring Backups
-
-Copy the backupfile from localhost to the running container and restore with ejabberdctl
-
-```bash
-docker cp /tmp/ejabberd.backup CONTAINER:/opt/ejabberd/backup/ejabberd.backup
-docker exec CONTAINER ejabberdctl restore /opt/ejabberd/backup/ejabberd.backup
-```
-
-# Debug
-
-## Erlang Shell
-
-Set `-i` and `-t` option and append `live` to get an interactive erlang shell:
-
-```bash
-docker run -i -t -P rroemhild/ejabberd live
-```
-
-You can terminate the erlang shell with `q().`.
-
-## System Shell
-
-```bash
-docker run -i -t rroemhild/ejabberd shell
-```
-
-## System Commands
-
-```bash
-docker run -i -t rroemhild/ejabberd env
-```
-
-# Exposed Ports
-
-* 4560 (XMLRPC)
-* 5222 (Client 2 Server)
-* 5269 (Server 2 Server)
-* 5280 (HTTP admin/websocket/http-bind)
-* 5443 (HTTP Upload)
@@ -1,441 +0,0 @@
-###
-###               ejabberd configuration file
-###
-###
-
-### The parameters used in this configuration file are explained in more detail
-### in the ejabberd Installation and Operation Guide.
-### Please consult the Guide in case of doubts, it is included with
-### your copy of ejabberd, and is also available online at
-### http://www.process-one.net/en/ejabberd/docs/
-
-###   =======
-###   LOGGING
-
-loglevel: {{ env['EJABBERD_LOGLEVEL'] or 4 }}
-log_rotate_size: 10485760
-log_rotate_count: 0
-log_rate_limit: 100
-
-## watchdog_admins:
-##   - "bob@example.com"
-
-###   ================
-###   SERVED HOSTNAMES
-
-hosts:
-{%- for xmpp_domain in env['XMPP_DOMAIN'].split() %}
-  - "{{ xmpp_domain }}"
-{%- endfor %}
-
-##
-## route_subdomains: Delegate subdomains to other XMPP servers.
-## For example, if this ejabberd serves example.org and you want
-## to allow communication with an XMPP server called im.example.org.
-##
-## route_subdomains: s2s
-
-###   ===============
-###   LISTENING PORTS
-
-listen:
-  -
-    port: 5222
-    module: ejabberd_c2s
-    {%- if env['EJABBERD_STARTTLS'] == "true" %}
-    starttls_required: true
-    {%- endif %}
-    protocol_options:
-      - "no_sslv3"
-    {%- if env.get('EJABBERD_PROTOCOL_OPTIONS_TLSV1', "false") == "false" %}
-      - "no_tlsv1"
-    {%- endif %}
-    {%- if env.get('EJABBERD_PROTOCOL_OPTIONS_TLSV1_1', "true") == "false" %}
-      - "no_tlsv1_1"
-    {%- endif %}
-    max_stanza_size: 65536
-    shaper: c2s_shaper
-    access: c2s
-    ciphers: "{{ env.get('EJABBERD_CIPHERS', 'HIGH:!aNULL:!3DES') }}"
-    {%- if env.get('EJABBERD_DHPARAM', false) == "true" %}
-    dhfile: "/opt/ejabberd/ssl/dh.pem"
-    {%- endif %}
-  -
-    port: 5269
-    module: ejabberd_s2s_in
-  -
-    port: 4560
-    module: ejabberd_xmlrpc
-    access_commands:
-      configure:
-        all: []
-
-  -
-    port: 5280
-    module: ejabberd_http
-    request_handlers:
-      "/websocket": ejabberd_http_ws
-    ##  "/pub/archive": mod_http_fileserver
-    web_admin: true
-    http_bind: true
-    ## register: true
-    captcha: true
-    {%- if env['EJABBERD_HTTPS'] == "true" %}
-    tls: true
-    certfile: "/opt/ejabberd/ssl/host.pem"
-    {% endif %}
-  -
-    port: 5443
-    module: ejabberd_http
-    request_handlers:
-      "": mod_http_upload
-    {%- if env['EJABBERD_HTTPS'] == "true" %}
-    tls: true
-    certfile: "/opt/ejabberd/ssl/host.pem"
-    {% endif %}
-
-
-###   SERVER TO SERVER
-###   ================
-
-{%- if env['EJABBERD_S2S_SSL'] == "true" %}
-s2s_use_starttls: required
-s2s_certfile: "/opt/ejabberd/ssl/host.pem"
-s2s_protocol_options:
-  - "no_sslv3"
-  {%- if env.get('EJABBERD_PROTOCOL_OPTIONS_TLSV1', "false") == "false" %}
-  - "no_tlsv1"
-  {%- endif %}
-  {%- if env.get('EJABBERD_PROTOCOL_OPTIONS_TLSV1_1', "true") == "false" %}
-  - "no_tlsv1_1"
-  {%- endif %}
-s2s_ciphers: "{{ env.get('EJABBERD_CIPHERS', 'HIGH:!aNULL:!3DES') }}"
-{%- if env.get('EJABBERD_DHPARAM', false) == "true" %}
-s2s_dhfile: "/opt/ejabberd/ssl/dh.pem"
-{%- endif %}
-{% endif %}
-
-###   ==============
-###   AUTHENTICATION
-
-auth_method:
-{%- for auth_method in env.get('EJABBERD_AUTH_METHOD', 'internal').split() %}
-  - {{ auth_method }}
-{%- endfor %}
-
-auth_password_format: {{ env.get('EJABBERD_AUTH_PASSWORD_FORMAT', 'scram') }}
-
-{%- if 'anonymous' in env.get('EJABBERD_AUTH_METHOD', 'internal').split() %}
-anonymous_protocol: both
-allow_multiple_connections: true
-{%- endif %}
-
-
-## LDAP authentication
-
-{%- if 'ldap' in env.get('EJABBERD_AUTH_METHOD', 'internal').split() %}
-
-ldap_servers:
-{%- for ldap_server in env.get('EJABBERD_LDAP_SERVERS', 'internal').split() %}
-  - "{{ ldap_server }}"
-{%- endfor %}
-
-ldap_encrypt: {{ env.get('EJABBERD_LDAP_ENCRYPT', 'none') }}
-ldap_tls_verify: {{ env.get('EJABBERD_LDAP_TLS_VERIFY', 'false') }}
-
-{%- if env['EJABBERD_LDAP_TLS_CACERTFILE'] %}
-ldap_tls_cacertfile: "{{ env['EJABBERD_LDAP_TLS_CACERTFILE'] }}"
-{%- endif %}
-
-ldap_tls_depth: {{ env.get('EJABBERD_LDAP_TLS_DEPTH', 1) }}
-
-{%- if env['EJABBERD_LDAP_PORT'] %}
-ldap_port: {{ env['EJABBERD_LDAP_PORT'] }}
-{%- endif %}
-
-{%- if env['EJABBERD_LDAP_ROOTDN'] %}
-ldap_rootdn: "{{ env['EJABBERD_LDAP_ROOTDN'] }}"
-{%- endif %}
-
-{%- if env['EJABBERD_LDAP_PASSWORD'] %}
-ldap_password: "{{ env['EJABBERD_LDAP_PASSWORD'] }}"
-{%- endif %}
-
-ldap_deref_aliases: {{ env.get('EJABBERD_LDAP_DEREF_ALIASES', 'never') }}
-ldap_base: "{{ env['EJABBERD_LDAP_BASE'] }}"
-
-{%- if env['EJABBERD_LDAP_UIDS'] %}
-ldap_uids:
-{%- for ldap_uid in env['EJABBERD_LDAP_UIDS'].split() %}
-  "{{ ldap_uid.split(':')[0] }}": "{{ ldap_uid.split(':')[1] }}"
-{%- endfor %}
-{%- endif %}
-
-{%- if env['EJABBERD_LDAP_FILTER'] %}
-ldap_filter: "{{ env['EJABBERD_LDAP_FILTER'] }}"
-{%- endif %}
-
-{%- if env['EJABBERD_LDAP_DN_FILTER'] %}
-ldap_dn_filter:
-{%- for dn_filter in env['EJABBERD_LDAP_DN_FILTER'].split() %}
-  "{{ dn_filter.split(':')[0] }}": ["{{ dn_filter.split(':')[1] }}"]
-{%- endfor %}
-{%- endif %}
-
-{%- endif %}
-
-{%- if 'external' in env.get('EJABBERD_AUTH_METHOD', 'internal').split() %}
-  {%- if env['EJABBERD_EXTAUTH_PROGRAM'] %}
-extauth_program: "{{ env['EJABBERD_EXTAUTH_PROGRAM'] }}"
-  {%- endif %}
-  {%- if env['EJABBERD_EXTAUTH_INSTANCES'] %}
-extauth_instances: {{ env['EJABBERD_EXTAUTH_INSTANCES'] }}
-  {%- endif %}
-  {%- if 'internal' in env.get('EJABBERD_AUTH_METHOD').split() %}
-extauth_cache: false
-  {%- elif env['EJABBERD_EXTAUTH_CACHE'] %}
-extauth_cache: {{ env['EJABBERD_EXTAUTH_CACHE'] }}
-  {%- endif %}
-{% endif %}
-
-###   ===============
-###   TRAFFIC SHAPERS
-
-shaper:
-  normal: 1000
-  fast: 50000
-max_fsm_queue: 1000
-
-###   ====================
-###   ACCESS CONTROL LISTS
-
-acl:
-  admin:
-    user:
-    {%- if env['EJABBERD_ADMINS'] %}
-      {%- for admin in env['EJABBERD_ADMINS'].split() %}
-      - "{{ admin.split('@')[0] }}": "{{ admin.split('@')[1] }}"
-      {%- endfor %}
-    {%- else %}
-      - "admin": "{{ env['XMPP_DOMAIN'].split()[0] }}"
-    {%- endif %}
-  local:
-    user_regexp: ""
-
-###   ============
-###   ACCESS RULES
-
-access:
-  ## Maximum number of simultaneous sessions allowed for a single user:
-  max_user_sessions:
-    all: 10
-  ## Maximum number of offline messages that users can have:
-  max_user_offline_messages:
-    admin: 5000
-    all: 100
-  ## This rule allows access only for local users:
-  local:
-    local: allow
-  ## Only non-blocked users can use c2s connections:
-  c2s:
-    blocked: deny
-    all: allow
-  ## For C2S connections, all users except admins use the "normal" shaper
-  c2s_shaper:
-    admin: none
-    all: normal
-  ## All S2S connections use the "fast" shaper
-  s2s_shaper:
-    all: fast
-  ## Only admins can send announcement messages:
-  announce:
-    admin: allow
-  ## Only admins can use the configuration interface:
-  configure:
-    admin: allow
-  ## Admins of this server are also admins of the MUC service:
-  muc_admin:
-    admin: allow
-  ## Only accounts of the local ejabberd server, or only admins can create rooms, depending on environment variable:
-  muc_create:
-    {%- if env['EJABBERD_MUC_CREATE_ADMIN_ONLY'] == "true" %}
-    admin: allow
-    {% else %}
-    local: allow
-    {% endif %}
-  ## All users are allowed to use the MUC service:
-  muc:
-    all: allow
-  ## Only accounts on the local ejabberd server can create Pubsub nodes:
-  pubsub_createnode:
-    local: allow
-  ## In-band registration allows registration of any possible username.
-  register:
-    {%- if env['EJABBERD_REGISTER_ADMIN_ONLY'] == "true" %}
-    all: deny
-    admin: allow
-    {% else %}
-    all: allow
-    {% endif %}
-  ## Only allow to register from localhost
-  trusted_network:
-    loopback: allow
-  soft_upload_quota:
-    all: 400 # MiB
-  hard_upload_quota:
-    all: 500 # MiB
-
-
-language: "en"
-
-###   =======
-###   MODULES
-
-modules:
-  mod_adhoc: {}
-  {%- if env['EJABBERD_MOD_ADMIN_EXTRA'] == "true" %}
-  mod_admin_extra: {}
-  {% endif %}
-  mod_announce: # recommends mod_adhoc
-    access: announce
-  mod_blocking: {} # requires mod_privacy
-  mod_caps: {}
-  mod_carboncopy: {}
-  mod_client_state:
-    queue_chat_states: true
-    queue_presence: false
-  mod_configure: {} # requires mod_adhoc
-  mod_disco: {}
-  ## mod_echo: {}
-  mod_irc: {}
-  mod_http_bind: {}
-  ## mod_http_fileserver:
-  ##   docroot: "/var/www"
-  ##   accesslog: "/var/log/ejabberd/access.log"
-  mod_last: {}
-  mod_mam:
-    default: always
-  mod_muc:
-    host: "conference.@HOST@"
-    access: muc
-    access_create: muc_create
-    access_persistent: muc_create
-    access_admin: muc_admin
-    history_size: 50
-    default_room_options:
-      persistent: true
-  {%- if env['EJABBERD_MOD_MUC_ADMIN'] == "true" %}
-  mod_muc_admin: {}
-  {% endif %}
-  ## mod_muc_log: {}
-  ## mod_multicast: {}
-  mod_offline:
-    access_max_user_messages: max_user_offline_messages
-  mod_ping: {}
-  ## mod_pres_counter:
-  ##   count: 5
-  ##   interval: 60
-  mod_privacy: {}
-  mod_private: {}
-  ## mod_proxy65: {}
-  mod_pubsub:
-    access_createnode: pubsub_createnode
-    ## reduces resource comsumption, but XEP incompliant
-    ignore_pep_from_offline: true
-    ## XEP compliant, but increases resource comsumption
-    ## ignore_pep_from_offline: false
-    last_item_cache: false
-    plugins:
-      - "flat"
-      - "hometree"
-      - "pep" # pep requires mod_caps
-  mod_push: {}
-  mod_push_keepalive: {}
-  mod_register:
-    ##
-    ## Protect In-Band account registrations with CAPTCHA.
-    ##
-    ## captcha_protected: true
-
-    ##
-    ## Set the minimum informational entropy for passwords.
-    ##
-    ## password_strength: 32
-
-    ##
-    ## After successful registration, the user receives
-    ## a message with this subject and body.
-    ##
-    welcome_message:
-      subject: "Welcome!"
-      body: |-
-        Hi.
-        Welcome to this XMPP server.
-
-    ##
-    ## Only clients in the server machine can register accounts
-    ##
-    {%- if env['EJABBERD_REGISTER_TRUSTED_NETWORK_ONLY'] == "true" %}
-    ip_access: trusted_network
-    {% endif %}
-
-    access: register
-  mod_roster: {}
-  mod_shared_roster: {}
-  mod_stats: {}
-  mod_time: {}
-  mod_vcard: {}
-  {% if env.get('EJABBERD_MOD_VERSION', true) == "true" %}
-  mod_version: {}
-  {% endif %}
-  mod_http_upload:
-    docroot: "/opt/ejabberd/upload"
-    {%- if env['EJABBERD_HTTPS'] == "true" %}
-    put_url: "https://@HOST@:5443"
-    {%- else %}
-    put_url: "http://@HOST@:5443"
-    {% endif %}
-  mod_http_upload_quota:
-    max_days: 10
-
-###   ============
-###   HOST CONFIG
-
-host_config:
-{%- for xmpp_domain in env['XMPP_DOMAIN'].split() %}
-  "{{ xmpp_domain }}":
-    domain_certfile: "/opt/ejabberd/ssl/{{ xmpp_domain }}.pem"
-{%- endfor %}
-
-{%- if env['EJABBERD_CONFIGURE_ODBC'] == "true" %}
-###   ====================
-###   ODBC DATABASE CONFIG
-sql_type: {{ env['EJABBERD_ODBC_TYPE'] }}
-sql_server: "{{ env['EJABBERD_ODBC_SERVER'] }}"
-sql_database: "{{ env['EJABBERD_ODBC_DATABASE'] }}"
-sql_username: "{{ env['EJABBERD_ODBC_USERNAME'] }}"
-sql_password: "{{ env['EJABBERD_ODBC_PASSWORD'] }}"
-
-default_db: sql
-{% endif %}
-
-{%- if env['EJABBERD_DEFAULT_DB'] is defined %}
-default_db: {{ env['EJABBERD_DEFAULT_DB'] }}
-{% endif %}
-
-###   =====================
-###   SESSION MANAGEMENT DB
-sm_db_type: {{ env['EJABBERD_SESSION_DB'] or "mnesia" }}
-
-{%- if env['EJABBERD_CONFIGURE_REDIS'] == "true" %}
-###   ====================
-###   REDIS DATABASE CONFIG
-redis_server: {{ env['EJABBERD_REDIS_SERVER'] or "localhost" }}
-redis_port: {{ env['EJABBERD_REDIS_PORT'] or 6379 }}
-{%- if env['EJABBERD_REDIS_PASSWORD'] is defined %}
-redis_password: {{ env['EJABBERD_REDIS_PASSWORD'] }}
-{% endif %}
-redis_db: {{ env['EJABBERD_REDIS_DB'] or 0}}
-redis_reconnect_timeout: {{ env['EJABBERD_REDIS_RECONNECT_TIMEOUT'] or 1 }}
-redis_connect_timeout: {{ env['EJABBERD_REDIS_CONNECT_TIMEOUT'] or 1 }}
-{% endif %}
@@ -1,187 +0,0 @@
-#
-# In this file you can configure options that are passed by ejabberdctl
-# to the erlang runtime system when starting ejabberd
-#
-
-#' POLL: Kernel polling ([true|false])
-#
-# The kernel polling option requires support in the kernel.
-# Additionally, you need to enable this feature while compiling Erlang.
-#
-# Default: true
-#
-#POLL=true
-
-#.
-#' SMP: SMP support ([enable|auto|disable])
-#
-# Explanation in Erlang/OTP documentation:
-# enable: starts the Erlang runtime system with SMP support enabled.
-#   This may fail if no runtime system with SMP support is available.
-# auto: starts the Erlang runtime system with SMP support enabled if it
-#   is available and more than one logical processor are detected.
-# disable: starts a runtime system without SMP support.
-#
-# Default: auto
-#
-#SMP=auto
-
-#.
-#' ERL_MAX_PORTS: Maximum number of simultaneously open Erlang ports
-#
-# ejabberd consumes two or three ports for every connection, either
-# from a client or from another Jabber server. So take this into
-# account when setting this limit.
-#
-# Default: 32000
-# Maximum: 268435456
-#
-#ERL_MAX_PORTS=32000
-
-#.
-#' FIREWALL_WINDOW: Range of allowed ports to pass through a firewall
-#
-# If Ejabberd is configured to run in cluster, and a firewall is blocking ports,
-# it's possible to make Erlang use a defined range of port (instead of dynamic
-# ports) for node communication.
-#
-# Default: not defined
-# Example: 4200-4210
-#
-#FIREWALL_WINDOW=
-
-#.
-#' INET_DIST_INTERFACE: IP address where this Erlang node listens other nodes
-#
-# This communication is used by ejabberdctl command line tool,
-# and in a cluster of several ejabberd nodes.
-#
-# Default: 127.0.0.1
-#
-#INET_DIST_INTERFACE=127.0.0.1
-
-#.
-#' ERL_EPMD_ADDRESS: IP addresses where epmd listens for connections
-#
-# IMPORTANT: This option works only in Erlang/OTP R14B03 and newer.
-#
-# This environment variable may be set to a comma-separated
-# list of IP addresses, in which case the epmd daemon
-# will listen only on the specified address(es) and on the
-# loopback address (which is implicitly added to the list if it
-# has not been specified). The default behaviour is to listen on
-# all available IP addresses.
-#
-# Default: 0.0.0.0
-#
-#ERL_EPMD_ADDRESS=127.0.0.1
-
-#.
-#' ERL_PROCESSES: Maximum number of Erlang processes
-#
-# Erlang consumes a lot of lightweight processes. If there is a lot of activity
-# on ejabberd so that the maximum number of processes is reached, people will
-# experience greater latency times. As these processes are implemented in
-# Erlang, and therefore not related to the operating system processes, you do
-# not have to worry about allowing a huge number of them.
-#
-# Default: 250000
-# Maximum: 268435456
-#
-#ERL_PROCESSES=250000
-
-#.
-#' ERL_MAX_ETS_TABLES: Maximum number of ETS and Mnesia tables
-#
-# The number of concurrent ETS and Mnesia tables is limited. When the limit is
-# reached, errors will appear in the logs:
-#   ** Too many db tables **
-# You can safely increase this limit when starting ejabberd. It impacts memory
-# consumption but the difference will be quite small.
-#
-# Default: 1400
-#
-#ERL_MAX_ETS_TABLES=1400
-
-#.
-#' ERL_OPTIONS: Additional Erlang options
-#
-# The next variable allows to specify additional options passed to erlang while
-# starting ejabberd. Some useful options are -noshell, -detached, -heart. When
-# ejabberd is started from an init.d script options -noshell and -detached are
-# added implicitly. See erl(1) for more info.
-#
-# It might be useful to add "-pa /usr/local/lib/ejabberd/ebin" if you
-# want to add local modules in this path.
-#
-# Default: ""
-#
-ERL_OPTIONS="{{ env['ERL_OPTIONS'] or "-noshell" }}"
-
-#.
-#' ERLANG_NODE: Erlang node name
-#
-# The next variable allows to explicitly specify erlang node for ejabberd
-# It can be given in different formats:
-# ERLANG_NODE=ejabberd
-#   Lets erlang add hostname to the node (ejabberd uses short name in this case)
-# ERLANG_NODE=ejabberd@hostname
-#   Erlang uses node name as is (so make sure that hostname is a real
-#   machine hostname or you'll not be able to control ejabberd)
-# ERLANG_NODE=ejabberd@hostname.domainname
-#   The same as previous, but erlang will use long hostname
-#   (see erl (1) manual for details)
-#
-# Default: ejabberd@localhost
-#
-ERLANG_NODE={{ env['ERLANG_NODE'] or "ejabberd@localhost" }}
-
-#.
-#' EJABBERD_PID_PATH: ejabberd PID file
-#
-# Indicate the full path to the ejabberd Process identifier (PID) file.
-# If this variable is defined, ejabberd writes the PID file when starts,
-# and deletes it when stops.
-# Remember to create the directory and grant write permission to ejabberd.
-#
-# Default: don't write PID file
-#
-#EJABBERD_PID_PATH=/var/run/ejabberd/ejabberd.pid
-
-#.
-#' EJABBERD_CONFIG_PATH: ejabberd configuration file
-#
-# Specify the full path to the ejabberd configuration file. If the file name has
-# yml or yaml extension, it is parsed as a YAML file; otherwise, Erlang syntax is
-# expected.
-#
-# Default: $ETC_DIR/ejabberd.yml
-#
-#EJABBERD_CONFIG_PATH=/etc/ejabberd/ejabberd.yml
-
-#.
-#' CONTRIB_MODULES_PATH: contributed ejabberd modules path
-#
-# Specify the full path to the contributed ejabberd modules. If the path is not
-# defined, ejabberd will use ~/.ejabberd-modules in home of user running ejabberd.
-#
-# Default: $HOME/.ejabberd-modules
-#
-#CONTRIB_MODULES_PATH=/opt/ejabberd-modules
-
-#.
-#' EJABBERD_BYPASS_WARNINGS: Bypass LIVE warning
-#
-# Default: don't bypass the warning
-#
-EJABBERD_BYPASS_WARNINGS=true
-
-#.
-#' SPOOL_DIR: Database spool dir
-#
-# Specify the full path to the database spool dir used in binary installer for
-# backwards compatibility.
-#
-# Docker: rroemhild/ejabberd
-#
-SPOOL_DIR=$EJABBERD_HOME/database/$ERLANG_NODE
@@ -1,3 +0,0 @@
-{lookup,["file","native"]}.
-{host,{127,0,0,1}, ["localhost","hostalias"]}.
-{file, resolv, "/etc/resolv.conf"}.
@@ -1,3 +0,0 @@
-FROM rroemhild/ejabberd
-ENV EJABBERD_HOME /opt/ejabberd
-COPY ./scripts $EJABBERD_HOME/scripts
@@ -1,23 +0,0 @@
-# Ejabberd cluster with docker compose
-
-This example uses [dnsdocker](https://github.com/tonistiigi/dnsdock) to discover other nodes and setup a multi-master cluster.
-
-Build the ejabberd cluster image:
-
-```bash
-git clone https://github.com/rroemhild/docker-ejabberd.git
-cd docker-ejabberd/examples/docker-compose-cluster
-docker-compose build
-```
-
-Start dnsdocker and the first ejabberd node:
-
-```bash
-docker-compose up -d
-```
-
-Wait until the first ejabberd node is up and running `docker-compose logs ejabberd`, then add some ejabberd nodes to the cluster:
-
-```bash
-docker-compose scale ejabberd=4
-```
@@ -1,25 +0,0 @@
-dnsdock:
-  image: tonistiigi/dnsdock
-  volumes:
-    - /var/run/docker.sock:/var/run/docker.sock
-  ports:
-    - 172.17.42.1:53:53/udp
-
-ejabberd:
-  build: .
-  ports:
-    - 5222
-    - 5269
-    - 5280
-  environment:
-    - XMPP_DOMAIN=example.com
-    - ERLANG_NODE=ejabberd
-    - EJABBERD_ADMINS=admin@example.com
-    - EJABBERD_USERS=admin@example.com:test321 user@example.com
-    - ERLANG_COOKIE=testCluster
-    - SKIP_MODULES_UPDATE=true
-    - EJABBERD_CLUSTER=true
-    - USE_DNS=true
-  dns: 172.17.42.1
-  domainname: dockercomposecluster_ejabberd.docker
-  tty: true
@@ -1,37 +0,0 @@
-# overwrite get_nodename to discover hostname from DNS
-get_nodename() {
-    local hostname=${HOSTNAME}
-
-    # get hostname from dns
-    if ( is_true ${USE_DNS} ); then
-        # wait for dns registration
-        sleep 1
-
-        nodename=$(discover_dns_hostname ${HOSTIP})
-
-        is_set ${nodename} \
-            && hostname=${nodename}
-    fi
-
-    echo $hostname
-    return 0
-}
-
-
-# discover hostname from dns with a reverse lookup
-discover_dns_hostname() {
-    local hostip=$1
-
-    # try to get the hostname from dns
-    local dnsname=$(drill -x ${hostip} \
-        | grep PTR \
-        | awk '{print $5}' \
-        | grep -E "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*.[a-zA-Z]+\.$" \
-        | cut -d '.' -f1 \
-        | tail -1)
-
-    is_set ${dnsname} \
-        && echo ${dnsname}
-
-    return 0
-}
@@ -1,28 +0,0 @@
-#!/bin/bash
-set -e
-
-source "${EJABBERD_HOME}/scripts/lib/base_config.sh"
-source "${EJABBERD_HOME}/scripts/lib/config.sh"
-source "${EJABBERD_HOME}/scripts/lib/base_functions.sh"
-source "${EJABBERD_HOME}/scripts/lib/functions.sh"
-
-
-get_cluster_node_from_dns() {
-    local cluster_host=$(drill ${DOMAINNAME} \
-        | grep ${DOMAINNAME} \
-        | grep -v ${HOSTIP} \
-        | awk '{print $5}' \
-        | grep -v "^$" \
-        | head -1)
-    echo $(discover_dns_hostname ${cluster_host})
-}
-
-
-file_exist ${FIRST_START_DONE_FILE} \
-    && exit 0
-
-
-join_cluster $(get_cluster_node_from_dns)
-
-
-exit 0
@@ -1 +0,0 @@
-# simple docker-compose example
@@ -1,11 +0,0 @@
-ejabberd:
-  image: rroemhild/ejabberd
-  ports:
-    - 5222:5222
-    - 5269:5269
-    - 5280:5280
-  environment:
-    - ERLANG_NODE=ejabberd
-    - XMPP_DOMAIN=example.com xyz.io
-    - EJABBERD_ADMINS=admin@example.com
-    - EJABBERD_USERS=admin@example.com:password4321 user1@xyz.io
@@ -1,99 +0,0 @@
-#!/bin/bash
-set -e
-
-source "${EJABBERD_HOME}/scripts/lib/base_config.sh"
-source "${EJABBERD_HOME}/scripts/lib/config.sh"
-source "${EJABBERD_HOME}/scripts/lib/base_functions.sh"
-source "${EJABBERD_HOME}/scripts/lib/functions.sh"
-
-# discover hostname
-readonly nodename=$(get_nodename)
-
-is_zero ${ERLANG_NODE} \
-    && export ERLANG_NODE="ejabberd@localhost"
-
-## backward compatibility
-# if ERLANG_NODE is true reset it to "ejabberd" and add
-# hostname to the nodename.
-# else: export ${ERLANG_NODE} with nodename
-if (is_true ${ERLANG_NODE}); then
-    export ERLANG_NODE="ejabberd@${nodename}"
-fi
-
-
-run_scripts() {
-    local run_script_dir="${EJABBERD_HOME}/scripts/${1}"
-    for script in ${run_script_dir}/*.sh ; do
-        if [ -f ${script} -a -x ${script} ] ; then
-            ${script}
-        fi
-    done
-}
-
-
-pre_scripts() {
-    run_scripts "pre"
-}
-
-
-post_scripts() {
-    run_scripts "post"
-}
-
-stop_scripts() {
-    run_scripts "stop"
-}
-
-
-ctl() {
-    local action="$1"
-    ${EJABBERDCTL} ${action} >/dev/null
-}
-
-
-_trap() {
-    echo "Stopping ejabberd..."
-    stop_scripts
-    if ctl stop ; then
-        local cnt=0
-        sleep 1
-        while ctl status || test $? = 1 ; do
-            cnt=`expr $cnt + 1`
-            if [ $cnt -ge 60 ] ; then
-                break
-            fi
-            sleep 1
-        done
-    fi
-}
-
-
-# Catch signals and shutdown ejabberd
-trap _trap SIGTERM SIGINT
-
-## run ejabberd
-case "$@" in
-    start)
-        pre_scripts
-        tail -n 0 -F ${LOGDIR}/crash.log \
-                ${LOGDIR}/error.log \
-                ${LOGDIR}/erlang.log &
-        echo "Starting ejabberd..."
-        exec ${EJABBERDCTL} "foreground" &
-        child=$!
-        ${EJABBERDCTL} "started"
-        post_scripts
-        wait $child
-    ;;
-    live)
-        pre_scripts
-        echo "Starting ejabberd in 'live' mode..."
-        exec ${EJABBERDCTL} "live"
-    ;;
-    shell)
-        exec "/bin/bash"
-    ;;
-    *)
-        exec $@
-    ;;
-esac
@@ -1,53 +0,0 @@
-readonly HOSTIP=$(hostname -i)
-readonly HOSTNAME=$(hostname -f)
-readonly DOMAINNAME=$(hostname -d)
-
-readonly ERLANGCOOKIEFILE="${EJABBERD_HOME}/.erlang.cookie"
-readonly EJABBERDCTL="/usr/local/sbin/ejabberdctl"
-readonly CONFIGFILE="${EJABBERD_HOME}/conf/ejabberd.yml"
-readonly CONFIGTEMPLATE="${EJABBERD_HOME}/conf/ejabberd.yml.tpl"
-readonly CTLCONFIGFILE="${EJABBERD_HOME}/conf/ejabberdctl.cfg"
-readonly CTLCONFIGTEMPLATE="${EJABBERD_HOME}/conf/ejabberdctl.cfg.tpl"
-readonly SSLCERTDIR="${EJABBERD_HOME}/ssl"
-readonly SSLCERTHOST="${SSLCERTDIR}/host.pem"
-readonly SSLDHPARAM="${SSLCERTDIR}/dh.pem"
-readonly LOGDIR="/usr/local/var/log/ejabberd"
-readonly FIRST_START_DONE_FILE="/${EJABBERD_HOME}/first-start-done"
-readonly CLUSTER_NODE_FILE="/${EJABBERD_HOME}/cluster-done"
-
-readonly PYTHON_JINJA2="import os;
-import sys;
-import jinja2;
-sys.stdout.write(
-    jinja2.Template
-        (sys.stdin.read()
-    ).render(env=os.environ))"
-
-# backward compatibility environment variables
-set +e
-
-[[ -n $EJABBERD_ADMIN ]] \
-    && export EJABBERD_ADMINS=${EJABBERD_ADMIN}
-
-[[ -n $AUTH_METHOD ]] \
-    && export EJABBERD_AUTH_METHOD=${AUTH_METHOD}
-
-[[ -n $SKIP_MODULES_UPDATE ]] \
-    && export EJABBERD_SKIP_MODULES_UPDATE=${SKIP_MODULES_UPDATE}
-
-[[ -n $ERL_OPTIONS ]] \
-    && export ERLANG_OPTIONS=${ERL_OPTIONS}
-
-[[ -n $SSLCERT_HOST ]] \
-    && export EJABBERD_SSLCERT_HOST=${SSLCERT_HOST}
-
-[[ -n $SSLCERT_EXAMPLE_COM ]] \
-    && export EJABBERD_SSLCERT_EXAMPLE_COM=${SSLCERT_EXAMPLE_COM}
-
-[[ -n $LOGLEVEL ]] \
-    && export EJABBERD_LOGLEVEL=${LOGLEVEL}
-
-[[ -n $EJABBERD_WEB_ADMIN_SSL ]] \
-    && export EJABBERD_HTTPS=${EJABBERD_WEB_ADMIN_SSL}
-
-set -e
@@ -1,66 +0,0 @@
-is_set() {
-    local var=$1
-
-    [[ -n $var ]]
-}
-
-
-is_zero() {
-    local var=$1
-
-    [[ -z $var ]]
-}
-
-
-file_exist() {
-    local file=$1
-
-    [[ -e $file ]]
-}
-
-
-is_true() {
-    local var=${1,,}
-    local choices=("yes" "1" "y" "true")
-    for ((i=0;i < ${#choices[@]};i++)) {
-        [[ "${choices[i]}" == $var ]] && return 0
-    }
-    return 1
-}
-
-
-# overwrite this function to get hostname from other sources
-# like dns or etcd
-get_nodename() {
-    echo ${HOSTNAME}
-}
-
-
-join_cluster() {
-    local cluster_node=$1
-
-    is_zero ${cluster_node} \
-        && exit 0
-
-    echo "Join cluster..."
-
-    local erlang_node_name=${ERLANG_NODE%@*}
-    local erlang_cluster_node="${erlang_node_name}@${cluster_node}"
-
-    response=$(${EJABBERDCTL} ping ${erlang_cluster_node})
-    while [ "$response" != "pong" ]; do
-        echo "Waiting for ${erlang_cluster_node}..."
-        sleep 2
-        response=$(${EJABBERDCTL} ping ${erlang_cluster_node})
-    done
-
-    echo "Join cluster at ${erlang_cluster_node}... "
-    NO_WARNINGS=true ${EJABBERDCTL} join_cluster $erlang_cluster_node
-
-    if [ $? -eq 0 ]; then
-        touch ${CLUSTER_NODE_FILE}
-    else
-        echo "cloud not join cluster"
-        exit 1
-    fi
-}
@@ -1 +0,0 @@
-# Overridable file
@@ -1 +0,0 @@
-# Overridable file
@@ -1,24 +0,0 @@
-#!/bin/bash
-set -e
-
-# Updates the known modules as to be found in https://github.com/processone/ejabberd-contrib
-
-source "${EJABBERD_HOME}/scripts/lib/base_config.sh"
-source "${EJABBERD_HOME}/scripts/lib/config.sh"
-source "${EJABBERD_HOME}/scripts/lib/base_functions.sh"
-source "${EJABBERD_HOME}/scripts/lib/functions.sh"
-
-
-run_modules_update_specs() {
-    echo -n 'Updating module specs... '
-    ${EJABBERDCTL} modules_update_specs
-}
-
-
-is_true ${EJABBERD_SKIP_MODULES_UPDATE} \
-    && exit 0
-
-run_modules_update_specs
-
-
-exit 0
@@ -1,143 +0,0 @@
-#!/bin/bash
-set -e
-
-# Installs modules as defined in environment variables
-
-source "${EJABBERD_HOME}/scripts/lib/base_config.sh"
-source "${EJABBERD_HOME}/scripts/lib/config.sh"
-source "${EJABBERD_HOME}/scripts/lib/base_functions.sh"
-source "${EJABBERD_HOME}/scripts/lib/functions.sh"
-
-install_module_from_source() {
-    local module_name=$1
-    local module_source_path=${EJABBERD_HOME}/module_source/${module_name}
-    local module_install_folder=${EJABBERD_HOME}/.ejabberd-modules/sources
-    
-    echo "Analyzing module ${module_name} for installation"
-    # Make sure that the module exists in the source folder before attempting a copy
-
-    if [ ! -d ${module_source_path} ]; then
-        echo "Error: Module ${module_name} not found in ${EJABBERD_HOME}/module_source"
-        echo "Please use a shared volume to populate your module in ${EJABBERD_HOME}/module_source"
-        return 1;
-    fi
-
-    # Check to see if the module is already installed
-    local install_count=$(${EJABBERDCTL} modules_installed | grep -ce "^${module_name}[[:space:]]")
-    if [ $install_count -gt 0 ]; then
-        echo "Error: Module already installed: ${module_name}"
-        return 1;
-    fi
-
-    # Copy the module into the shared folder
-    echo "Copying module to ejabberd folder ${module_install_folder}"
-    mkdir -p ${module_install_folder}
-    cp -R ${module_source_path} ${module_install_folder}
-
-    # Run the ejabberdctl module_check on the module
-    echo "Running module_check on ${module_name}"
-    ${EJABBERDCTL} module_check ${module_name}
-    if [ $? -ne 0 ]; then
-        echo "Module check failed for ${module_name}"
-        return 1;
-    fi
-    echo "Module check succeeded for ${module_name}"
-
-    # Install the module
-    echo "Running module_install on ${module_name}"
-    ${EJABBERDCTL} module_install ${module_name}
-    if [ $? -ne 0 ]; then
-        echo "Module installation failed for ${module_name}"
-        return 1;
-    fi
-    echo "Module installation succeeded for ${module_name}"
-
-    return 0;
-}
-
-install_module_from_ejabberd_contrib() {
-    local module_name=$1
-
-    # Check to see if the module is already installed
-    local install_count=$(${EJABBERDCTL} modules_installed | grep -ce "^${module_name}[[:space:]]")
-    if [ $install_count -gt 0 ]; then
-        echo "Error: Module already installed: ejabberd_contrib ${module_name}"
-        return 1;
-    fi
-
-    # Install the module
-    echo "Running module_install on ejabberd_contrib ${module_name}"
-    ${EJABBERDCTL} module_install ${module_name}
-    if [ $? -ne 0 ]; then
-        echo "Module installation failed for ejabberd_contrib ${module_name}"
-        return 1;
-    fi
-    echo "Module installation succeeded for ejabberd_contrib ${module_name}"
-
-    return 0;
-}
-
-enable_custom_auth_module_override() {
-    module_name=$1;
-    # When using custom authentication modules, the module name must be
-    # in the following pattern: ejabberd_auth_foo, where foo is the
-    # value you will use for your auth_method yml configuration.
-    required_prefix="ejabberd_auth_"
-
-    if [[ "${module_name}" != "${required_prefix}"* ]]; then
-        echo "Error: module_name must begin with ${required_prefix}"
-        exit 1;
-    fi
-
-    echo "Checking custom auth module: ${module_name}"
-    # Make sure the auth module is installed
-    local install_count=$(${EJABBERDCTL} modules_installed | grep -ce "^${module_name}[[:space:]]")
-    if [ $install_count -eq 0  ]; then
-        echo "Error: custom auth_module not installed: ${module_name}"
-        return 1;
-    fi
-
-    custom_auth_method=${module_name#$required_prefix}
-    echo -e "\nauth_method: [${custom_auth_method}]" >> ${CONFIGFILE}
-    echo "Custom auth module ${module_name} configuration complete."
-}
-
-file_exist ${FIRST_START_DONE_FILE} \
-    && exit 0
-
-is_restart_needed=0;
-
-if [ -n "${EJABBERD_SOURCE_MODULES}" ]; then
-    for module_name in ${EJABBERD_SOURCE_MODULES} ; do
-        install_module_from_source ${module_name}
-    done
-    is_restart_needed=1;
-fi
-
-# Check the EJABBERD_CONTRIB_MODULES variable for any ejabberd_contrib modules
-if [ -n "${EJABBERD_CONTRIB_MODULES}" ]; then
-    for module_name in ${EJABBERD_CONTRIB_MODULES} ; do
-        install_module_from_ejabberd_contrib ${module_name}
-    done
-    is_restart_needed=1;
-fi
-
-# If a custom module was defined for handling auth, we need to override
-# the pre-defined auth methods in the config.
-if [ -n "${EJABBERD_CUSTOM_AUTH_MODULE_OVERRIDE}" ]; then
-    enable_custom_auth_module_override "${EJABBERD_CUSTOM_AUTH_MODULE_OVERRIDE}"
-    is_restart_needed=1;
-fi
-
-# If any modules were installed, restart the server, if the option is enabled
-if [ ${is_restart_needed} -eq 1 ]; then
-    if is_true ${EJABBERD_RESTART_AFTER_MODULE_INSTALL} ; then
-        echo "Restarting ejabberd after successful module installation(s)"
-        ${EJABBERDCTL} restart
-        child=$!
-        ${EJABBERDCTL} "started"
-        wait $child
-    fi
-fi
-
-exit 0
@@ -1,118 +0,0 @@
-#!/bin/bash
-
-source "${EJABBERD_HOME}/scripts/lib/base_config.sh"
-source "${EJABBERD_HOME}/scripts/lib/config.sh"
-source "${EJABBERD_HOME}/scripts/lib/base_functions.sh"
-source "${EJABBERD_HOME}/scripts/lib/functions.sh"
-
-# Do not exit if users already registered
-set +e
-
-randpw() {
-    < /dev/urandom tr -dc A-Z-a-z-0-9 | head -c ${1:-16};
-    echo;
-}
-
-
-register_user() {
-    local user=$1
-    local domain=$2
-    local password=$3
-
-    ${EJABBERDCTL} register ${user} ${domain} ${password}
-    return $?
-}
-
-
-register_all_users() {
-    # register users from environment $EJABBERD_USERS with given
-    # password or random password written to stout. Use whitespace
-    # to seperate users.
-    #
-    # sample:
-    # - add a user with an given password:
-    #   -e "EJABBERD_USERS=admin@example.com:adminSecret"
-    # - add a user with a random password:
-    #   -e "EJABBERD_USERS=user@example.com"
-    # - set password for admin and use random for user1:
-    #   -e "EJABBERD_USERS=admin@example.com:adminSecret user@example.com"
-
-    for user in ${EJABBERD_USERS} ; do
-        local jid=${user%%:*}
-        local password=${user#*:}
-
-        local username=${jid%%@*}
-        local domain=${jid#*@}
-
-        [[ "${password}" == "${jid}" ]] \
-            && password=$(randpw)
-
-        register_user ${username} ${domain} ${password}
-        local retval=$?
-
-        [[ ${retval} -eq 0 ]] \
-            && echo "Password for user ${username}@${domain} is ${password}"
-    done
-}
-
-
-file_exist ${FIRST_START_DONE_FILE} \
-    && exit 0
-
-
-file_exist ${CLUSTER_NODE_FILE} \
-    && exit 0
-
-
-is_set ${EJABBERD_USERS} \
-    && register_all_users
-
-
-##################################
-## Keep for backward compatibility
-
-register_all_ejabberd_admins() {
-    # add all admins from environment $EJABBERD_ADMINS with the passwords from
-    # environment $EJABBERD_ADMIN_PASS.
-
-    local passwords
-    local IFS=' '
-    read -a passwords <<< "${EJABBERD_ADMIN_PWD}"
-
-    for admin in ${EJABBERD_ADMINS} ; do
-        local user=${admin%%@*}
-        local domain=${admin#*@}
-        local password=${passwords[0]}
-        passwords=("${passwords[@]:1}")
-        register_user ${user} ${domain} ${password}
-    done
-}
-
-
-register_all_ejabberd_admins_randpw() {
-    # add all admins from environment $EJABBERD_ADMINS with a random
-    # password and write the password to stdout.
-
-    for admin in ${EJABBERD_ADMINS} ; do
-        local user=${admin%%@*}
-        local domain=${admin#*@}
-        local password=$(randpw)
-
-        register_user ${user} ${domain} ${password}
-        local retval=$?
-
-        [[ ${retval} -eq 0 ]] \
-            && echo "Password for user ${user}@${domain} is ${password}"
-    done
-}
-
-
-is_set ${EJABBERD_ADMIN_PWD} \
-    && register_all_ejabberd_admins
-
-
-is_true ${EJABBERD_ADMIN_RANDPWD} \
-    && register_all_ejabberd_admins_randpw
-
-
-exit 0
@@ -1,14 +0,0 @@
-#!/bin/bash
-set -e
-
-# Write a first-start-done file
-
-source "${EJABBERD_HOME}/scripts/lib/base_config.sh"
-source "${EJABBERD_HOME}/scripts/lib/config.sh"
-source "${EJABBERD_HOME}/scripts/lib/base_functions.sh"
-source "${EJABBERD_HOME}/scripts/lib/functions.sh"
-
-
-if [ ! -e "${FIRST_START_DONE_FILE}" ]; then
-    touch ${FIRST_START_DONE_FILE}
-fi
@@ -1,23 +0,0 @@
-#!/bin/bash
-set -e
-
-source "${EJABBERD_HOME}/scripts/lib/base_config.sh"
-source "${EJABBERD_HOME}/scripts/lib/config.sh"
-source "${EJABBERD_HOME}/scripts/lib/base_functions.sh"
-source "${EJABBERD_HOME}/scripts/lib/functions.sh"
-
-
-readonly whoami=$(whoami)
-
-
-change_ejabberd_run_user() {
-    echo "Change ejabberd install user to root..."
-    sed -i "s/INSTALLUSER=${EJABBERD_USER}/INSTALLUSER=${whoami}/" ${EJABBERDCTL}
-}
-
-
-[[ "${whoami}" == "root" ]] \
-    && change_ejabberd_run_user
-
-
-exit 0
@@ -1,33 +0,0 @@
-#!/bin/bash
-set -e
-
-source "${EJABBERD_HOME}/scripts/lib/base_config.sh"
-source "${EJABBERD_HOME}/scripts/lib/config.sh"
-source "${EJABBERD_HOME}/scripts/lib/base_functions.sh"
-source "${EJABBERD_HOME}/scripts/lib/functions.sh"
-
-# Instead of having to mount a direction, specify the ssl certs
-# via environment variables:
-# `EJABBERD_SSLCERT_HOST` and `EJABBERD_SSLCERT_{domain_name}`.
-# For example: `EJABBERD_SSLCERT_EXAMPLE_COM`.
-
-write_file_from_env() {
-    echo "Writing $1 to $2"
-    mkdir -p "$(dirname $2)"
-    echo "${!1}" > $2
-}
-
-# Write the host certificate
-is_set ${EJABBERD_SSLCERT_HOST} \
-  && write_file_from_env "EJABBERD_SSLCERT_HOST" ${SSLCERTHOST}
-
-# Write the domain certificates for each XMPP_DOMAIN
-for xmpp_domain in ${XMPP_DOMAIN} ; do
-    var="EJABBERD_SSLCERT_$(echo $xmpp_domain | awk '{print toupper($0)}' | sed 's/\./_/g;s/-/_/g')"
-    if is_set ${!var} ; then
-        file_exist "${SSLCERTDIR}/${xmpp_domain}.pem" \
-          || write_file_from_env "$var" "${SSLCERTDIR}/${xmpp_domain}.pem"
-    fi
-done
-
-exit 0
@@ -1,91 +0,0 @@
-#!/bin/bash
-set -e
-
-source "${EJABBERD_HOME}/scripts/lib/base_config.sh"
-source "${EJABBERD_HOME}/scripts/lib/config.sh"
-source "${EJABBERD_HOME}/scripts/lib/base_functions.sh"
-source "${EJABBERD_HOME}/scripts/lib/functions.sh"
-
-
-make_snakeoil_certificate() {
-    local domain=$1
-    local certfile=$2
-
-    openssl req -subj "/CN=${domain}" \
-                -new \
-                -newkey rsa:4096 \
-                -days 365 \
-                -nodes \
-                -x509 \
-                -keyout /tmp/selfsigned.key \
-                -out /tmp/selfsigned.crt
-
-    echo "Writing ssl cert and private key to '${certfile}'..."
-    cat /tmp/selfsigned.crt /tmp/selfsigned.key > ${certfile}
-    rm /tmp/selfsigned.crt /tmp/selfsigned.key
-}
-
-
-make_host_snakeoil_certificate() {
-    local IFS=@
-    local domain='localhost'
-    local erlang_node=${ERLANG_NODE}
-
-    if is_true ${erlang_node} ; then
-        domain=${HOSTNAME}
-    elif is_set ${erlang_node} ; then
-        set ${erlang_node}
-        local nodehost=$2
-        if is_zero ${nodehost} ; then
-            domain=${HOSTNAME}
-        else
-            domain=${nodehost}
-        fi
-    fi
-
-    echo -n "Missing ssl cert for your host. "
-    echo "Generating snakeoil ssl cert for ${domain}..."
-
-    make_snakeoil_certificate ${domain} ${SSLCERTHOST}
-}
-
-
-make_domain_snakeoil_certificate() {
-    local domain=$1
-    local certfile=$2
-
-    echo -n "Missing ssl cert for your xmpp domain. "
-    echo "Generating snakeoil ssl cert for ${domain}..."
-
-    make_snakeoil_certificate ${domain} ${certfile}
-}
-
-
-## backward compatibility
-# link old xmpp_domain.pem file to the first <domainname>.pem in XMPP_DOMAIN
-readonly SSLCERTDOMAIN="${SSLCERTDIR}/xmpp_domain.pem"
-if file_exist ${SSLCERTDOMAIN} ; then
-    for xmpp_domain in ${XMPP_DOMAIN} ; do
-        file_exist "${SSLCERTDIR}/${xmpp_domain}.pem" \
-          || ln -s ${SSLCERTDOMAIN} "${SSLCERTDIR}/${xmpp_domain}.pem"
-        break
-    done
-fi
-
-
-is_true ${EJABBERD_SKIP_MAKE_SSLCERT} \
-    && echo "Skip certificate generation" \
-    && exit 0
-
-# generate host ssl cert if missing
-file_exist ${SSLCERTHOST} \
-  || make_host_snakeoil_certificate
-
-# generate xmmp domain ssl certificates if missing
-for xmpp_domain in ${XMPP_DOMAIN} ; do
-  domain_certfile="${SSLCERTDIR}/${xmpp_domain}.pem"
-  file_exist ${domain_certfile} \
-    || make_domain_snakeoil_certificate ${xmpp_domain} ${domain_certfile}
-done
-
-exit 0
@@ -1,28 +0,0 @@
-#!/bin/bash
-set -e
-
-source "${EJABBERD_HOME}/scripts/lib/base_config.sh"
-source "${EJABBERD_HOME}/scripts/lib/config.sh"
-source "${EJABBERD_HOME}/scripts/lib/base_functions.sh"
-source "${EJABBERD_HOME}/scripts/lib/functions.sh"
-
-
-make_dhparam() {
-	local dhfile=$1
-	local bits=$2
-
-	echo "Writing dh file to '${dhfile}'..."
-	openssl dhparam -out ${dhfile} ${bits}
-}
-
-
-is_true ${EJABBERD_SKIP_MAKE_DHPARAM} \
-	&& echo "Skip DH param generation" \
-    && exit 0
-
-if is_true ${EJABBERD_DHPARAM} ; then
-	file_exist ${SSLDHPARAM} \
-		|| make_dhparam ${SSLDHPARAM} 4096
-fi
-
-exit 0
@@ -1,25 +0,0 @@
-#!/bin/bash
-set -e
-
-source "${EJABBERD_HOME}/scripts/lib/base_config.sh"
-source "${EJABBERD_HOME}/scripts/lib/config.sh"
-source "${EJABBERD_HOME}/scripts/lib/base_functions.sh"
-source "${EJABBERD_HOME}/scripts/lib/functions.sh"
-
-
-set_erlang_cookie() {
-    echo "Set erlang cookie to ${ERLANG_COOKIE}..."
-    echo ${ERLANG_COOKIE} > ${ERLANGCOOKIEFILE}
-    chmod 400 ${ERLANGCOOKIEFILE}
-}
-
-
-file_exist ${FIRST_START_DONE_FILE} \
-    && exit 0
-
-
-# set erlang cookie if ERLANG_COOKIE is set in environemt
-is_set ${ERLANG_COOKIE} \
-    && set_erlang_cookie
-
-exit 0
@@ -1,38 +0,0 @@
-#!/bin/bash
-set -e
-
-source "${EJABBERD_HOME}/scripts/lib/base_config.sh"
-source "${EJABBERD_HOME}/scripts/lib/config.sh"
-source "${EJABBERD_HOME}/scripts/lib/base_functions.sh"
-source "${EJABBERD_HOME}/scripts/lib/functions.sh"
-
-
-make_config() {
-    if [ ! -e ${CONFIGFILE} ]; then
-        echo "Generating ejabberd config file..."
-        cat ${CONFIGTEMPLATE} \
-          | python -c "${PYTHON_JINJA2}" \
-          > ${CONFIGFILE}
-    else
-        echo "ejabberd config file exists."
-    fi
-
-    if [ ! -e ${CTLCONFIGFILE} ]; then
-        echo "Generating ejabberdctl config file..."
-        cat ${CTLCONFIGTEMPLATE} \
-          | python -c "${PYTHON_JINJA2}" \
-          > ${CTLCONFIGFILE}
-    else
-        echo "ejabberdctl config file exists."
-    fi
-}
-
-
-file_exist ${FIRST_START_DONE_FILE} \
-    && exit 0
-
-
-# generate config file
-make_config
-
-exit 0
@@ -1,21 +0,0 @@
-#!/bin/bash
-set -e
-
-source "${EJABBERD_HOME}/scripts/lib/base_config.sh"
-source "${EJABBERD_HOME}/scripts/lib/config.sh"
-source "${EJABBERD_HOME}/scripts/lib/base_functions.sh"
-source "${EJABBERD_HOME}/scripts/lib/functions.sh"
-
-
-leave_cluster() {
-    echo "Leave cluster... "
-    rm ${CLUSTER_NODE_FILE}
-    NO_WARNINGS=true ${EJABBERDCTL} leave_cluster
-}
-
-
-file_exist ${CLUSTER_NODE_FILE} \
-    && leave_cluster
-
-
-exit 0
@@ -13,6 +13,7 @@ ExecStart=/bin/sh -c '@ctlscriptpath@/ejabberdctl start && @ctlscriptpath@/ejabb
 ExecStop=/bin/sh -c '@ctlscriptpath@/ejabberdctl stop && @ctlscriptpath@/ejabberdctl stopped'
 ExecReload=@ctlscriptpath@/ejabberdctl reload_config
 PrivateDevices=true
+TimeoutSec=300

 [Install]
 WantedBy=multi-user.target
@@ -1,15 +1,16 @@
 ###
-###'              ejabberd configuration file
+###              ejabberd configuration file
 ###
+### The parameters used in this configuration file are explained at
+###
+###       https://docs.ejabberd.im/admin/configuration
 ###
-
-### The parameters used in this configuration file are explained in more detail
-### in the ejabberd Installation and Operation Guide.
-### Please consult the Guide in case of doubts, it is included with
-### your copy of ejabberd, and is also available online at
-### http://www.process-one.net/en/ejabberd/docs/
-
 ### The configuration file is written in YAML.
+### *******************************************************
+### *******           !!! WARNING !!!               *******
+### *******     YAML IS INDENTATION SENSITIVE       *******
+### ******* MAKE SURE YOU INDENT SECTIONS CORRECTLY *******
+### *******************************************************
 ### Refer to http://en.wikipedia.org/wiki/YAML for the brief description.
 ### However, ejabberd treats different literals as different types:
 ###
@@ -23,566 +24,77 @@
 ###   Example of folded string:
 ###   > Art thou not Romeo,
 ###     and a Montague?
+###

-###.  =======
-###'  LOGGING
-
-##
-## loglevel: Verbosity of log files generated by ejabberd.
-## 0: No ejabberd log at all (not recommended)
-## 1: Critical
-## 2: Error
-## 3: Warning
-## 4: Info
-## 5: Debug
-##
-loglevel: 4
-
-##
-## rotation: Describe how to rotate logs. Either size and/or date can trigger
-## log rotation. Setting count to N keeps N rotated logs. Setting count to 0
-## does not disable rotation, it instead rotates the file and keeps no previous
-## versions around. Setting size to X rotate log when it reaches X bytes.
-## To disable rotation set the size to 0 and the date to ""
-## Date syntax is taken from the syntax newsyslog uses in newsyslog.conf.
-## Some examples:
-##  $D0     rotate every night at midnight
-##  $D23    rotate every day at 23:00 hr
-##  $W0D23  rotate every week on Sunday at 23:00 hr
-##  $W5D16  rotate every week on Friday at 16:00 hr
-##  $M1D0   rotate on the first day of every month at midnight
-##  $M5D6   rotate on every 5th day of the month at 6:00 hr
-##
-log_rotate_size: 10485760
-log_rotate_date: ""
-log_rotate_count: 1
-
-##
-## overload protection: If you want to limit the number of messages per second
-## allowed from error_logger, which is a good idea if you want to avoid a flood
-## of messages when system is overloaded, you can set a limit.
-## 100 is ejabberd's default.
-log_rate_limit: 100
-
-##
-## watchdog_admins: Only useful for developers: if an ejabberd process
-## consumes a lot of memory, send live notifications to these XMPP
-## accounts.
-##
-## watchdog_admins:
-##   - "bob@example.com"
-
-###.  ===============
-###'  NODE PARAMETERS
-
-##
-## net_ticktime: Specifies net_kernel tick time in seconds. This options must have
-## identical value on all nodes, and in most cases shouldn't be changed at all from
-## default value.
-##
-## net_ticktime: 60
-
-###.  ================
-###'  SERVED HOSTNAMES
-
-##
-## hosts: Domains served by ejabberd.
-## You can define one or several, for example:
-## hosts:
-##   - "example.net"
-##   - "example.com"
-##   - "example.org"
-##
 hosts:
  - "localhost"

-##
-## route_subdomains: Delegate subdomains to other XMPP servers.
-## For example, if this ejabberd serves example.org and you want
-## to allow communication with an XMPP server called im.example.org.
-##
-## route_subdomains: s2s
+loglevel: 4
+log_rotate_size: 10485760
+log_rotate_date: ""
+log_rotate_count: 1
+log_rate_limit: 100

-###.  ============
-###'  Certificates
+certfiles:
+  - "/etc/letsencrypt/live/*/*.pem"

-## List all available PEM files containing certificates for your domains,
-## chains of certificates or certificate keys. Full chains will be built
-## automatically by ejabberd.
-##
-## certfiles:
-##   - "/etc/letsencrypt/live/example.org/*.pem"
-##   - "/etc/letsencrypt/live/example.com/*.pem"
-##
-## If your system provides only a single CA file (CentOS/FreeBSD):
-## ca_file: "/etc/ssl/certs/ca-bundle.pem"
-
-###.  =================
-###'  TLS configuration
-
-## define_macro:
-##   'TLS_CIPHERS': "HIGH:!aNULL:!eNULL:!3DES:@STRENGTH"
-##   'TLS_OPTIONS':
-##      - "no_sslv3"
-##      - "cipher_server_preference"
-##      - "no_compression"
-##   'DH_FILE': "/path/to/dhparams.pem" # generated with: openssl dhparam -out dhparams.pem 2048
-##
-## c2s_dhfile: 'DH_FILE'
-## s2s_dhfile: 'DH_FILE'
-## c2s_ciphers: 'TLS_CIPHERS'
-## s2s_ciphers: 'TLS_CIPHERS'
-## c2s_protocol_options: 'TLS_OPTIONS'
-## s2s_protocol_options: 'TLS_OPTIONS'
-
-###.  ===============
-###'  LISTENING PORTS
-
-##
-## listen: The ports ejabberd will listen on, which service each is handled
-## by and what options to start it with.
-##
 listen:
  -
    port: 5222
    ip: "::"
    module: ejabberd_c2s
-    ##
-    ## If TLS is compiled in and you installed a SSL
-    ## certificate, uncomment this line:
-    ##
-    ## starttls: true
-    ##
-    ## To enforce TLS encryption for client connections,
-    ## use this instead of the "starttls" option:
-    ##
-    ## starttls_required: true
-    ##
-    ## Stream compression
-    ##
-    ## zlib: true
-    ##
-    max_stanza_size: 65536
+    max_stanza_size: 262144
    shaper: c2s_shaper
    access: c2s
+    starttls_required: true
  -
    port: 5269
    ip: "::"
    module: ejabberd_s2s_in
+    max_stanza_size: 524288
  -
-    port: 5280
+    port: 5443
    ip: "::"
    module: ejabberd_http
    request_handlers:
-      "/ws": ejabberd_http_ws
-      "/bosh": mod_bosh
      "/api": mod_http_api
-    ##  "/pub/archive": mod_http_fileserver
+      "/bosh": mod_bosh
+      "/upload": mod_http_upload
+      "/ws": ejabberd_http_ws
    web_admin: true
-    ## register: true
    captcha: true
-  ##
-  ## ejabberd_service: Interact with external components (transports, ...)
-  ##
-  ## -
-  ##   port: 8888
-  ##   ip: "::"
-  ##   module: ejabberd_service
-  ##   access: all
-  ##   shaper_rule: fast
-  ##   ip: "127.0.0.1"
-  ##   privilege_access:
-  ##      roster: "both"
-  ##      message: "outgoing"
-  ##      presence: "roster"
-  ##   delegations:
-  ##      "urn:xmpp:mam:1":
-  ##        filtering: ["node"]
-  ##      "http://jabber.org/protocol/pubsub":
-  ##        filtering: []
-  ##   hosts:
-  ##     "icq.example.org":
-  ##       password: "secret"
-  ##     "sms.example.org":
-  ##       password: "secret"
+    tls: true

-  ##
-  ## ejabberd_stun: Handles STUN Binding requests
-  ##
-  ## -
-  ##   port: 3478
-  ##   transport: udp
-  ##   module: ejabberd_stun
+s2s_use_starttls: optional

-  ##
-  ## To handle XML-RPC requests that provide admin credentials:
-  ##
-  ## -
-  ##   port: 4560
-  ##   ip: "::"
-  ##   module: ejabberd_xmlrpc
-  ##   maxsessions: 10
-  ##   timeout: 5000
-  ##   access_commands:
-  ##     admin:
-  ##       commands: all
-  ##       options: []
-
-  ##
-  ## To enable secure http upload
-  ##
-  ## -
-  ##   port: 5444
-  ##   ip: "::"
-  ##   module: ejabberd_http
-  ##   request_handlers:
-  ##     "": mod_http_upload
-  ##   tls: true
-  ##   protocol_options: 'TLSOPTS'
-  ##   dhfile: 'DHFILE'
-  ##   ciphers: 'CIPHERS'
-
-## Disabling digest-md5 SASL authentication. digest-md5 requires plain-text
-## password storage (see auth_password_format option).
-## disable_sasl_mechanisms: "digest-md5"
-
-###.  ==================
-###'  S2S GLOBAL OPTIONS
-
-##
-## s2s_use_starttls: Enable STARTTLS for S2S connections.
-## Allowed values are: false, optional or required
-## You must specify 'certfiles' option
-##
-## s2s_use_starttls: optional
-
-##
-## S2S whitelist or blacklist
-##
-## Default s2s policy for undefined hosts.
-##
-## s2s_access: s2s
-
-##
-## Outgoing S2S options
-##
-## Preferred address families (which to try first) and connect timeout
-## in seconds.
-##
-## outgoing_s2s_families:
-##   - ipv4
-##   - ipv6
-## outgoing_s2s_timeout: 190
-
-###.  ==============
-###'  AUTHENTICATION
-
-##
-## auth_method: Method used to authenticate the users.
-## The default method is the internal.
-## If you want to use a different method,
-## comment this line and enable the correct ones.
-##
-auth_method: internal
-
-##
-## Store the plain passwords or hashed for SCRAM:
-## auth_password_format: plain
-## auth_password_format: scram
-##
-## Define the FQDN if ejabberd doesn't detect it:
-## fqdn: "server3.example.com"
-
-##
-## Authentication using external script
-## Make sure the script is executable by ejabberd.
-##
-## auth_method: external
-## extauth_program: "/path/to/authentication/script"
-
-##
-## Authentication using SQL
-## Remember to setup a database in the next section.
-##
-## auth_method: sql
-
-##
-## Authentication using PAM
-##
-## auth_method: pam
-## pam_service: "pamservicename"
-
-##
-## Authentication using LDAP
-##
-## auth_method: ldap
-##
-## List of LDAP servers:
-## ldap_servers:
-##   - "localhost"
-##
-## Encryption of connection to LDAP servers:
-## ldap_encrypt: none
-## ldap_encrypt: tls
-##
-## Port to connect to on LDAP servers:
-## ldap_port: 389
-## ldap_port: 636
-##
-## LDAP manager:
-## ldap_rootdn: "dc=example,dc=com"
-##
-## Password of LDAP manager:
-## ldap_password: "******"
-##
-## Search base of LDAP directory:
-## ldap_base: "dc=example,dc=com"
-##
-## LDAP attribute that holds user ID:
-## ldap_uids:
-##   - "mail": "%u@mail.example.org"
-##
-## LDAP filter:
-## ldap_filter: "(objectClass=shadowAccount)"
-
-##
-## Anonymous login support:
-##   auth_method: anonymous
-##   anonymous_protocol: sasl_anon | login_anon | both
-##   allow_multiple_connections: true | false
-##
-## host_config:
-##   "public.example.org":
-##     auth_method: anonymous
-##     allow_multiple_connections: false
-##     anonymous_protocol: sasl_anon
-##
-## To use both anonymous and internal authentication:
-##
-## host_config:
-##   "public.example.org":
-##     auth_method:
-##       - internal
-##       - anonymous
-
-###.  ==============
-###'  DATABASE SETUP
-
-## ejabberd by default uses the internal Mnesia database,
-## so you do not necessarily need this section.
-## This section provides configuration examples in case
-## you want to use other database backends.
-## Please consult the ejabberd Guide for details on database creation.
-
-##
-## MySQL server:
-##
-## sql_type: mysql
-## sql_server: "server"
-## sql_database: "database"
-## sql_username: "username"
-## sql_password: "password"
-##
-## If you want to specify the port:
-## sql_port: 1234
-
-##
-## PostgreSQL server:
-##
-## sql_type: pgsql
-## sql_server: "server"
-## sql_database: "database"
-## sql_username: "username"
-## sql_password: "password"
-##
-## If you want to specify the port:
-## sql_port: 1234
-##
-## If you use PostgreSQL, have a large database, and need a
-## faster but inexact replacement for "select count(*) from users"
-##
-## pgsql_users_number_estimate: true
-
-##
-## SQLite:
-##
-## sql_type: sqlite
-## sql_database: "/path/to/database.db"
-
-##
-## ODBC compatible or MSSQL server:
-##
-## sql_type: odbc
-## sql_server: "DSN=ejabberd;UID=ejabberd;PWD=ejabberd"
-
-##
-## Number of connections to open to the database for each virtual host
-##
-## sql_pool_size: 10
-
-##
-## Interval to make a dummy SQL request to keep the connections to the
-## database alive. Specify in seconds: for example 28800 means 8 hours
-##
-## sql_keepalive_interval: undefined
-
-###.  ===============
-###'  TRAFFIC SHAPERS
-
-shaper:
-  ##
-  ## The "normal" shaper limits traffic speed to 1000 B/s
-  ##
-  normal: 1000
-
-  ##
-  ## The "fast" shaper limits traffic speed to 50000 B/s
-  ##
-  fast: 50000
-
-##
-## This option specifies the maximum number of elements in the queue
-## of the FSM. Refer to the documentation for details.
-##
-max_fsm_queue: 10000
-
-###.   ====================
-###'   ACCESS CONTROL LISTS
 acl:
-  ##
-  ## The 'admin' ACL grants administrative privileges to XMPP accounts.
-  ## You can put here as many accounts as you want.
-  ##
-  ## admin:
-  ##   user:
-  ##     - "aleksey@localhost"
-  ##     - "ermine@example.org"
-  ##
-  ## Blocked users
-  ##
-  ## blocked:
-  ##   user:
-  ##     - "baduser@example.org"
-  ##     - "test"
-
-  ## Local users: don't modify this.
-  ##
  local:
    user_regexp: ""
-
-  ##
-  ## More examples of ACLs
-  ##
-  ## jabberorg:
-  ##   server:
-  ##     - "jabber.org"
-  ## aleksey:
-  ##   user:
-  ##     - "aleksey@jabber.ru"
-  ## test:
-  ##   user_regexp: "^test"
-  ##   user_glob: "test*"
-
-  ##
-  ## Loopback network
-  ##
  loopback:
    ip:
      - "127.0.0.0/8"
      - "::1/128"
      - "::FFFF:127.0.0.1/128"

-  ##
-  ## Bad XMPP servers
-  ##
-  ## bad_servers:
-  ##   server:
-  ##     - "xmpp.zombie.org"
-  ##     - "xmpp.spam.com"
-
-##
-## Define specific ACLs in a virtual host.
-##
-## host_config:
-##   "localhost":
-##     acl:
-##       admin:
-##         user:
-##           - "bob-local@localhost"
-
-###.  ============
-###'  SHAPER RULES
-
-shaper_rules:
-  ## Maximum number of simultaneous sessions allowed for a single user:
-  max_user_sessions: 10
-  ## Maximum number of offline messages that users can have:
-  max_user_offline_messages:
-    - 5000: admin
-    - 100
-  ## For C2S connections, all users except admins use the "normal" shaper
-  c2s_shaper:
-    - none: admin
-    - normal
-  ## All S2S connections use the "fast" shaper
-  s2s_shaper: fast
-
-###.  ============
-###'  ACCESS RULES
 access_rules:
-  ## This rule allows access only for local users:
  local:
    - allow: local
-  ## Only non-blocked users can use c2s connections:
  c2s:
    - deny: blocked
    - allow
-  ## Only admins can send announcement messages:
  announce:
    - allow: admin
-  ## Only admins can use the configuration interface:
  configure:
    - allow: admin
-  ## Only accounts of the local ejabberd server can create rooms:
  muc_create:
    - allow: local
-  ## Only accounts on the local ejabberd server can create Pubsub nodes:
  pubsub_createnode:
    - allow: local
-  ## In-band registration allows registration of any possible username.
-  ## To disable in-band registration, replace 'allow' with 'deny'.
  register:
    - allow
-  ## Only allow to register from localhost
  trusted_network:
    - allow: loopback
-  ## Do not establish S2S connections with bad servers
-  ## If you enable this you also have to uncomment "s2s_access: s2s"
-  ## s2s:
-  ##   - deny:
-  ##     - ip: "XXX.XXX.XXX.XXX/32"
-  ##   - deny:
-  ##     - ip: "XXX.XXX.XXX.XXX/32"
-  ##   - allow

-## ===============
-## API PERMISSIONS
-## ===============
-##
-## This section allows you to define who and using what method
-## can execute commands offered by ejabberd.
-##
-## By default "console commands" section allow executing all commands
-## issued using ejabberdctl command, and "admin access" section allows
-## users in admin acl that connect from 127.0.0.1 to  execute all
-## commands except start and stop with any available access method
-## (ejabberdctl, http-api, xmlrpc depending what is enabled on server).
-##
-## If you remove "console commands" there will be one added by
-## default allowing executing all commands, but if you just change
-## permissions in it, version from config file will be used instead
-## of default one.
-##
 api_permissions:
  "console commands":
    from:
@@ -612,231 +124,94 @@ api_permissions:
      - "status"
      - "connected_users_number"

-## By default the frequency of account registrations from the same IP
-## is limited to 1 account every 10 minutes. To disable, specify: infinity
-## registration_timeout: 600
-  
-##
-## Define specific Access Rules in a virtual host.
-##
-## host_config:
-##   "localhost":
-##     access:
-##       c2s:
-##         - allow: admin
-##         - deny
-##       register:
-##         - deny
+shaper:
+  normal: 1000
+  fast: 50000

-###.  ================
-###'  DEFAULT LANGUAGE
+shaper_rules:
+  max_user_sessions: 10
+  max_user_offline_messages:
+    - 5000: admin
+    - 100
+  c2s_shaper:
+    - none: admin
+    - normal
+  s2s_shaper: fast

-##
-## language: Default language used for server messages.
-##
-language: "en"
-
-##
-## Set a different default language in a virtual host.
-##
-## host_config:
-##   "localhost":
-##     language: "ru"
-
-###.  =======
-###'  CAPTCHA
-
-##
-## Full path to a script that generates the image.
-##
-## captcha_cmd: "/lib/ejabberd/priv/bin/captcha.sh"
-
-##
-## Host for the URL and port where ejabberd listens for CAPTCHA requests.
-##
-## captcha_host: "example.org:5280"
-
-##
-## Limit CAPTCHA calls per minute for JID/IP to avoid DoS.
-##
-## captcha_limit: 5
-
-###.  ====
-###'  ACME
-##
-## In order to use the acme certificate acquiring through "Let's Encrypt"
-## an http listener has to be configured to listen to port 80 so that
-## the authorization challenges posed by "Let's Encrypt" can be solved.
-## 
-## A simple way of doing this would be to add the following in the listening
-## section and to configure port forwarding from 80 to 5280 either via NAT
-## (for ipv4 only) or using frontends such as haproxy/nginx/sslh/etc.
-##   - 
-##    port: 5280
-##    ip: "::"
-##    module: ejabberd_http
-
-acme:
-
-   ## A contact mail that the ACME Certificate Authority can contact in case of
-   ## an authorization issue, such as a server-initiated certificate revocation.
-   ## It is not mandatory to provide an email address but it is highly suggested.
-   contact: "mailto:example-admin@example.com"
-
-
-   ## The ACME Certificate Authority URL.
-   ## This could either be:
-   ##   - https://acme-v01.api.letsencrypt.org - (Default) for the production CA
-   ##   - https://acme-staging.api.letsencrypt.org - for the staging CA
-   ##   - http://localhost:4000 - for a local version of the CA
-   ca_url: "https://acme-v01.api.letsencrypt.org"
-
-###.  =======
-###'  MODULES
-
-##
-## Modules enabled in all ejabberd virtual hosts.
-##
 modules:
  mod_adhoc: {}
  mod_admin_extra: {}
-  mod_announce: # recommends mod_adhoc
+  mod_announce:
    access: announce
-  mod_blocking: {} # requires mod_privacy
+  mod_avatar: {}
+  mod_blocking: {}
+  mod_bosh: {}
  mod_caps: {}
  mod_carboncopy: {}
  mod_client_state: {}
-  mod_configure: {} # requires mod_adhoc
-  ## mod_delegation: {} # for xep0356
+  mod_configure: {}
  mod_disco: {}
-  mod_echo: {}
-  mod_irc: {}
-  mod_bosh: {}
-  ## mod_http_fileserver:
-  ##   docroot: "/var/www"
-  ##   accesslog: "/var/log/ejabberd/access.log"
-  ## mod_http_upload:
-  ##   # docroot: "@HOME@/upload"
-  ##   put_url: "https://@HOST@:5444"
-  ##   thumbnail: false # otherwise needs the identify command from ImageMagick installed
-  ## mod_http_upload_quota:
-  ##   max_days: 30
+  mod_fail2ban: {}
+  mod_http_api: {}
+  mod_http_upload:
+    put_url: "https://@HOST@:5443/upload"
  mod_last: {}
-  ## XEP-0313: Message Archive Management
-  ## You might want to setup a SQL backend for MAM because the mnesia database is
-  ## limited to 2GB which might be exceeded on large servers
-  ## mod_mam: {} # for xep0313, mnesia is limited to 2GB, better use an SQL backend
+  mod_mam:
+    ## Mnesia is limited to 2GB, better to use an SQL backend
+    ## For small servers SQLite is a good fit and is very easy
+    ## to configure. Uncomment this when you have SQL configured:
+    ## db_type: sql
+    assume_mam_usage: true
+    default: always
  mod_muc:
-    ## host: "conference.@HOST@"
    access:
      - allow
    access_admin:
      - allow: admin
    access_create: muc_create
    access_persistent: muc_create
+    default_room_options:
+      mam: true
  mod_muc_admin: {}
-  ## mod_muc_log: {}
-  ## mod_multicast: {}
  mod_offline:
    access_max_user_messages: max_user_offline_messages
  mod_ping: {}
-  ## mod_pres_counter:
-  ##   count: 5
-  ##   interval: 60
  mod_privacy: {}
  mod_private: {}
-  ## mod_proxy65: {}
  mod_pubsub:
    access_createnode: pubsub_createnode
-    ## reduces resource comsumption, but XEP incompliant
-    ignore_pep_from_offline: true
-    ## XEP compliant, but increases resource comsumption
-    ## ignore_pep_from_offline: false
-    last_item_cache: false
    plugins:
      - "flat"
-      - "hometree"
-      - "pep" # pep requires mod_caps
+      - "pep"
+    force_node_config:
+      ## Comment out the following lines to enable OMEMO support
+      ## See https://github.com/processone/ejabberd/issues/2425
+      "eu.siacs.conversations.axolotl.*":
+        access_model: whitelist
+      ## Avoid buggy clients to make their bookmarks public
+      "storage:bookmarks":
+        access_model: whitelist
  mod_push: {}
  mod_push_keepalive: {}
-  ## mod_register:
-    ##
-    ## Protect In-Band account registrations with CAPTCHA.
-    ##
-    ##   captcha_protected: true
-    ##
-    ## Set the minimum informational entropy for passwords.
-    ##
-    ##   password_strength: 32
-    ##
-    ## After successful registration, the user receives
-    ## a message with this subject and body.
-    ##
-    ##   welcome_message:
-    ##     subject: "Welcome!"
-    ##     body: |-
-    ##       Hi.
-    ##       Welcome to this XMPP server.
-    ##
-    ## When a user registers, send a notification to
-    ## these XMPP accounts.
-    ##
-    ##   registration_watchers:
-    ##     - "admin1@example.org"
-    ##
-    ## Only clients in the server machine can register accounts
-    ##
-    ##   ip_access: trusted_network
-    ##
-    ## Local c2s or remote s2s users cannot register accounts
-    ##
-    ##   access_from: deny
-    ##   access: register
-  mod_roster: {}
-  mod_shared_roster: {}
-  mod_stats: {}
-  mod_time: {}
-  mod_vcard:
-    search: false
-  mod_vcard_xupdate: {}
-  ## Convert all avatars posted by Android clients from WebP to JPEG
-  ## mod_avatar:  # this module needs compile option --enable-graphics
-  ##   convert:
-  ##     webp: jpeg
-  mod_version: {}
-  mod_stream_mgmt: {}
-  ##   Non-SASL Authentication (XEP-0078) is now disabled by default
-  ##   because it's obsoleted and is used mostly by abandoned
-  ##   client software
-  ## mod_legacy_auth: {}
-  ##   The module for S2S dialback (XEP-0220). Please note that you cannot
-  ##   rely solely on dialback if you want to federate with other servers,
-  ##   because a lot of servers have dialback disabled and instead rely on
-  ##   PKIX authentication. Make sure you have proper certificates installed
-  ##   and check your accessibility at https://check.messaging.one/
+  mod_register:
+    ## Only accept registration requests from the "trusted"
+    ## network (see access_rules section above).
+    ## Think twice before enabling registration from any
+    ## address. See the Jabber SPAM Manifesto for details:
+    ## https://github.com/ge0rg/jabber-spam-fighting-manifesto
+    ip_access: trusted_network
+  mod_roster:
+    versioning: true
  mod_s2s_dialback: {}
-  mod_http_api: {}
+  mod_shared_roster: {}
+  mod_stream_mgmt:
+    resend_on_timeout: if_offline
+  mod_vcard: {}
+  mod_vcard_xupdate: {}
+  mod_version:
+    show_os: false

-##
-## Enable modules with custom options in a specific virtual host
-##
-## host_config:
-##   "localhost":
-##     modules:
-##       mod_echo:
-##         host: "mirror.localhost"
-
-##
-## Enable modules management via ejabberdctl for installation and
-## uninstallation of public/private contributed modules
-## (enabled by default)
-##
-
-allow_contrib_modules: true
-
-###.
-###'
 ### Local Variables:
 ### mode: yaml
 ### End:
-### vim: set filetype=yaml tabstop=8 foldmarker=###',###. foldmethod=marker:
+### vim: set filetype=yaml tabstop=8
@@ -33,10 +33,10 @@
 # from a client or from another Jabber server. So take this into
 # account when setting this limit.
 #
-# Default: 32000
+# Default: 65536 (or 8196 on Windows)
 # Maximum: 268435456
 #
-#ERL_MAX_PORTS=32000
+#ERL_MAX_PORTS=65536

 #.
 #' FIREWALL_WINDOW: Range of allowed ports to pass through a firewall
@@ -85,10 +85,10 @@
 # Erlang, and therefore not related to the operating system processes, you do
 # not have to worry about allowing a huge number of them.
 #
-# Default: 250000
+# Default: 262144
 # Maximum: 268435456
 #
-#ERL_PROCESSES=250000
+#ERL_PROCESSES=262144

 #.
 #' ERL_MAX_ETS_TABLES: Maximum number of ETS and Mnesia tables
@@ -99,9 +99,9 @@
 # You can safely increase this limit when starting ejabberd. It impacts memory
 # consumption but the difference will be quite small.
 #
-# Default: 1400
+# Default: 2053
 #
-#ERL_MAX_ETS_TABLES=1400
+#ERL_MAX_ETS_TABLES=2053

 #.
 #' ERL_OPTIONS: Additional Erlang options
@@ -27,7 +27,7 @@ case $(id -un) in
            EXEC_CMD="as_install_user"
        else
            EXEC_CMD="as_current_user"
-            echo "WARNING: This is not recommended to run ejabberd as root" >&2
+            echo "WARNING: It is not recommended to run ejabberd as root" >&2
        fi
        ;;
    *)
@@ -41,19 +41,17 @@ case $(id -un) in
 esac

 # parse command line parameters
-for arg; do
-    case $arg in
-        -n|--node) ERLANG_NODE_ARG=$2; shift;;
-        -s|--spool) SPOOL_DIR=$2; shift;;
-        -l|--logs) LOGS_DIR=$2; shift;;
-        -f|--config) EJABBERD_CONFIG_PATH=$2; shift;;
-        -c|--ctl-config) EJABBERDCTL_CONFIG_PATH=$2; shift;;
-        -d|--config-dir) ETC_DIR=$2; shift;;
-        -t|--no-timeout) NO_TIMEOUT="--no-timeout";;
-        --) :;;
+while [ $# -gt 0 ]; do
+    case $1 in
+        -n|--node) ERLANG_NODE_ARG=$2; shift 2;;
+        -s|--spool) SPOOL_DIR=$2; shift 2;;
+        -l|--logs) LOGS_DIR=$2; shift 2;;
+        -f|--config) EJABBERD_CONFIG_PATH=$2; shift 2;;
+        -c|--ctl-config) EJABBERDCTL_CONFIG_PATH=$2; shift 2;;
+        -d|--config-dir) ETC_DIR=$2; shift 2;;
+        -t|--no-timeout) NO_TIMEOUT="--no-timeout"; shift;;
        *) break;;
    esac
-    shift
 done

 # define ejabberd variables if not already defined from the command line
@@ -263,7 +261,7 @@ cd "$SPOOL_DIR" || {
 case $1 in
    start)
        check_start
-        exec_erl "$ERLANG_NODE" $EJABBERD_OPTS -noinput -detached
+        exec_erl "$ERLANG_NODE" $EJABBERD_OPTS -detached
        ;;
    foreground)
        check_start
@@ -70,7 +70,7 @@ done
 echo '7. compile ejabberd'

 gmake
-for A in mod_irc mod_muc mod_pubsub; do
+for A in mod_muc mod_pubsub; do
    (cd $A; gmake)
 done

@@ -51,7 +51,6 @@ override_acls.
           {mod_offline,   []},
           {mod_echo,      [{host, "echo.jabber.dbc.mtview.ca.us"}]},
           {mod_private,   []},
-%          {mod_irc,       []},
           {mod_muc,       []},
           {mod_pubsub,    []},
           {mod_time,      []},
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2018   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2018   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -1,72 +0,0 @@
-%%%----------------------------------------------------------------------
-%%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
-%%%
-%%% This program is free software; you can redistribute it and/or
-%%% modify it under the terms of the GNU General Public License as
-%%% published by the Free Software Foundation; either version 2 of the
-%%% License, or (at your option) any later version.
-%%%
-%%% This program is distributed in the hope that it will be useful,
-%%% but WITHOUT ANY WARRANTY; without even the implied warranty of
-%%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-%%% General Public License for more details.
-%%%
-%%% You should have received a copy of the GNU General Public License along
-%%% with this program; if not, write to the Free Software Foundation, Inc.,
-%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-%%%
-%%%----------------------------------------------------------------------
-
-ifndef(EJABBERD_HRL).
-define(EJABBERD_HRL, true).
-
-define(VERSION, ejabberd_config:get_version()).
-
-define(MYHOSTS, ejabberd_config:get_myhosts()).
-
-define(MYNAME, hd(ejabberd_config:get_myhosts())).
-
-define(MYLANG, ejabberd_config:get_mylang()).
-
-define(MSGS_DIR, filename:join(["priv", "msgs"])).
-
-define(SQL_DIR, filename:join(["priv", "sql"])).
-
-define(CONFIG_PATH, <<"ejabberd.yml">>).
-
-define(LOG_PATH, "ejabberd.log").
-
-define(EJABBERD_URI, <<"http://www.process-one.net/en/ejabberd/">>).
-
-define(COPYRIGHT, "Copyright (c) 2002-2017 ProcessOne").
-
-%%-define(DBGFSM, true).
-
-record(scram,
-	{storedkey = <<"">>,
-         serverkey = <<"">>,
-         salt = <<"">>,
-         iterationcount = 0 :: integer()}).
-
-type scram() :: #scram{}.
-
-define(SCRAM_DEFAULT_ITERATION_COUNT, 4096).
-
-ifdef(ERL_DEPRECATED_TYPES).
-
-define(TDICT, dict()).
-define(TGB_TREE, gb_tree()).
-define(TGB_SET, gb_set()).
-define(TQUEUE, queue()).
-
-else.
-
-define(TDICT, dict:dict()).
-define(TGB_TREE, gb_trees:tree()).
-define(TGB_SET, gb_sets:set()).
-define(TQUEUE, queue:queue()).
-
-endif.
-
-endif.
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2018   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2018   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2018   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2018   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2018   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -31,7 +31,10 @@
 	 port = 5280       :: inet:port_number(),
 	 opts = []         :: list(),
 	 tp = http         :: protocol(),
-	 headers = []      :: [{atom() | binary(), binary()}]}).
+	 headers = []      :: [{atom() | binary(), binary()}],
+	 length = 0        :: non_neg_integer(),
+	 sockmod           :: gen_tcp | fast_tls,
+	 socket            :: inet:socket() | fast_tls:tls_socket()}).

 -record(ws,
 	{socket                  :: inet:socket() | fast_tls:tls_socket(),
@@ -46,6 +49,6 @@
 	 buf                     :: binary(),
         http_opts = []          :: list()}).

-type method() :: 'GET' | 'HEAD' | 'DELETE' | 'OPTIONS' | 'PUT' | 'POST' | 'TRACE'.
+-type method() :: 'GET' | 'HEAD' | 'DELETE' | 'OPTIONS' | 'PUT' | 'POST' | 'TRACE' | 'PATCH'.
 -type protocol() :: http | https.
 -type http_request() :: #request{}.
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2018   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2018   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2018   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2018   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2018   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2018   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -1,501 +0,0 @@
-%%%----------------------------------------------------------------------
-%%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
-%%%
-%%% This program is free software; you can redistribute it and/or
-%%% modify it under the terms of the GNU General Public License as
-%%% published by the Free Software Foundation; either version 2 of the
-%%% License, or (at your option) any later version.
-%%%
-%%% This program is distributed in the hope that it will be useful,
-%%% but WITHOUT ANY WARRANTY; without even the implied warranty of
-%%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-%%% General Public License for more details.
-%%%
-%%% You should have received a copy of the GNU General Public License along
-%%% with this program; if not, write to the Free Software Foundation, Inc.,
-%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-%%%
-%%%----------------------------------------------------------------------
-
-include("ns.hrl").
-include("fxml.hrl").
-
-define(STANZA_ERROR(Code, Type, Condition),
-	#xmlel{name = <<"error">>,
-	       attrs = [{<<"code">>, Code}, {<<"type">>, Type}],
-	       children =
-		   [#xmlel{name = Condition,
-			   attrs = [{<<"xmlns">>, ?NS_STANZAS}],
-			   children = []}]}).
-
-define(ERR_BAD_FORMAT,
-	?STANZA_ERROR(<<"406">>, <<"modify">>,
-		      <<"bad-format">>)).
-
-define(ERR_BAD_REQUEST,
-	?STANZA_ERROR(<<"400">>, <<"modify">>,
-		      <<"bad-request">>)).
-
-define(ERR_CONFLICT,
-	?STANZA_ERROR(<<"409">>, <<"cancel">>, <<"conflict">>)).
-
-define(ERR_FEATURE_NOT_IMPLEMENTED,
-	?STANZA_ERROR(<<"501">>, <<"cancel">>,
-		      <<"feature-not-implemented">>)).
-
-define(ERR_FORBIDDEN,
-	?STANZA_ERROR(<<"403">>, <<"auth">>, <<"forbidden">>)).
-
-define(ERR_GONE,
-	?STANZA_ERROR(<<"302">>, <<"modify">>, <<"gone">>)).
-
-define(ERR_INTERNAL_SERVER_ERROR,
-	?STANZA_ERROR(<<"500">>, <<"wait">>,
-		      <<"internal-server-error">>)).
-
-define(ERR_ITEM_NOT_FOUND,
-	?STANZA_ERROR(<<"404">>, <<"cancel">>,
-		      <<"item-not-found">>)).
-
-define(ERR_JID_MALFORMED,
-	?STANZA_ERROR(<<"400">>, <<"modify">>,
-		      <<"jid-malformed">>)).
-
-define(ERR_NOT_ACCEPTABLE,
-	?STANZA_ERROR(<<"406">>, <<"modify">>,
-		      <<"not-acceptable">>)).
-
-define(ERR_NOT_ALLOWED,
-	?STANZA_ERROR(<<"405">>, <<"cancel">>,
-		      <<"not-allowed">>)).
-
-define(ERR_NOT_AUTHORIZED,
-	?STANZA_ERROR(<<"401">>, <<"auth">>,
-		      <<"not-authorized">>)).
-
-define(ERR_PAYMENT_REQUIRED,
-	?STANZA_ERROR(<<"402">>, <<"auth">>,
-		      <<"payment-required">>)).
-
-define(ERR_RECIPIENT_UNAVAILABLE,
-	?STANZA_ERROR(<<"404">>, <<"wait">>,
-		      <<"recipient-unavailable">>)).
-
-define(ERR_REDIRECT,
-	?STANZA_ERROR(<<"302">>, <<"modify">>, <<"redirect">>)).
-
-define(ERR_REGISTRATION_REQUIRED,
-	?STANZA_ERROR(<<"407">>, <<"auth">>,
-		      <<"registration-required">>)).
-
-define(ERR_REMOTE_SERVER_NOT_FOUND,
-	?STANZA_ERROR(<<"404">>, <<"cancel">>,
-		      <<"remote-server-not-found">>)).
-
-define(ERR_REMOTE_SERVER_TIMEOUT,
-	?STANZA_ERROR(<<"504">>, <<"wait">>,
-		      <<"remote-server-timeout">>)).
-
-define(ERR_RESOURCE_CONSTRAINT,
-	?STANZA_ERROR(<<"500">>, <<"wait">>,
-		      <<"resource-constraint">>)).
-
-define(ERR_SERVICE_UNAVAILABLE,
-	?STANZA_ERROR(<<"503">>, <<"cancel">>,
-		      <<"service-unavailable">>)).
-
-define(ERR_SUBSCRIPTION_REQUIRED,
-	?STANZA_ERROR(<<"407">>, <<"auth">>,
-		      <<"subscription-required">>)).
-
-define(ERR_UNEXPECTED_REQUEST,
-	?STANZA_ERROR(<<"400">>, <<"wait">>,
-		      <<"unexpected-request">>)).
-
-define(ERR_UNEXPECTED_REQUEST_CANCEL,
-	?STANZA_ERROR(<<"401">>, <<"cancel">>,
-		      <<"unexpected-request">>)).
-
-%-define(ERR_,
-%	?STANZA_ERROR("", "", "")).
-
-define(STANZA_ERRORT(Code, Type, Condition, Lang,
-		      Text),
-	#xmlel{name = <<"error">>,
-	       attrs = [{<<"code">>, Code}, {<<"type">>, Type}],
-	       children =
-		   [#xmlel{name = Condition,
-			   attrs = [{<<"xmlns">>, ?NS_STANZAS}], children = []},
-		    #xmlel{name = <<"text">>,
-			   attrs = [{<<"xmlns">>, ?NS_STANZAS}],
-			   children =
-			       [{xmlcdata,
-				 translate:translate(Lang, Text)}]}]}).
-
-define(ERRT_BAD_FORMAT(Lang, Text),
-	?STANZA_ERRORT(<<"406">>, <<"modify">>,
-		       <<"bad-format">>, Lang, Text)).
-
-define(ERRT_BAD_REQUEST(Lang, Text),
-	?STANZA_ERRORT(<<"400">>, <<"modify">>,
-		       <<"bad-request">>, Lang, Text)).
-
-define(ERRT_CONFLICT(Lang, Text),
-	?STANZA_ERRORT(<<"409">>, <<"cancel">>, <<"conflict">>,
-		       Lang, Text)).
-
-define(ERRT_FEATURE_NOT_IMPLEMENTED(Lang, Text),
-	?STANZA_ERRORT(<<"501">>, <<"cancel">>,
-		       <<"feature-not-implemented">>, Lang, Text)).
-
-define(ERRT_FORBIDDEN(Lang, Text),
-	?STANZA_ERRORT(<<"403">>, <<"auth">>, <<"forbidden">>,
-		       Lang, Text)).
-
-define(ERRT_GONE(Lang, Text),
-	?STANZA_ERRORT(<<"302">>, <<"modify">>, <<"gone">>,
-		       Lang, Text)).
-
-define(ERRT_INTERNAL_SERVER_ERROR(Lang, Text),
-	?STANZA_ERRORT(<<"500">>, <<"wait">>,
-		       <<"internal-server-error">>, Lang, Text)).
-
-define(ERRT_ITEM_NOT_FOUND(Lang, Text),
-	?STANZA_ERRORT(<<"404">>, <<"cancel">>,
-		       <<"item-not-found">>, Lang, Text)).
-
-define(ERRT_JID_MALFORMED(Lang, Text),
-	?STANZA_ERRORT(<<"400">>, <<"modify">>,
-		       <<"jid-malformed">>, Lang, Text)).
-
-define(ERRT_NOT_ACCEPTABLE(Lang, Text),
-	?STANZA_ERRORT(<<"406">>, <<"modify">>,
-		       <<"not-acceptable">>, Lang, Text)).
-
-define(ERRT_NOT_ALLOWED(Lang, Text),
-	?STANZA_ERRORT(<<"405">>, <<"cancel">>,
-		       <<"not-allowed">>, Lang, Text)).
-
-define(ERRT_NOT_AUTHORIZED(Lang, Text),
-	?STANZA_ERRORT(<<"401">>, <<"auth">>,
-		       <<"not-authorized">>, Lang, Text)).
-
-define(ERRT_PAYMENT_REQUIRED(Lang, Text),
-	?STANZA_ERRORT(<<"402">>, <<"auth">>,
-		       <<"payment-required">>, Lang, Text)).
-
-define(ERRT_RECIPIENT_UNAVAILABLE(Lang, Text),
-	?STANZA_ERRORT(<<"404">>, <<"wait">>,
-		       <<"recipient-unavailable">>, Lang, Text)).
-
-define(ERRT_REDIRECT(Lang, Text),
-	?STANZA_ERRORT(<<"302">>, <<"modify">>, <<"redirect">>,
-		       Lang, Text)).
-
-define(ERRT_REGISTRATION_REQUIRED(Lang, Text),
-	?STANZA_ERRORT(<<"407">>, <<"auth">>,
-		       <<"registration-required">>, Lang, Text)).
-
-define(ERRT_REMOTE_SERVER_NOT_FOUND(Lang, Text),
-	?STANZA_ERRORT(<<"404">>, <<"cancel">>,
-		       <<"remote-server-not-found">>, Lang, Text)).
-
-define(ERRT_REMOTE_SERVER_TIMEOUT(Lang, Text),
-	?STANZA_ERRORT(<<"504">>, <<"wait">>,
-		       <<"remote-server-timeout">>, Lang, Text)).
-
-define(ERRT_RESOURCE_CONSTRAINT(Lang, Text),
-	?STANZA_ERRORT(<<"500">>, <<"wait">>,
-		       <<"resource-constraint">>, Lang, Text)).
-
-define(ERRT_SERVICE_UNAVAILABLE(Lang, Text),
-	?STANZA_ERRORT(<<"503">>, <<"cancel">>,
-		       <<"service-unavailable">>, Lang, Text)).
-
-define(ERRT_SUBSCRIPTION_REQUIRED(Lang, Text),
-	?STANZA_ERRORT(<<"407">>, <<"auth">>,
-		       <<"subscription-required">>, Lang, Text)).
-
-define(ERRT_UNEXPECTED_REQUEST(Lang, Text),
-	?STANZA_ERRORT(<<"400">>, <<"wait">>,
-		       <<"unexpected-request">>, Lang, Text)).
-
-define(ERR_AUTH_NO_RESOURCE_PROVIDED(Lang),
-	?ERRT_NOT_ACCEPTABLE(Lang, <<"No resource provided">>)).
-
-define(ERR_AUTH_BAD_RESOURCE_FORMAT(Lang),
-	?ERRT_NOT_ACCEPTABLE(Lang,
-			     <<"Illegal resource format">>)).
-
-define(ERR_AUTH_RESOURCE_CONFLICT(Lang),
-	?ERRT_CONFLICT(Lang, <<"Resource conflict">>)).
-
-define(STREAM_ERROR(Condition, Cdata),
-	#xmlel{name = <<"stream:error">>, attrs = [],
-	       children =
-		   [#xmlel{name = Condition,
-			   attrs = [{<<"xmlns">>, ?NS_STREAMS}],
-			   children = [{xmlcdata, Cdata}]}]}).
-
-define(SERR_BAD_FORMAT,
-	?STREAM_ERROR(<<"bad-format">>, <<"">>)).
-
-define(SERR_BAD_NAMESPACE_PREFIX,
-	?STREAM_ERROR(<<"bad-namespace-prefix">>, <<"">>)).
-
-define(SERR_CONFLICT,
-	?STREAM_ERROR(<<"conflict">>, <<"">>)).
-
-define(SERR_CONNECTION_TIMEOUT,
-	?STREAM_ERROR(<<"connection-timeout">>, <<"">>)).
-
-define(SERR_HOST_GONE,
-	?STREAM_ERROR(<<"host-gone">>, <<"">>)).
-
-define(SERR_HOST_UNKNOWN,
-	?STREAM_ERROR(<<"host-unknown">>, <<"">>)).
-
-define(SERR_IMPROPER_ADDRESSING,
-	?STREAM_ERROR(<<"improper-addressing">>, <<"">>)).
-
-define(SERR_INTERNAL_SERVER_ERROR,
-	?STREAM_ERROR(<<"internal-server-error">>, <<"">>)).
-
-define(SERR_INVALID_FROM,
-	?STREAM_ERROR(<<"invalid-from">>, <<"">>)).
-
-define(SERR_INVALID_ID,
-	?STREAM_ERROR(<<"invalid-id">>, <<"">>)).
-
-define(SERR_INVALID_NAMESPACE,
-	?STREAM_ERROR(<<"invalid-namespace">>, <<"">>)).
-
-define(SERR_INVALID_XML,
-	?STREAM_ERROR(<<"invalid-xml">>, <<"">>)).
-
-define(SERR_NOT_AUTHORIZED,
-	?STREAM_ERROR(<<"not-authorized">>, <<"">>)).
-
-define(SERR_POLICY_VIOLATION,
-	?STREAM_ERROR(<<"policy-violation">>, <<"">>)).
-
-define(SERR_REMOTE_CONNECTION_FAILED,
-	?STREAM_ERROR(<<"remote-connection-failed">>, <<"">>)).
-
-define(SERR_RESOURSE_CONSTRAINT,
-	?STREAM_ERROR(<<"resource-constraint">>, <<"">>)).
-
-define(SERR_RESTRICTED_XML,
-	?STREAM_ERROR(<<"restricted-xml">>, <<"">>)).
-
-define(SERR_SEE_OTHER_HOST(Host),
-	?STREAM_ERROR(<<"see-other-host">>, Host)).
-
-define(SERR_SYSTEM_SHUTDOWN,
-	?STREAM_ERROR(<<"system-shutdown">>, <<"">>)).
-
-define(SERR_UNSUPPORTED_ENCODING,
-	?STREAM_ERROR(<<"unsupported-encoding">>, <<"">>)).
-
-define(SERR_UNSUPPORTED_STANZA_TYPE,
-	?STREAM_ERROR(<<"unsupported-stanza-type">>, <<"">>)).
-
-define(SERR_UNSUPPORTED_VERSION,
-	?STREAM_ERROR(<<"unsupported-version">>, <<"">>)).
-
-define(SERR_XML_NOT_WELL_FORMED,
-	?STREAM_ERROR(<<"xml-not-well-formed">>, <<"">>)).
-
-%-define(SERR_,
-%	?STREAM_ERROR("", "")).
-
-define(STREAM_ERRORT(Condition, Cdata, Lang, Text),
-	#xmlel{name = <<"stream:error">>, attrs = [],
-	       children =
-		   [#xmlel{name = Condition,
-			   attrs = [{<<"xmlns">>, ?NS_STREAMS}],
-			   children = [{xmlcdata, Cdata}]},
-		    #xmlel{name = <<"text">>,
-			   attrs =
-			       [{<<"xml:lang">>, Lang},
-				{<<"xmlns">>, ?NS_STREAMS}],
-			   children =
-			       [{xmlcdata,
-				 translate:translate(Lang, Text)}]}]}).
-
-define(SERRT_BAD_FORMAT(Lang, Text),
-	?STREAM_ERRORT(<<"bad-format">>, <<"">>, Lang, Text)).
-
-define(SERRT_BAD_NAMESPACE_PREFIX(Lang, Text),
-	?STREAM_ERRORT(<<"bad-namespace-prefix">>, <<"">>, Lang,
-		       Text)).
-
-define(SERRT_CONFLICT(Lang, Text),
-	?STREAM_ERRORT(<<"conflict">>, <<"">>, Lang, Text)).
-
-define(SERRT_CONNECTION_TIMEOUT(Lang, Text),
-	?STREAM_ERRORT(<<"connection-timeout">>, <<"">>, Lang,
-		       Text)).
-
-define(SERRT_HOST_GONE(Lang, Text),
-	?STREAM_ERRORT(<<"host-gone">>, <<"">>, Lang, Text)).
-
-define(SERRT_HOST_UNKNOWN(Lang, Text),
-	?STREAM_ERRORT(<<"host-unknown">>, <<"">>, Lang, Text)).
-
-define(SERRT_IMPROPER_ADDRESSING(Lang, Text),
-	?STREAM_ERRORT(<<"improper-addressing">>, <<"">>, Lang,
-		       Text)).
-
-define(SERRT_INTERNAL_SERVER_ERROR(Lang, Text),
-	?STREAM_ERRORT(<<"internal-server-error">>, <<"">>,
-		       Lang, Text)).
-
-define(SERRT_INVALID_FROM(Lang, Text),
-	?STREAM_ERRORT(<<"invalid-from">>, <<"">>, Lang, Text)).
-
-define(SERRT_INVALID_ID(Lang, Text),
-	?STREAM_ERRORT(<<"invalid-id">>, <<"">>, Lang, Text)).
-
-define(SERRT_INVALID_NAMESPACE(Lang, Text),
-	?STREAM_ERRORT(<<"invalid-namespace">>, <<"">>, Lang,
-		       Text)).
-
-define(SERRT_INVALID_XML(Lang, Text),
-	?STREAM_ERRORT(<<"invalid-xml">>, <<"">>, Lang, Text)).
-
-define(SERRT_NOT_AUTHORIZED(Lang, Text),
-	?STREAM_ERRORT(<<"not-authorized">>, <<"">>, Lang,
-		       Text)).
-
-define(SERRT_POLICY_VIOLATION(Lang, Text),
-	?STREAM_ERRORT(<<"policy-violation">>, <<"">>, Lang,
-		       Text)).
-
-define(SERRT_REMOTE_CONNECTION_FAILED(Lang, Text),
-	?STREAM_ERRORT(<<"remote-connection-failed">>, <<"">>,
-		       Lang, Text)).
-
-define(SERRT_RESOURSE_CONSTRAINT(Lang, Text),
-	?STREAM_ERRORT(<<"resource-constraint">>, <<"">>, Lang,
-		       Text)).
-
-define(SERRT_RESTRICTED_XML(Lang, Text),
-	?STREAM_ERRORT(<<"restricted-xml">>, <<"">>, Lang,
-		       Text)).
-
-define(SERRT_SEE_OTHER_HOST(Host, Lang, Text),
-	?STREAM_ERRORT(<<"see-other-host">>, Host, Lang, Text)).
-
-define(SERRT_SYSTEM_SHUTDOWN(Lang, Text),
-	?STREAM_ERRORT(<<"system-shutdown">>, <<"">>, Lang,
-		       Text)).
-
-define(SERRT_UNSUPPORTED_ENCODING(Lang, Text),
-	?STREAM_ERRORT(<<"unsupported-encoding">>, <<"">>, Lang,
-		       Text)).
-
-define(SERRT_UNSUPPORTED_STANZA_TYPE(Lang, Text),
-	?STREAM_ERRORT(<<"unsupported-stanza-type">>, <<"">>,
-		       Lang, Text)).
-
-define(SERRT_UNSUPPORTED_VERSION(Lang, Text),
-	?STREAM_ERRORT(<<"unsupported-version">>, <<"">>, Lang,
-		       Text)).
-
-define(SERRT_XML_NOT_WELL_FORMED(Lang, Text),
-	?STREAM_ERRORT(<<"xml-not-well-formed">>, <<"">>, Lang,
-		       Text)).
-
-record(jid, {user = <<"">> :: binary(),
-              server = <<"">> :: binary(),
-              resource = <<"">> :: binary(),
-              luser = <<"">> :: binary(),
-              lserver = <<"">> :: binary(),
-              lresource = <<"">> :: binary()}).
-
-type(jid() :: #jid{}).
-
-type(ljid() :: {binary(), binary(), binary()}).
-
-record(iq, {id = <<"">>       :: binary(),
-             type = get        :: get | set | result | error,
-             xmlns = <<"">>    :: binary(),
-             lang  = <<"">>    :: binary(),
-             sub_el = #xmlel{} :: xmlel() | [xmlel()]}).
-
-type(iq_get()
-  :: #iq{
-         id     :: binary(),
-         type   :: get,
-         xmlns  :: binary(),
-         lang   :: binary(),
-         sub_el :: xmlel()
-     }
-).
-
-type(iq_set()
-  :: #iq{
-         id     :: binary(),
-         type   :: set,
-         xmlns  :: binary(),
-         lang   :: binary(),
-         sub_el :: xmlel()
-     }
-).
-
-type iq_request() :: iq_get() | iq_set().
-
-type(iq_result()
-  :: #iq{
-         id     :: binary(),
-         type   :: result,
-         xmlns  :: binary(),
-         lang   :: binary(),
-         sub_el :: [xmlel()]
-     }
-).
-
-type(iq_error()
-  :: #iq{
-         id     :: binary(),
-         type   :: error,
-         xmlns  :: binary(),
-         lang   :: binary(),
-         sub_el :: [xmlel()]
-     }
-).
-
-type iq_reply() :: iq_result() | iq_error() .
-
-type(iq() :: iq_request() | iq_reply()).
-
-record(rsm_in, {max :: integer() | error | undefined,
-                 direction :: before | aft | undefined,
-                 id :: binary() | undefined,
-                 index :: integer() | error | undefined}).
-
-record(rsm_out, {count :: integer() | undefined,
-                  index :: integer() | undefined,
-                  first :: binary() | undefined,
-                  last :: binary() | undefined}).
-
-type(rsm_in() :: #rsm_in{}).
-
-type(rsm_out() :: #rsm_out{}).
-
-type broadcast() :: {broadcast, broadcast_data()}.
-
-type broadcast_data() ::
-        {rebind, pid(), binary()} | %% ejabberd_c2s
-        {item, ljid(), mod_roster:subscription()} | %% mod_roster/mod_shared_roster
-        {exit, binary()} | %% mod_roster/mod_shared_roster
-        {privacy_list, mod_privacy:userlist(), binary()} | %% mod_privacy
-        {blocking, unblock_all | {block | unblock, [ljid()]}}. %% mod_blocking
-
-record(xmlelement, {name = ""     :: string(),
-                     attrs = []    :: [{string(), string()}],
-                     children = [] :: [{xmlcdata, iodata()} | xmlelement()]}).
-
-type xmlelement() :: #xmlelement{}.
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2018   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -42,3 +42,6 @@
            false -> ok;
            _ -> 'Elixir.Logger':bare_log(error, io_lib:format(Format, Args), [?MODULE])
        end).
+
+%% Uncomment if you want to debug p1_fsm/gen_fsm
+%%-define(DBGFSM, true).
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2018   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2018   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2018   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -1,35 +0,0 @@
-%%%----------------------------------------------------------------------
-%%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
-%%%
-%%% This program is free software; you can redistribute it and/or
-%%% modify it under the terms of the GNU General Public License as
-%%% published by the Free Software Foundation; either version 2 of the
-%%% License, or (at your option) any later version.
-%%%
-%%% This program is distributed in the hope that it will be useful,
-%%% but WITHOUT ANY WARRANTY; without even the implied warranty of
-%%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-%%% General Public License for more details.
-%%%
-%%% You should have received a copy of the GNU General Public License along
-%%% with this program; if not, write to the Free Software Foundation, Inc.,
-%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-%%%
-%%%----------------------------------------------------------------------
-
-type conn_param() :: {binary(), binary(), inet:port_number(), binary()} |
-                      {binary(), binary(), inet:port_number()} |
-                      {binary(), binary()} |
-                      {binary()}.
-
-type irc_data() :: [{username, binary()} | {connections_params, [conn_param()]}].
-
-record(irc_connection,
-        {jid_server_host = {#jid{}, <<"">>, <<"">>} :: {jid(), binary(), binary()},
-         pid = self()                               :: pid()}).
-
-record(irc_custom,
-        {us_host = {{<<"">>, <<"">>}, <<"">>} :: {{binary(), binary()},
-                                                  binary()},
-         data = [] :: irc_data()}).
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2018   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2018   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2018   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2018   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -18,8 +18,6 @@
 %%%
 %%%----------------------------------------------------------------------

-include("ejabberd.hrl").
-
 -define(MAX_USERS_DEFAULT, 200).

 -define(SETS, gb_sets).
@@ -63,9 +61,11 @@
    max_users                            = ?MAX_USERS_DEFAULT :: non_neg_integer() | none,
    logging                              = false :: boolean(),
    vcard                                = <<"">> :: binary(),
-    captcha_whitelist                    = (?SETS):empty() :: ?TGB_SET,
+    vcard_xupdate                        = undefined :: undefined | external | binary(),
+    captcha_whitelist                    = (?SETS):empty() :: gb_sets:set(),
    mam                                  = false :: boolean(),
-    pubsub                               = <<"">> :: binary()
+    pubsub                               = <<"">> :: binary(),
+    lang                                 = ejabberd_config:get_mylang() :: binary()
 }).

 -type config() :: #config{}.
@@ -105,13 +105,13 @@
    access                  = {none,none,none,none} :: {atom(), atom(), atom(), atom()},
    jid                     = #jid{} :: jid(),
    config                  = #config{} :: config(),
-    users                   = (?DICT):new() :: ?TDICT,
-    subscribers             = (?DICT):new() :: ?TDICT,
-    subscriber_nicks        = (?DICT):new() :: ?TDICT,
+    users                   = (?DICT):new() :: dict:dict(),
+    subscribers             = (?DICT):new() :: dict:dict(),
+    subscriber_nicks        = (?DICT):new() :: dict:dict(),
    last_voice_request_time = treap:empty() :: treap:treap(),
-    robots                  = (?DICT):new() :: ?TDICT,
-    nicks                   = (?DICT):new() :: ?TDICT,
-    affiliations            = (?DICT):new() :: ?TDICT,
+    robots                  = (?DICT):new() :: dict:dict(),
+    nicks                   = (?DICT):new() :: dict:dict(),
+    affiliations            = (?DICT):new() :: dict:dict(),
    history                 :: lqueue(),
    subject                 = [] :: [text()],
    subject_author          = <<"">> :: binary(),
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2018   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2018   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2018   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -2,7 +2,7 @@
 %%% RFC 1928 constants.
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2018   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -1,5 +1,5 @@
 %%%----------------------------------------------------------------------
-%%% ejabberd, Copyright (C) 2017   ProcessOne
+%%% ejabberd, Copyright (C) 2017-2018 ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2018   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2018   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2018   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2018   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2018   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -18,8 +18,6 @@
 %%%
 %%%----------------------------------------------------------------------

-include("ejabberd.hrl").
-
 %% -------------------------------
 %% Pubsub constants
 -define(ERR_EXTENDED(E, C), mod_pubsub:extended_error(E, C)).
@@ -131,13 +129,13 @@
    id                  ,% :: mod_pubsub:nodeIdx(),
    parents = []        ,% :: [mod_pubsub:nodeId(),...],
    type    = <<"flat">>,% :: binary(),
-    owners  = []        ,% :: [jlib:ljid(),...],
+    owners  = []        ,% :: [jid:ljid(),...],
    options = []        % :: mod_pubsub:nodeOptions()
 }).

 -record(pubsub_state,
 {
-    stateid               ,% :: {jlib:ljid(), mod_pubsub:nodeIdx()},
+    stateid               ,% :: {jid:ljid(), mod_pubsub:nodeIdx()},
    nodeidx               ,% :: mod_pubsub:nodeIdx(),
    items         = []    ,% :: [mod_pubsub:itemId(),...],
    affiliation   = 'none',% :: mod_pubsub:affiliation(),
@@ -148,8 +146,8 @@
 {
    itemid                           ,% :: {mod_pubsub:itemId(), mod_pubsub:nodeIdx()},
    nodeidx                          ,% :: mod_pubsub:nodeIdx(),
-    creation     = {unknown, unknown},% :: {erlang:timestamp(), jlib:ljid()},
-    modification = {unknown, unknown},% :: {erlang:timestamp(), jlib:ljid()},
+    creation     = {unknown, unknown},% :: {erlang:timestamp(), jid:ljid()},
+    modification = {unknown, unknown},% :: {erlang:timestamp(), jid:ljid()},
    payload      = []                % :: mod_pubsub:payload()
 }).

@@ -163,7 +161,7 @@
 {
    nodeid   ,% :: {binary(), mod_pubsub:nodeIdx()},
    itemid   ,% :: mod_pubsub:itemId(),
-    creation ,% :: {erlang:timestamp(), jlib:ljid()},
+    creation ,% :: {erlang:timestamp(), jid:ljid()},
    payload  % :: mod_pubsub:payload()
 }).

@@ -84,20 +84,3 @@ EOF
 	   AC_MSG_RESULT([ok])
 	fi
 ]) dnl ERLANG_VERSION_CHECK
-
-AC_DEFUN([ERLANG_DEPRECATED_TYPES_CHECK],
-[		AC_MSG_CHECKING([whether Erlang is using deprecated types])
-		cat > conftest.erl <<EOF
-module(conftest).
-
-record(state, {host = dict:new() :: dict:dict()}).
-EOF
-
-	if $ERLC conftest.erl > /dev/null 2>&1; then
-	   AC_MSG_RESULT([no])
-	   AC_SUBST(erlang_deprecated_types, false)
-	else
-	   AC_MSG_RESULT([yes])
-	   AC_SUBST(erlang_deprecated_types, true)
-	fi
-])
@@ -3,7 +3,7 @@ defmodule Ejabberd.Mixfile do

  def project do
    [app: :ejabberd,
-     version: "17.12.0",
+     version: "18.6.0",
     description: description(),
     elixir: "~> 1.4",
     elixirc_paths: ["lib"],
@@ -28,7 +28,8 @@ defmodule Ejabberd.Mixfile do
     applications: [:ssl, :os_mon],
     included_applications: [:lager, :mnesia, :inets, :p1_utils, :cache_tab,
                             :fast_tls, :stringprep, :fast_xml, :xmpp,
-                             :stun, :fast_yaml, :esip, :jiffy, :p1_oauth2, :fs]
+                             :stun, :fast_yaml, :esip, :jiffy, :p1_oauth2,
+                             :eimp, :base64url, :jose]
                         ++ cond_apps()]
  end

@@ -59,19 +60,23 @@ defmodule Ejabberd.Mixfile do
  defp deps do
    [{:lager, "~> 3.4.0"},
     {:p1_utils, "~> 1.0"},
-     {:fast_xml, "~> 1.1", manager: :rebar},
-     {:xmpp, "~> 1.1"},
+     {:fast_xml, "~> 1.1"},
+     {:xmpp, "~> 1.2"},
     {:cache_tab, "~> 1.0"},
     {:stringprep, "~> 1.0"},
     {:fast_yaml, "~> 1.0"},
     {:fast_tls, "~> 1.0"},
-     {:stun, github: "processone/stun", tag: "1.0.17", override: true, manager: :rebar},
-     {:esip, github: "processone/esip", tag: "1.0.18", override: true, manager: :rebar},
+     {:stun, "~> 1.0"},
+     {:esip, "~> 1.0"},
+     {:p1_mysql, "~> 1.0"},
+     {:p1_pgsql, "~> 1.1"},
     {:jiffy, "~> 0.14.7"},
     {:p1_oauth2, "~> 0.6.1"},
     {:distillery, "~> 1.0"},
     {:ex_doc, ">= 0.0.0", only: :dev},
-     {:fs, "~> 2.12.0"}]
+     {:eimp, "~> 1.0"},
+     {:base64url, "~> 0.0.1"},
+     {:jose, "~> 1.8"}]
    ++ cond_deps()
  end

@@ -84,18 +89,15 @@ defmodule Ejabberd.Mixfile do
  end

  defp cond_deps do
-    for {:true, dep} <- [{config(:mysql), {:p1_mysql, "~> 1.0"}},
-                         {config(:pgsql), {:p1_pgsql, "~> 1.1"}},
-                         {config(:sqlite), {:sqlite3, "~> 1.1"}},
+    for {:true, dep} <- [{config(:sqlite), {:sqlite3, "~> 1.1"}},
                         {config(:riak), {:riakc, "~> 2.4"}},
                         {config(:redis), {:eredis, "~> 1.0"}},
-                         {config(:zlib), {:ezlib, github: "processone/ezlib", tag: "1.0.3", override: true, manager: :rebar}},
+                         {config(:zlib), {:ezlib, "~> 1.0"}},
                         {config(:iconv), {:iconv, "~> 1.0"}},
                         {config(:pam), {:epam, "~> 1.0"}},
-                         {config(:tools), {:luerl, github: "rvirding/luerl", tag: "v0.2"}},
+                         {config(:tools), {:luerl, "~> 0.3.1"}},
                         {config(:tools), {:meck, "~> 0.8.4"}},
-                         {config(:tools), {:moka, github: "processone/moka", tag: "1.0.5c"}},
-                         {config(:graphics), {:eimp, github: "processone/eimp", tag: "1.0.1"}}], do:
+                         {config(:tools), {:moka, github: "processone/moka", tag: "1.0.5c"}}], do:
      dep
  end

@@ -105,8 +107,7 @@ defmodule Ejabberd.Mixfile do
                         {config(:pgsql), :p1_pgsql},
                         {config(:sqlite), :sqlite3},
                         {config(:zlib), :ezlib},
-                         {config(:iconv), :iconv},
-                         {config(:graphics), :eimp}], do:
+                         {config(:iconv), :iconv}], do:
      app
  end

@@ -124,7 +125,7 @@ defmodule Ejabberd.Mixfile do
  defp vars do
    case :file.consult("vars.config") do
      {:ok,config} -> config
-      _ -> [zlib: true, iconv: true]
+      _ -> [zlib: true, iconv: false]
    end
  end

@@ -1,27 +1,35 @@
-%{"cache_tab": {:hex, :cache_tab, "1.0.12", "a06a4ffbd4da8469791ba941512a6a45ed8c11865b4606a368e21b332da3638a", [:rebar3], [{:p1_utils, "1.0.10", [hex: :p1_utils, repo: "hexpm", optional: false]}], "hexpm"},
-  "distillery": {:hex, :distillery, "1.5.2", "eec18b2d37b55b0bcb670cf2bcf64228ed38ce8b046bb30a9b636a6f5a4c0080", [:mix], [], "hexpm"},
-  "earmark": {:hex, :earmark, "1.2.4", "99b637c62a4d65a20a9fb674b8cffb8baa771c04605a80c911c4418c69b75439", [:mix], [], "hexpm"},
-  "eimp": {:git, "https://github.com/processone/eimp.git", "23796118176be98195db9f831f17dde74d1553e1", [tag: "1.0.1"]},
+%{
+  "base64url": {:hex, :base64url, "0.0.1", "36a90125f5948e3afd7be97662a1504b934dd5dac78451ca6e9abf85a10286be", [:rebar], [], "hexpm"},
+  "cache_tab": {:hex, :cache_tab, "1.0.16", "0223820e5071d3252b9921db9dcc74a09ec8a660120271fdb47c3c40b6b52bee", [:rebar3], [{:p1_utils, "1.0.13", [hex: :p1_utils, repo: "hexpm", optional: false]}], "hexpm"},
+  "distillery": {:hex, :distillery, "1.5.3", "b2f4fc34ec71ab4f1202a796f9290e068883b042319aa8c9aa45377ecac8597a", [:mix], [], "hexpm"},
+  "earmark": {:hex, :earmark, "1.2.5", "4d21980d5d2862a2e13ec3c49ad9ad783ffc7ca5769cf6ff891a4553fbaae761", [:mix], [], "hexpm"},
+  "eimp": {:hex, :eimp, "1.0.9", "daf0d2904be3ef5e4128d946e158113cdb4d52555023746d29b83ce86b531f3c", [:rebar3], [{:p1_utils, "1.0.13", [hex: :p1_utils, repo: "hexpm", optional: false]}], "hexpm"},
+  "epam": {:hex, :epam, "1.0.4", "2a5e40cbf9b2cf41df515782894c3b33c81b8ad32fff2fc847c3f725071dfaed", [:rebar3], [], "hexpm"},
  "eredis": {:hex, :eredis, "1.1.0", "8d8d74496f35216679b97726b75fb1c8715e99dd7f3ef9f9824a2264c3e0aac0", [:rebar3], [], "hexpm"},
-  "esip": {:git, "https://github.com/processone/esip.git", "7f33f6ed81a058d151912d417c874a9ea87b0470", [tag: "1.0.18"]},
-  "ex_doc": {:hex, :ex_doc, "0.18.1", "37c69d2ef62f24928c1f4fdc7c724ea04aecfdf500c4329185f8e3649c915baf", [:mix], [{:earmark, "~> 1.1", [hex: :earmark, repo: "hexpm", optional: false]}], "hexpm"},
-  "ezlib": {:git, "https://github.com/processone/ezlib.git", "ec6491d788436bb096022843e6ec7f58d2973ae3", [tag: "1.0.3"]},
-  "fast_tls": {:hex, :fast_tls, "1.0.18", "8be28c77ff1c1123e436cacaac39f850ea14a588abc09205b2813c5cb610d784", [], [{:p1_utils, "1.0.10", [hex: :p1_utils, repo: "hexpm", optional: false]}], "hexpm"},
-  "fast_xml": {:hex, :fast_xml, "1.1.26", "ffa4e0ab68b44f1f9eb7a93b04f2563825cada881c010dfc0586979ac1edf7d0", [], [{:p1_utils, "1.0.10", [hex: :p1_utils, repo: "hexpm", optional: false]}], "hexpm"},
-  "fast_yaml": {:hex, :fast_yaml, "1.0.12", "ee8527d388255cf7a24fc1e6cb2d09dca4e506966dd9d86e61d3d90f236a3e2e", [], [{:p1_utils, "1.0.10", [hex: :p1_utils, repo: "hexpm", optional: false]}], "hexpm"},
-  "fs": {:hex, :fs, "2.12.0", "ad631efacc9a5683c8eaa1b274e24fa64a1b8eb30747e9595b93bec7e492e25e", [:rebar3], [], "hexpm"},
+  "esip": {:hex, :esip, "1.0.26", "b50c92f8ac3e8e8ba901f0a6cc7e0e47fdc832b0f3044eddb6032ca26845cf97", [:rebar3], [{:fast_tls, "1.0.25", [hex: :fast_tls, repo: "hexpm", optional: false]}, {:p1_utils, "1.0.13", [hex: :p1_utils, repo: "hexpm", optional: false]}, {:stun, "1.0.25", [hex: :stun, repo: "hexpm", optional: false]}], "hexpm"},
+  "ex_doc": {:hex, :ex_doc, "0.18.3", "f4b0e4a2ec6f333dccf761838a4b253d75e11f714b85ae271c9ae361367897b7", [:mix], [{:earmark, "~> 1.1", [hex: :earmark, repo: "hexpm", optional: false]}], "hexpm"},
+  "ezlib": {:hex, :ezlib, "1.0.4", "2434e4bb549cb060d5ac02261ba48fbe1a69b2ae4e1bf7485a3b27b3f3ec618d", [:rebar3], [], "hexpm"},
+  "fast_tls": {:hex, :fast_tls, "1.0.25", "cbf875fe709d6fd03d3266c920bfe15f4d22736535d73421300cebf9d86bd851", [:rebar3], [{:p1_utils, "1.0.13", [hex: :p1_utils, repo: "hexpm", optional: false]}], "hexpm"},
+  "fast_xml": {:hex, :fast_xml, "1.1.34", "d76fc639d3607a44c4f0fb2dfdee1067b6c37b02b39706d8f067cb77eb2f6016", [:rebar3], [{:p1_utils, "1.0.13", [hex: :p1_utils, repo: "hexpm", optional: false]}], "hexpm"},
+  "fast_yaml": {:hex, :fast_yaml, "1.0.17", "e945ef64e0cb7c311c7b42804dbe32a24e13a2afc0ffe249b7e0f9f9ac08e176", [:rebar3], [{:p1_utils, "1.0.13", [hex: :p1_utils, repo: "hexpm", optional: false]}], "hexpm"},
  "goldrush": {:hex, :goldrush, "0.1.9", "f06e5d5f1277da5c413e84d5a2924174182fb108dabb39d5ec548b27424cd106", [:rebar3], [], "hexpm"},
  "hamcrest": {:hex, :basho_hamcrest, "0.4.1", "fb7b2c92d252a1e9db936750b86089addaebeb8f87967fb4bbdda61e8863338e", [:make, :mix, :rebar3], [], "hexpm"},
-  "iconv": {:hex, :iconv, "1.0.6", "3b424a80039059767f1037dc6a49ff07c2f88df14068c16dc938c4f377a77b4c", [:rebar3], [{:p1_utils, "1.0.10", [hex: :p1_utils, repo: "hexpm", optional: false]}], "hexpm"},
-  "jiffy": {:hex, :jiffy, "0.14.11", "919a87d491c5a6b5e3bbc27fafedc3a0761ca0b4c405394f121f582fd4e3f0e5", [:rebar3], [], "hexpm"},
+  "iconv": {:hex, :iconv, "1.0.10", "fc7de75c0a1fbc1e4ed0c68637ae7464a5dd9eee81710fff26321922d144ecea", [:rebar3], [{:p1_utils, "1.0.13", [hex: :p1_utils, repo: "hexpm", optional: false]}], "hexpm"},
+  "jiffy": {:hex, :jiffy, "0.14.13", "225a9a35e26417832c611526567194b4d3adc4f0dfa5f2f7008f4684076f2a01", [:rebar3], [], "hexpm"},
+  "jose": {:hex, :jose, "1.8.4", "7946d1e5c03a76ac9ef42a6e6a20001d35987afd68c2107bcd8f01a84e75aa73", [:mix, :rebar3], [{:base64url, "~> 0.0.1", [hex: :base64url, repo: "hexpm", optional: false]}], "hexpm"},
  "lager": {:hex, :lager, "3.4.2", "150b9a17b23ae6d3265cc10dc360747621cf217b7a22b8cddf03b2909dbf7aa5", [:rebar3], [{:goldrush, "0.1.9", [hex: :goldrush, repo: "hexpm", optional: false]}], "hexpm"},
-  "p1_mysql": {:hex, :p1_mysql, "1.0.4", "7b9d7957a9d031813a0e6bcea5a7f5e91b54db805a92709a445cf75cf934bc1d", [:rebar3], [], "hexpm"},
-  "p1_oauth2": {:hex, :p1_oauth2, "0.6.2", "cc381038920e3d34ef32aa10ba7eb637bdff38a946748c4fd99329ff484a3889", [:rebar3], [], "hexpm"},
-  "p1_pgsql": {:hex, :p1_pgsql, "1.1.4", "eadbbddee8d52145694bf86bdfe8c1ae8353a55e152410146b8c2711756d6041", [:rebar3], [], "hexpm"},
-  "p1_utils": {:hex, :p1_utils, "1.0.10", "a6d6927114bac79cf6468a10824125492034af7071adc6ed5ebc4ddb443845d4", [:rebar3], [], "hexpm"},
+  "luerl": {:hex, :luerl, "0.3.1", "5412807630aac1aaf59ffe5a1bc09259c447b4faeb1d3fe2d4ef41b87676cb04", [:rebar3], [], "hexpm"},
+  "meck": {:hex, :meck, "0.8.10", "455aaef8403be46752272206613e7a15467c014d40994b22fb54cde4d1ff7075", [:rebar3], [], "hexpm"},
+  "moka": {:git, "https://github.com/processone/moka.git", "3eed3a6dd7dedb70a6cd18f86c7561a18626eb3b", [tag: "1.0.5c"]},
+  "p1_mysql": {:hex, :p1_mysql, "1.0.7", "9fbadf8fa283ae8657faa4f6bbe13f2e3b9da0cdcfbc699cfc120d0905282056", [:rebar3], [], "hexpm"},
+  "p1_oauth2": {:hex, :p1_oauth2, "0.6.3", "fbd91ba86bd7f03d2a4f6e62affa86bab9930abfd6b473d61eefb148f246cd46", [:rebar3], [], "hexpm"},
+  "p1_pgsql": {:hex, :p1_pgsql, "1.1.6", "631004602b06ca6f55d759001f180185685c7097e583f3b0f7dd9b8e05ba5db1", [:rebar3], [], "hexpm"},
+  "p1_utils": {:hex, :p1_utils, "1.0.13", "176577cafb54a8c2fdc0a7fc62b9a21ab0f66588f4062792cd9e65f3e500bfdb", [:rebar3], [], "hexpm"},
  "riak_pb": {:hex, :riak_pb, "2.3.2", "48ffbf66dbb3f136ab9a7134bac4e496754baa5ef58c4f50a61326736d996390", [:make, :mix, :rebar3], [{:hamcrest, "~> 0.4.1", [hex: :basho_hamcrest, repo: "hexpm", optional: false]}], "hexpm"},
  "riakc": {:hex, :riakc, "2.5.3", "6132d9e687a0dfd314b2b24c4594302ca8b55568a5d733c491d8fb6cd4004763", [:make, :mix, :rebar3], [{:riak_pb, "~> 2.3", [hex: :riak_pb, repo: "hexpm", optional: false]}], "hexpm"},
-  "sqlite3": {:hex, :sqlite3, "1.1.5", "794738b6d07b6d36ec6d42492cb9d629bad9cf3761617b8b8d728e765db19840", [:rebar3], [], "hexpm"},
-  "stringprep": {:hex, :stringprep, "1.0.10", "552d784eb60652220fce9131f8bb0ebc62fdffd6482c4f08f2e7d61300227c28", [:rebar3], [{:p1_utils, "1.0.10", [hex: :p1_utils, repo: "hexpm", optional: false]}], "hexpm"},
-  "stun": {:git, "https://github.com/processone/stun.git", "b4d3fe315f46ae6ad16f4dc0bfe0a3ebb6e3aee6", [tag: "1.0.17"]},
-  "xmpp": {:hex, :xmpp, "1.1.17", "d4a6dcd3de7ddbe40f8a2ee1fff0d5e88314bbd90e783f1cbdc6b8e093e96a50", [:rebar3], [{:fast_xml, "1.1.26", [hex: :fast_xml, repo: "hexpm", optional: false]}, {:p1_utils, "1.0.10", [hex: :p1_utils, repo: "hexpm", optional: false]}, {:stringprep, "1.0.10", [hex: :stringprep, repo: "hexpm", optional: false]}], "hexpm"}}
+  "samerlib": {:git, "https://github.com/processone/samerlib", "fbbba035b1548ac4e681df00d61bf609645333a0", [tag: "0.8.0c"]},
+  "sqlite3": {:hex, :sqlite3, "1.1.6", "4ea71af0b45908b5f02c9b09e4c87177039ef404f20accb35049cd8924cc417c", [:rebar3], [], "hexpm"},
+  "stringprep": {:hex, :stringprep, "1.0.14", "230a2d1c576bba168749d653fd6681166d02431ef07161a918444f3edb478ad0", [:rebar3], [{:p1_utils, "1.0.13", [hex: :p1_utils, repo: "hexpm", optional: false]}], "hexpm"},
+  "stun": {:hex, :stun, "1.0.25", "e324c94c28d636578db79eb26979cd07140f0dabcdc0d5b197650ba0bc44a31a", [:rebar3], [{:fast_tls, "1.0.25", [hex: :fast_tls, repo: "hexpm", optional: false]}, {:p1_utils, "1.0.13", [hex: :p1_utils, repo: "hexpm", optional: false]}], "hexpm"},
+  "xmpp": {:hex, :xmpp, "1.2.5", "98ae86706013e51349e962b67c30293d14672603b5c7d782b2c79b52ceaa659f", [:rebar3], [{:ezlib, "1.0.4", [hex: :ezlib, repo: "hexpm", optional: false]}, {:fast_tls, "1.0.25", [hex: :fast_tls, repo: "hexpm", optional: false]}, {:fast_xml, "1.1.34", [hex: :fast_xml, repo: "hexpm", optional: false]}, {:p1_utils, "1.0.13", [hex: :p1_utils, repo: "hexpm", optional: false]}, {:stringprep, "1.0.14", [hex: :stringprep, repo: "hexpm", optional: false]}], "hexpm"},
+}
@@ -0,0 +1,5 @@
+-module(configure_deps).
+-export(['configure-deps'/2]).
+
+'configure-deps'(Config, Vals) ->
+  {ok, Config}.
@@ -8,7 +8,7 @@ override_opts(override, Config, Opts) ->
 override_opts(add, Config, Opts) ->
    lists:foldl(fun({Opt, Value}, Conf) ->
 			V = rebar_config:get_local(Conf, Opt, []),
-			rebar_config:set(Conf, Opt, [Value | V])
+			rebar_config:set(Conf, Opt, V ++ Value)
 		end, Config, Opts).

 preprocess(Config, _Dirs) ->
@@ -0,0 +1,16 @@
+redis.replicate_commands()
+local cursor = redis.call('GET', KEYS[3]) or 0
+local scan_result = redis.call('HSCAN', KEYS[1], cursor, 'COUNT', ARGV[1])
+local newcursor = scan_result[1]
+local cursor = redis.call('SET', KEYS[3], newcursor)
+redis.call('EXPIRE', KEYS[3], 30)
+for key,value in ipairs(scan_result[2]) do
+   local uskey, sidkey = string.match(value, '(.*)||(.*)')
+   if uskey and sidkey then
+      redis.call('HDEL', uskey, sidkey)
+      redis.call('HDEL', KEYS[1], value)
+   else
+      redis.call('HDEL', KEYS[2], value)
+   end
+end
+return newcursor
@@ -152,7 +152,7 @@ msgstr "Agosto"

 #: mod_pubsub:1842
 msgid "Automatic node creation is not enabled"
-msgstr ""
+msgstr "Criação automatizada de nós está desabilitada"

 #: ejabberd_web_admin:1867 mod_configure:148 mod_configure:617
 msgid "Backup"
@@ -185,11 +185,11 @@ msgstr "Aniversário"

 #: mod_legacy_auth:102
 msgid "Both the username and the resource are required"
-msgstr ""
+msgstr "Nome de usuário e recurso são necessários"

 #: mod_proxy65_service:226
 msgid "Bytestream already activated"
-msgstr ""
+msgstr "Bytestream já foi ativado"

 #: ejabberd_captcha:135
 msgid "CAPTCHA web page"
@@ -201,11 +201,11 @@ msgstr "Tempo de CPU"

 #: mod_privacy:334
 msgid "Cannot remove active list"
-msgstr ""
+msgstr "Não é possível remover uma lista ativa"

 #: mod_privacy:341
 msgid "Cannot remove default list"
-msgstr ""
+msgstr "Não é possível remover uma lista padrão"

 #: ejabberd_web_admin:1679 mod_register_web:194 mod_register_web:353
 #: mod_register_web:361 mod_register_web:386
@@ -383,7 +383,7 @@ msgstr "Exportar para arquivo texto"

 #: mod_roster:180
 msgid "Duplicated groups are not allowed by RFC6121"
-msgstr ""
+msgstr "Grupos duplicados não são permitidos pela RFC6121"

 #: mod_configure:1776
 msgid "Edit Properties"
@@ -413,7 +413,7 @@ msgstr "Permitir criação de logs"

 #: mod_push:252
 msgid "Enabling push without 'node' attribute is not supported"
-msgstr ""
+msgstr "Abilitar push sem o atributo 'node' não é suportado"

 #: mod_irc:834
 msgid "Encoding for server ~b"
@@ -503,15 +503,15 @@ msgstr ""

 #: mod_delegation:275
 msgid "External component failure"
-msgstr ""
+msgstr "Falha de componente externo"

 #: mod_delegation:283
 msgid "External component timeout"
-msgstr ""
+msgstr "Tempo esgotado à espera de componente externo"

 #: mod_proxy65_service:218
 msgid "Failed to activate bytestream"
-msgstr ""
+msgstr "Falha ao ativar bytestream"

 #: mod_muc_room:910
 msgid "Failed to extract JID from your voice request approval"
@@ -519,19 +519,19 @@ msgstr "Não foi possível extrair o JID (Jabber ID) da requisição de voz"

 #: mod_delegation:257
 msgid "Failed to map delegated namespace to external component"
-msgstr ""
+msgstr "Falha ao mapear namespace delegado ao componente externo"

 #: mod_http_upload:602
 msgid "Failed to parse HTTP response"
-msgstr ""
+msgstr "Falha ao analisar resposta HTTP"

 #: mod_irc:426
 msgid "Failed to parse chanserv"
-msgstr ""
+msgstr "Falha ao analisar chanserv"

 #: mod_muc_room:3297
 msgid "Failed to process option '~s'"
-msgstr ""
+msgstr "Falha ao processar opção '~s'"

 #: mod_vcard_ldap:332 mod_vcard_ldap:345 mod_vcard_mnesia:103
 #: mod_vcard_mnesia:117 mod_vcard_sql:158 mod_vcard_sql:172
@@ -544,7 +544,7 @@ msgstr "Fevereiro"

 #: mod_http_upload:555
 msgid "File larger than ~w bytes"
-msgstr ""
+msgstr "Arquivo maior que ~w bytes"

 #: mod_vcard:437
 msgid ""
@@ -610,7 +610,7 @@ msgstr "Máquina"

 #: mod_s2s_dialback:325
 msgid "Host unknown"
-msgstr ""
+msgstr "Máquina desconhecida"

 #: ejabberd_web_admin:2463
 msgid "IP"
@@ -699,15 +699,15 @@ msgstr "Importar dados dos usuários de um diretório-fila jabberd14:"

 #: xmpp_stream_in:983
 msgid "Improper 'from' attribute"
-msgstr ""
+msgstr "Atributo 'from' incorreto"

 #: xmpp_stream_in:477
 msgid "Improper 'to' attribute"
-msgstr ""
+msgstr "Atributo 'to' incorreto"

 #: ejabberd_service:189
 msgid "Improper domain part of 'from' attribute"
-msgstr ""
+msgstr "Atributo 'from' contém domínio incorreto"

 #: mod_muc_room:260
 msgid "Improper message type"
@@ -715,11 +715,11 @@ msgstr "Tipo de mensagem incorreto"

 #: ejabberd_web_admin:1586
 msgid "Incoming s2s Connections:"
-msgstr "Conexões que entram de s2s"
+msgstr "Conexões s2s de Entrada:"

 #: mod_muc_room:3669 mod_register:187
 msgid "Incorrect CAPTCHA submit"
-msgstr ""
+msgstr "CAPTCHA submetido incorretamente"

 #: mod_muc:772 mod_muc_room:3052 mod_pubsub:1194 mod_register:183 mod_vcard:256
 #, fuzzy
@@ -732,41 +732,41 @@ msgstr "Senha incorreta"

 #: mod_irc:585
 msgid "Incorrect value in data form"
-msgstr ""
+msgstr "Valor incorreto em formulário de dados"

 #: mod_adhoc:276
 msgid "Incorrect value of 'action' attribute"
-msgstr ""
+msgstr "Valor incorreto do atributo 'action'"

 #: mod_configure:1806
 msgid "Incorrect value of 'action' in data form"
-msgstr ""
+msgstr "Valor incorreto de 'action' no formulário de dados"

 #: mod_configure:1335 mod_configure:1367 mod_configure:1399 mod_configure:1419
 #: mod_configure:1439
 msgid "Incorrect value of 'path' in data form"
-msgstr ""
+msgstr "Valor incorreto de 'path' no formulário de dados"

 #: mod_irc:331
 msgid "Incorrect value of 'type' attribute"
-msgstr ""
+msgstr "Valor incorreto do atributo 'type'"

 #: mod_privilege:100
 msgid "Insufficient privilege"
-msgstr ""
+msgstr "Privilégio insuficiente"

 #: mod_privilege:286
 msgid "Invalid 'from' attribute in forwarded message"
-msgstr ""
+msgstr "Atributo 'from' inválido na mensagem reenviada"

 #: mod_privilege:300
 msgid "Invalid <forwarded/> element"
-msgstr ""
+msgstr "Elemento <forwarded/> inválido"

 #: mod_muc_room:3926
 #, fuzzy
 msgid "Invitations are not allowed in this conference"
-msgstr "Requisições de voz estão desabilitadas nesta conferência"
+msgstr "Convites estão desabilitados nesta sala de conferência"

 #: mod_muc_room:233 mod_muc_room:375 mod_muc_room:1046
 msgid ""
@@ -786,11 +786,11 @@ msgstr "Não é permitido enviar mensagens privadas do tipo \"groupchat\""

 #: mod_muc_room:244
 msgid "It is not allowed to send private messages to the conference"
-msgstr "Impedir o envio de mensagens privadas para a sala"
+msgstr "Não é permitido enviar mensagens privadas para a sala de conferência"

 #: mod_register_web:181 mod_register_web:189
 msgid "Jabber Account Registration"
-msgstr "Registros de Contas Jabber"
+msgstr "Registro de Contas Jabber"

 #: mod_configure:1122 mod_configure:1139 mod_configure:1149 mod_configure:1159
 #: mod_configure:1169 mod_configure:1183 mod_configure:1192 mod_configure:1600
@@ -805,11 +805,11 @@ msgstr "Janeiro"

 #: mod_irc:665
 msgid "Join IRC channel"
-msgstr "Juntar-se ao canal IRC"
+msgstr "Entrar no canal IRC"

 #: mod_irc:689
 msgid "Join the IRC channel here."
-msgstr "Aqui! Juntar-se ao canal IRC."
+msgstr "Entre no canal IRC aqui."

 #: mod_irc:690
 msgid "Join the IRC channel in this Jabber ID: ~s"
@@ -890,7 +890,7 @@ msgstr "Tornar sala pública possível de ser encontrada"
 #: mod_register:317
 #, fuzzy
 msgid "Malformed username"
-msgstr "Usuário IRC"
+msgstr "Nome de usuário inválido"

 #: mod_muc_log:475
 msgid "March"
@@ -910,7 +910,7 @@ msgstr "Membros:"

 #: mod_muc_room:1833
 msgid "Membership is required to enter this room"
-msgstr "Necessitas ser membro desta sala para poder entrar"
+msgstr "É necessário ser membro desta sala para poder entrar"

 #: mod_register_web:262
 msgid ""
@@ -918,9 +918,9 @@ msgid ""
 "Jabber there isn't an automated way to recover your password if you forget "
 "it."
 msgstr ""
-"Memorize a sua senha, ou escreva-a em um papel e guarde-o em um lugar "
-"seguro. Jabber não é uma maneira automatizada para recuperar a sua senha, se "
-"você a esquecer eventualmente."
+"Memorize a sua senha, ou anote-a em um papel, guardado em um local seguro. "
+"No Jabber, não há uma maneira automatizada de recuperar a sua senha, "
+"caso a esqueça."

 #: ejabberd_web_admin:1954
 msgid "Memory"
@@ -932,7 +932,7 @@ msgstr "Corpo da mensagem"

 #: mod_privilege:291
 msgid "Message not found in forwarded payload"
-msgstr ""
+msgstr "Mensagem não encontrada em conteúdo encaminhado"

 #: mod_vcard_ldap:331 mod_vcard_ldap:344 mod_vcard_mnesia:102
 #: mod_vcard_mnesia:116 mod_vcard_sql:157 mod_vcard_sql:171
@@ -941,15 +941,15 @@ msgstr "Nome do meio"

 #: mod_irc:704
 msgid "Missing 'channel' or 'server' in the data form"
-msgstr ""
+msgstr "Faltando 'channel' ou 'server' no formulário de dados"

 #: xmpp_stream_in:990
 msgid "Missing 'from' attribute"
-msgstr ""
+msgstr "Faltando atributo 'from'"

 #: xmpp_stream_in:472 xmpp_stream_in:993
 msgid "Missing 'to' attribute"
-msgstr ""
+msgstr "Faltando atributo 'to'"

 #: mod_muc_room:2536 mod_muc_room:3721 mod_muc_room:3765 mod_muc_room:3798
 msgid "Moderator privileges required"
@@ -965,7 +965,7 @@ msgstr "Módulo"

 #: gen_iq_handler:153
 msgid "Module failed to handle the query"
-msgstr ""
+msgstr "Módulo falhou ao processar a consulta"

 #: ejabberd_web_admin:1885 mod_configure:582 mod_configure:595
 msgid "Modules"
@@ -989,7 +989,7 @@ msgstr "Multicast"

 #: mod_roster:195
 msgid "Multiple <item/> elements are not allowed by RFC6121"
-msgstr ""
+msgstr "Vários elementos <item/> não são permitidos pela RFC6121"

 #: ejabberd_web_admin:1951 mod_vcard_mnesia:101 mod_vcard_mnesia:115
 #: mod_vcard_sql:156 mod_vcard_sql:170
@@ -1002,11 +1002,11 @@ msgstr "Nome:"

 #: mod_muc_room:2696
 msgid "Neither 'jid' nor 'nick' attribute found"
-msgstr ""
+msgstr "Nem o atributo 'jid' nem 'nick' foram encontrados"

 #: mod_muc_room:2518 mod_muc_room:2701
 msgid "Neither 'role' nor 'affiliation' attribute found"
-msgstr ""
+msgstr "Nem o atributo 'role' nem 'affiliation' foram encontrados"

 #: ejabberd_web_admin:1506 ejabberd_web_admin:1687 mod_configure:1629
 msgid "Never"
@@ -1031,41 +1031,41 @@ msgstr "O apelido ~s não existe na sala"

 #: mod_configure:1496
 msgid "No 'access' found in data form"
-msgstr ""
+msgstr "'access' não foi encontrado em formulário de dados"

 #: mod_configure:1455
 msgid "No 'acls' found in data form"
-msgstr ""
+msgstr "'acls' não foi encontrado em formulário de dados"

 #: mod_muc_room:3075
 msgid "No 'affiliation' attribute found"
-msgstr ""
+msgstr "Atributo 'affiliation' não foi encontrado"

 #: mod_muc_room:2505
 #, fuzzy
 msgid "No 'item' element found"
-msgstr "Nó não encontrado"
+msgstr "Elemento 'item' não foi encontrado"

 #: mod_configure:1280
 msgid "No 'modules' found in data form"
-msgstr ""
+msgstr "'modules' não foi encontrado em formulário de dados"

 #: mod_configure:1799
 msgid "No 'password' found in data form"
-msgstr ""
+msgstr "'password' não foi encontrado em formulário de dados"

 #: mod_register:148
 msgid "No 'password' found in this query"
-msgstr ""
+msgstr "'password' não foi encontrado nesta consulta"

 #: mod_configure:1319 mod_configure:1350 mod_configure:1382 mod_configure:1413
 #: mod_configure:1433
 msgid "No 'path' found in data form"
-msgstr ""
+msgstr "'path' não foi encontrado em formulário de dados"

 #: mod_muc_room:3922
 msgid "No 'to' attribute found in the invitation"
-msgstr ""
+msgstr "Atributo 'to' não foi encontrado no convite"

 #: ejabberd_web_admin:1767
 msgid "No Data"
@@ -1073,7 +1073,7 @@ msgstr "Nenhum dado"

 #: ejabberd_local:181
 msgid "No available resource found"
-msgstr ""
+msgstr "Nenhum recurso disponível foi encontrado"

 #: mod_announce:575
 msgid "No body provided for announce message"
@@ -1082,45 +1082,45 @@ msgstr "Nenhum corpo de texto fornecido para anunciar mensagem"
 #: mod_irc:335 mod_pubsub:1183 mod_pubsub:3289
 #, fuzzy
 msgid "No data form found"
-msgstr "Nó não encontrado"
+msgstr "Formulário de dados não foi encontrado"

 #: mod_disco:224 mod_vcard:282
 msgid "No features available"
-msgstr ""
+msgstr "Nenhuma funcionalidade disponível"

 #: mod_adhoc:239
 msgid "No hook has processed this command"
-msgstr ""
+msgstr "Nenhum hook processou este comando"

 #: mod_last:218
 msgid "No info about last activity found"
-msgstr ""
+msgstr "Não foi encontrada informação sobre última atividade"

 #: mod_blocking:99
 msgid "No items found in this query"
-msgstr ""
+msgstr "Nenhum item encontrado nesta consulta"

 #: ejabberd_local:90 ejabberd_sm:863 mod_blocking:92 mod_blocking:110
 #: mod_http_upload:513 mod_muc:482 mod_muc:534 mod_muc:556 mod_muc:580
 #: mod_offline:303 mod_privacy:168 mod_privacy:285 mod_roster:207
 msgid "No module is handling this query"
-msgstr ""
+msgstr "Nenhum módulo está processando esta consulta"

 #: mod_pubsub:1541
 msgid "No node specified"
-msgstr ""
+msgstr "Nenhum nó especificado"

 #: mod_pubsub:1426
 msgid "No pending subscriptions found"
-msgstr ""
+msgstr "Não foram encontradas subscrições"

 #: mod_privacy:201 mod_privacy:295 mod_privacy:311 mod_privacy:344
 msgid "No privacy list with this name found"
-msgstr ""
+msgstr "Nenhuma lista de privacidade encontrada com este nome"

 #: mod_private:96
 msgid "No private data found in this query"
-msgstr ""
+msgstr "Nenhum dado privado encontrado nesta consulta"

 #: mod_configure:869 mod_configure:908 mod_configure:1222 mod_configure:1254
 #: mod_configure:1275 mod_configure:1314 mod_configure:1345 mod_configure:1377
@@ -1131,15 +1131,15 @@ msgstr "Nó não encontrado"

 #: mod_disco:252 mod_vcard:265
 msgid "No services available"
-msgstr ""
+msgstr "Não há serviços disponíveis"

 #: mod_stats:101
 msgid "No statistics found for this item"
-msgstr ""
+msgstr "Não foram encontradas estatísticas para este item"

 #: nodetree_dag:72 nodetree_tree:181 nodetree_tree_sql:255
 msgid "Node already exists"
-msgstr ""
+msgstr "Nó já existe"

 #: nodetree_tree_sql:99
 #, fuzzy
@@ -1159,7 +1159,7 @@ msgstr "Nó ~p"

 #: mod_vcard:385
 msgid "Nodeprep has failed"
-msgstr ""
+msgstr "Processo de identificação de nó falhou (nodeprep)"

 #: ejabberd_web_admin:1837
 msgid "Nodes"
@@ -1176,7 +1176,7 @@ msgstr "Não encontrado"

 #: mod_disco:296 mod_disco:370 mod_last:159
 msgid "Not subscribed"
-msgstr ""
+msgstr "Não subscrito"

 #: mod_muc_log:483
 msgid "November"
@@ -1227,11 +1227,11 @@ msgstr "Usuários online"

 #: mod_carboncopy:141
 msgid "Only <enable/> or <disable/> tags are allowed"
-msgstr ""
+msgstr "Apenas tags <enable/> ou <disable/> são permitidas"

 #: mod_privacy:154
 msgid "Only <list/> element is allowed in this query"
-msgstr ""
+msgstr "Apenas elemento <list/> é permitido nesta consulta"

 #: mod_mam:379
 msgid "Only members may query archives of this room"
@@ -1255,11 +1255,11 @@ msgstr "Somente moderadores podem aprovar requisições de voz"

 #: mod_muc_room:424 mod_muc_room:792 mod_muc_room:3989
 msgid "Only occupants are allowed to send messages to the conference"
-msgstr "Somente os ocupantes podem enviar mensagens à sala"
+msgstr "Somente os ocupantes podem enviar mensagens à sala de conferência"

 #: mod_muc_room:457
 msgid "Only occupants are allowed to send queries to the conference"
-msgstr "Somente os ocupantes podem enviar consultas à sala"
+msgstr "Somente os ocupantes podem enviar consultas à sala de conferência"

 #: mod_muc:422
 msgid "Only service administrators are allowed to send service messages"
@@ -1282,11 +1282,11 @@ msgstr "Departamento/Unidade"

 #: mod_configure:508
 msgid "Outgoing s2s Connections"
-msgstr "Conexões que partam de s2s"
+msgstr "Conexões s2s de Saída"

 #: ejabberd_web_admin:1583
 msgid "Outgoing s2s Connections:"
-msgstr "Conexões que partem de s2s"
+msgstr "Conexões s2s de Saída"

 #: mod_muc_room:3023 mod_muc_room:3067 mod_muc_room:3697 mod_pubsub:1302
 #: mod_pubsub:1394 mod_pubsub:1553 mod_pubsub:2118 mod_pubsub:2184
@@ -1300,11 +1300,11 @@ msgstr "Pacote"

 #: mod_irc:578
 msgid "Parse error"
-msgstr ""
+msgstr "Erro de análise de dados"

 #: mod_configure:1299 mod_configure:1468 mod_configure:1513
 msgid "Parse failed"
-msgstr ""
+msgstr "Análise de dados falhou"

 #: ejabberd_oauth:431 ejabberd_web_admin:1435 mod_configure:1126
 #: mod_configure:1173 mod_configure:1602 mod_configure:1781 mod_muc_log:1036
@@ -1384,7 +1384,7 @@ msgstr "Porta ~b"

 #: mod_roster:173
 msgid "Possessing 'ask' attribute is not allowed by RFC6121"
-msgstr ""
+msgstr "Possuir atributo 'ask' não é permitido pela RFC6121"

 #: ejabberd_web_admin:2464
 msgid "Protocol"
@@ -1400,16 +1400,16 @@ msgstr "Publicação de Tópico"

 #: node_dag:81
 msgid "Publishing items to collection node is not allowed"
-msgstr ""
+msgstr "Publicar items em um nó de coleção não é permitido"

 #: mod_muc_room:462
 msgid "Queries to the conference members are not allowed in this room"
-msgstr "Nesta sala não se permite consultas aos membros da sala"
+msgstr "Nesta sala de conferência, consultas aos membros não são permitidas"

 #: mod_blocking:85 mod_disco:325 mod_disco:393 mod_offline:270 mod_privacy:146
 #: mod_private:118 mod_roster:163 mod_sic:90
 msgid "Query to another users is forbidden"
-msgstr ""
+msgstr "Consultar a outro usuário é proibido"

 #: mod_configure:889
 msgid "RAM and disc copy"
@@ -1540,7 +1540,7 @@ msgstr "Lista de contatos"

 #: mod_roster:334
 msgid "Roster module has failed"
-msgstr ""
+msgstr "O módulo Roster falhou"

 #: mod_roster:968
 msgid "Roster of "
@@ -1556,7 +1556,7 @@ msgstr "Nós em execução"

 #: xmpp_stream_in:541 xmpp_stream_in:549
 msgid "SASL negotiation is not allowed in this state"
-msgstr ""
+msgstr "Negociação SASL não é permitida neste estado"

 #: mod_muc_log:468
 msgid "Saturday"
@@ -1564,12 +1564,12 @@ msgstr "Sábado"

 #: mod_irc:582
 msgid "Scan error"
-msgstr ""
+msgstr "Erro de escaneamento"

 #: mod_configure:1303 mod_configure:1472 mod_configure:1517
 #, fuzzy
 msgid "Scan failed"
-msgstr "O CAPTCHA é inválido."
+msgstr "O escaneamento falhou"

 #: ejabberd_web_admin:2282
 msgid "Script check"
@@ -1605,11 +1605,11 @@ msgstr "Setembro"

 #: mod_irc_connection:648
 msgid "Server Connect Failed"
-msgstr ""
+msgstr "Conexão ao servidor falhou"

 #: ejabberd_s2s:369
 msgid "Server connections to local subdomains are forbidden"
-msgstr ""
+msgstr "Conexões de servidor a subdomínios locais estão proibidas"

 #: mod_irc:842
 msgid "Server ~b"
@@ -1724,7 +1724,7 @@ msgstr "Subscrição"

 #: mod_muc_room:3708
 msgid "Subscriptions are not allowed"
-msgstr ""
+msgstr "Subscrições não estão permitidas"

 #: mod_muc_log:469
 msgid "Sunday"
@@ -1748,15 +1748,15 @@ msgstr "A verificação do CAPTCHA falhou"

 #: mod_muc_room:302
 msgid "The feature requested is not supported by the conference"
-msgstr ""
+msgstr "A funcionalidade solicitada não é suportada pela sala de conferência"

 #: mod_register:308 mod_register:366
 msgid "The password contains unacceptable characters"
-msgstr ""
+msgstr "A senha contém caracteres proibidos"

 #: mod_register:311 mod_register:370
 msgid "The password is too weak"
-msgstr "Senha considerada fraca'"
+msgstr "Senha considerada muito fraca"

 #: mod_register_web:141
 msgid "The password of your Jabber account was successfully changed."
@@ -1764,17 +1764,19 @@ msgstr "A senha da sua conta Jabber foi mudada com sucesso."

 #: mod_register:160 mod_vcard:219
 msgid "The query is only allowed from local users"
-msgstr ""
+msgstr "Esta consulta só é permitida a partir de usuários locais"

 #: mod_roster:203
 msgid "The query must not contain <item/> elements"
-msgstr ""
+msgstr "A consulta não pode conter elementos <item/>"

 #: mod_privacy:280
 msgid ""
 "The stanza MUST contain only one <active/> element, one <default/> element, "
 "or one <list/> element"
 msgstr ""
+"A instância DEVE conter apenas um elemento <active/>, um elemento <default/>, "
+"ou um elemento <list/>"

 #: mod_register_web:146
 msgid "There was an error changing the password: "
@@ -1830,7 +1832,7 @@ msgstr "Para"

 #: mod_register:215
 msgid "To register, visit ~s"
-msgstr ""
+msgstr "Para registrar, visite ~s"

 #: mod_configure:709
 msgid "To ~s"
@@ -1838,19 +1840,19 @@ msgstr "Para ~s"

 #: ejabberd_oauth:439
 msgid "Token TTL"
-msgstr ""
+msgstr "Token TTL"

 #: xmpp_stream_in:463
 msgid "Too long value of 'xml:lang' attribute"
-msgstr ""
+msgstr "Valor do atributo 'xml:lang' é demasiado longo"

 #: mod_muc_room:2541 mod_muc_room:3081
 msgid "Too many <item/> elements"
-msgstr ""
+msgstr "Número excessivo de elementos <item/>"

 #: mod_privacy:164
 msgid "Too many <list/> elements"
-msgstr ""
+msgstr "Número excessivo de elementos <list/>"

 #: mod_muc_room:1924 mod_register:240
 msgid "Too many CAPTCHA requests"
@@ -1859,20 +1861,20 @@ msgstr "Número excessivo de requisições para o CAPTCHA"
 #: mod_proxy65_service:223
 #, fuzzy
 msgid "Too many active bytestreams"
-msgstr "número excessivo de instâncias sem confirmação"
+msgstr "Número excessivo de bytestreams ativos"

 #: mod_stream_mgmt:205
 msgid "Too many unacked stanzas"
-msgstr "número excessivo de instâncias sem confirmação"
+msgstr "Número excessivo de instâncias sem confirmação"

 #: mod_muc_room:1802
 #, fuzzy
 msgid "Too many users in this conference"
-msgstr "Requisições de voz estão desabilitadas nesta conferência"
+msgstr "Número excessivo de usuários nesta sala de conferência"

 #: mod_register:355
 msgid "Too many users registered"
-msgstr ""
+msgstr "Número excessivo de usuários registrados"

 #: mod_muc_admin:368
 msgid "Total rooms"
@@ -1908,7 +1910,7 @@ msgstr "Impossível gerar um CAPTCHA"

 #: ejabberd_service:120
 msgid "Unable to register route on existing local domain"
-msgstr ""
+msgstr "Não foi possível registrar rota no domínio local existente"

 #: ejabberd_web_admin:209 ejabberd_web_admin:221 ejabberd_web_admin:241
 #: ejabberd_web_admin:253
@@ -1917,7 +1919,7 @@ msgstr "Não Autorizado"

 #: mod_announce:485 mod_configure:830 mod_configure:1758
 msgid "Unexpected action"
-msgstr ""
+msgstr "Ação inesperada"

 #: mod_register_web:488
 msgid "Unregister"
@@ -1929,11 +1931,11 @@ msgstr "Deletar conta Jabber"

 #: mod_mam:526
 msgid "Unsupported <index/> element"
-msgstr ""
+msgstr "Elemento <index/> não suportado"

 #: mod_mix:119
 msgid "Unsupported MIX query"
-msgstr ""
+msgstr "Consula MIX não suportada"

 #: ejabberd_web_admin:1872 ejabberd_web_admin:2285
 msgid "Update"
@@ -1979,7 +1981,7 @@ msgstr "Usuário"

 #: ejabberd_oauth:428
 msgid "User (jid)"
-msgstr ""
+msgstr "Usuário (jid)"

 #: mod_configure:308 mod_configure:505
 msgid "User Management"
@@ -1987,11 +1989,11 @@ msgstr "Gerenciamento de Usuários"

 #: mod_register:345
 msgid "User already exists"
-msgstr ""
+msgstr "Usuário já existe"

 #: mod_echo:138
 msgid "User part of JID in 'from' is empty"
-msgstr ""
+msgstr "Parte do usuário do JID em 'from' está vazia"

 #: ejabberd_sm:193 ejabberd_sm:662 ejabberd_sm:687 mod_sic:106
 #, fuzzy
@@ -2000,7 +2002,7 @@ msgstr "Nó não encontrado"

 #: mod_stream_mgmt:561 mod_stream_mgmt:583
 msgid "User session terminated"
-msgstr ""
+msgstr "Sessão de usuário terminada"

 #: ejabberd_web_admin:1700
 msgid "User ~s"
@@ -2029,7 +2031,7 @@ msgstr "Validar"
 #: mod_carboncopy:144 mod_irc:345 mod_muc_room:3662 mod_muc_room:3802
 #: mod_pubsub:895 mod_push:249
 msgid "Value 'get' of 'type' attribute is not allowed"
-msgstr ""
+msgstr "Valor 'get' não permitido para atributo 'type'"

 #: mod_disco:159 mod_disco:175 mod_disco:279 mod_disco:346 mod_irc:270
 #: mod_irc:285 mod_irc:339 mod_last:118 mod_last:140 mod_muc:479 mod_muc:504
@@ -2038,20 +2040,20 @@ msgstr ""
 #: mod_pubsub:821 mod_pubsub:839 mod_pubsub:877 mod_sic:81 mod_sic:93
 #: mod_stats:55 mod_time:62 mod_vcard:198 mod_vcard:236 mod_version:62
 msgid "Value 'set' of 'type' attribute is not allowed"
-msgstr ""
+msgstr "Valor 'set' não permitido para atributo 'type'"

 #: pubsub_subscription:237 pubsub_subscription_sql:202
 msgid "Value of '~s' should be boolean"
-msgstr ""
+msgstr "Value de '~s' deveria ser um booleano"

 #: pubsub_subscription:215 pubsub_subscription_sql:180
 msgid "Value of '~s' should be datetime string"
-msgstr ""
+msgstr "Valor de '~s' deveria ser data e hora"

 #: pubsub_subscription:209 pubsub_subscription:227 pubsub_subscription_sql:174
 #: pubsub_subscription_sql:192
 msgid "Value of '~s' should be integer"
-msgstr ""
+msgstr "Valor de '~s' deveria ser um inteiro"

 #: ejabberd_web_admin:950
 msgid "Virtual Hosts"
@@ -2071,7 +2073,7 @@ msgstr "Requisição de voz"

 #: mod_muc_room:885
 msgid "Voice requests are disabled in this conference"
-msgstr "Requisições de voz estão desabilitadas nesta conferência"
+msgstr "Requisições de voz estão desabilitadas nesta sala de conferência"

 #: mod_muc_log:465
 msgid "Wednesday"
@@ -2087,7 +2089,7 @@ msgstr "Você foi banido desta sala"

 #: mod_muc_room:1811
 msgid "You have joined too many conferences"
-msgstr ""
+msgstr "Você entrou em um número excessivo de salas de conferência"

 #: mod_muc:777
 msgid "You must fill in field \"Nickname\" in the form"
@@ -2379,7 +2381,7 @@ msgstr "~s's Fila de Mensagens Offline"
 #~ msgstr "Preencha campos para buscar usuários Jabber que concordem"

 #~ msgid "Outgoing s2s Servers:"
-#~ msgstr "Servidores que partem de s2s"
+#~ msgstr "Servidores s2s de Saída"

 #~ msgid "Delete"
 #~ msgstr "Eliminar"
@@ -19,34 +19,32 @@
 %%%----------------------------------------------------------------------

 {deps, [{lager, ".*", {git, "https://github.com/erlang-lager/lager",
-                       {tag, {if_version_above, "17", "3.4.2", "3.2.1"}}}},
-        {p1_utils, ".*", {git, "https://github.com/processone/p1_utils", {tag, "1.0.10"}}},
-        {cache_tab, ".*", {git, "https://github.com/processone/cache_tab", {tag, "1.0.12"}}},
-        {fast_tls, ".*", {git, "https://github.com/processone/fast_tls", {tag, "1.0.18"}}},
-        {stringprep, ".*", {git, "https://github.com/processone/stringprep", {tag, "1.0.10"}}},
-        {fast_xml, ".*", {git, "https://github.com/processone/fast_xml", {tag, "1.1.26"}}},
-        {xmpp, ".*", {git, "https://github.com/processone/xmpp", {tag, "1.1.17"}}},
-        {fast_yaml, ".*", {git, "https://github.com/processone/fast_yaml", {tag, "1.0.12"}}},
+                       {tag, {if_version_above, "17", "3.6.5", "3.2.1"}}}},
+        {p1_utils, ".*", {git, "https://github.com/processone/p1_utils", {tag, "1.0.13"}}},
+        {cache_tab, ".*", {git, "https://github.com/processone/cache_tab", {tag, "1.0.16"}}},
+        {fast_tls, ".*", {git, "https://github.com/processone/fast_tls", {tag, "1.0.25"}}},
+        {stringprep, ".*", {git, "https://github.com/processone/stringprep", {tag, "1.0.14"}}},
+        {fast_xml, ".*", {git, "https://github.com/processone/fast_xml", {tag, "1.1.34"}}},
+        {xmpp, ".*", {git, "https://github.com/processone/xmpp", {tag, "1.2.5"}}},
+        {fast_yaml, ".*", {git, "https://github.com/processone/fast_yaml", {tag, "1.0.17"}}},
        {jiffy, ".*", {git, "https://github.com/davisp/jiffy", {tag, "0.14.8"}}},
-        {p1_oauth2, ".*", {git, "https://github.com/processone/p1_oauth2", {tag, "0.6.2"}}},
-        {luerl, ".*", {git, "https://github.com/rvirding/luerl", {tag, "v0.2"}}},
+        {p1_oauth2, ".*", {git, "https://github.com/processone/p1_oauth2", {tag, "0.6.3"}}},
        {jose, ".*", {git, "https://github.com/potatosalad/erlang-jose", {tag, "1.8.4"}}},
-        {fs, ".*", {git, "https://github.com/synrc/fs", {tag, "2.12.0"}}},
-        {if_var_true, stun, {stun, ".*", {git, "https://github.com/processone/stun", {tag, "1.0.17"}}}},
-        {if_var_true, sip, {esip, ".*", {git, "https://github.com/processone/esip", {tag, "1.0.18"}}}},
+        {eimp, ".*", {git, "https://github.com/processone/eimp", {tag, "1.0.8"}}},
+        {if_var_true, stun, {stun, ".*", {git, "https://github.com/processone/stun", {tag, "1.0.25"}}}},
+        {if_var_true, sip, {esip, ".*", {git, "https://github.com/processone/esip", {tag, "1.0.26"}}}},
        {if_var_true, mysql, {p1_mysql, ".*", {git, "https://github.com/processone/p1_mysql",
-                                               {tag, "1.0.4"}}}},
+                                               {tag, "1.0.7"}}}},
        {if_var_true, pgsql, {p1_pgsql, ".*", {git, "https://github.com/processone/p1_pgsql",
-                                               {tag, "1.1.4"}}}},
+                                               {tag, "1.1.6"}}}},
        {if_var_true, sqlite, {sqlite3, ".*", {git, "https://github.com/processone/erlang-sqlite3",
-                                               {tag, "1.1.5"}}}},
+                                               {tag, "1.1.6"}}}},
        {if_var_true, pam, {epam, ".*", {git, "https://github.com/processone/epam",
-                                           {tag, "1.0.3"}}}},
+                                           {tag, "1.0.4"}}}},
        {if_var_true, zlib, {ezlib, ".*", {git, "https://github.com/processone/ezlib",
-                                           {tag, "1.0.3"}}}},
+                                           {tag, "1.0.4"}}}},
        {if_var_true, riak, {riakc, ".*", {git, "https://github.com/processone/riak-erlang-client",
                                           {tag, {if_version_above, "19", "develop", "2.5.3"}}}}},
-        {if_var_true, graphics, {eimp, ".*", {git, "https://github.com/processone/eimp", {tag, "1.0.2"}}}},
        %% Elixir support, needed to run tests
        {if_var_true, elixir, {elixir, ".*", {git, "https://github.com/elixir-lang/elixir",
                                              {tag, {if_version_above, "17", "v1.4.4", "v1.1.1"}}}}},
@@ -54,11 +52,11 @@
        {if_not_rebar3, {if_var_true, elixir, {rebar_elixir_plugin, ".*",
                                               {git, "https://github.com/processone/rebar_elixir_plugin", "0.1.0"}}}},
        {if_var_true, iconv, {iconv, ".*", {git, "https://github.com/processone/iconv",
-                                            {tag, "1.0.6"}}}},
+                                            {tag, "1.0.10"}}}},
+        {if_var_true, tools, {luerl, ".*", {git, "https://github.com/rvirding/luerl",
+                                            {tag, "v0.3"}}}},
        {if_var_true, tools, {meck, "0.8.*", {git, "https://github.com/eproxus/meck",
                                              {tag, "0.8.4"}}}},
-        {if_var_true, tools, {moka, ".*", {git, "https://github.com/processone/moka",
-                                           {tag, "1.0.5c"}}}},
        {if_var_true, redis, {eredis, ".*", {git, "https://github.com/wooga/eredis",
                                             {tag, "v1.0.8"}}}}]}.

@@ -93,18 +91,16 @@
            {if_var_true, debug, debug_info},
            {if_var_true, sip, {d, 'SIP'}},
            {if_var_true, stun, {d, 'STUN'}},
-            {if_var_true, graphics, {d, 'GRAPHICS'}},
            {if_var_true, roster_gateway_workaround, {d, 'ROSTER_GATWAY_WORKAROUND'}},
            {if_var_match, db_type, mssql, {d, 'mssql'}},
            {if_var_true, elixir, {d, 'ELIXIR_ENABLED'}},
-            {if_var_true, erlang_deprecated_types, {d, 'ERL_DEPRECATED_TYPES'}},
            {if_have_fun, {crypto, strong_rand_bytes, 1}, {d, 'STRONG_RAND_BYTES'}},
            {if_have_fun, {rand, uniform, 1}, {d, 'RAND_UNIFORM'}},
            {if_have_fun, {gb_sets, iterator_from, 2}, {d, 'GB_SETS_ITERATOR_FROM'}},
            {if_have_fun, {public_key, short_name_hash, 1}, {d, 'SHORT_NAME_HASH'}},
            {if_var_true, new_sql_schema, {d, 'NEW_SQL_SCHEMA'}},
            {if_var_true, hipe, native},
-            {src_dirs, [asn1, src,
+            {src_dirs, [src,
                        {if_var_true, tools, tools},
                        {if_var_true, elixir, include}]}]}.

@@ -112,7 +108,7 @@

 {if_rebar3, {plugins, [rebar3_hex, {provider_asn1, "0.2.0"}]}}.
 {if_not_rebar3, {plugins, [
-                           deps_erl_opts, override_deps_versions, override_opts,
+                           deps_erl_opts, override_deps_versions, override_opts, configure_deps,
                           {if_var_true, elixir, rebar_elixir_compiler},
                           {if_var_true, elixir, rebar_exunit}
                          ]}}.
@@ -154,20 +150,18 @@

 {if_version_above, "17", {cover_enabled, true}}.
 {cover_export_enabled, true}.
+{recursive_cmds, ['configure-deps']}.

 {post_hook_configure, [{"fast_tls", []},
                       {"stringprep", []},
                       {"fast_yaml", []},
+		       {"eimp", []},
                       {if_var_true, sip, {"esip", []}},
                       {"fast_xml", [{if_var_true, full_xml, "--enable-full-xml"}]},
                       {if_var_true, pam, {"epam", []}},
                       {if_var_true, zlib, {"ezlib", []}},
-                       {if_var_true, graphics, {"eimp", []}},
                       {if_var_true, iconv, {"iconv", []}}]}.

-{port_env, [{"CFLAGS", "-g -O2 -Wall"}]}.
-
-{port_specs, [{"priv/lib/jid.so", ["c_src/jid.c"]}]}.
 %% Local Variables:
 %% mode: erlang
 %% End:
@@ -17,7 +17,6 @@
 %%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
-
 Vars = case file:consult(filename:join([filename:dirname(SCRIPT),"vars.config"])) of
 	   {ok, Terms} ->
 	       Terms;
@@ -30,7 +29,7 @@ Vars = case file:consult(filename:join([filename:dirname(SCRIPT),"vars.config"])
 {ldflags, LDFlags} = lists:keyfind(ldflags, 1, Vars),
 {system_deps, SystemDeps}  = lists:keyfind(system_deps, 1, Vars),

-GetCfg0 = fun(F, Cfg, [Key | Tail], Default) ->
+GetCfg = fun GetCfg(Cfg, [Key | Tail], Default) ->
 		  Val = case lists:keyfind(Key, 1, Cfg) of
 			    {Key, V1} -> V1;
 			    false -> Default
@@ -39,10 +38,10 @@ GetCfg0 = fun(F, Cfg, [Key | Tail], Default) ->
 		      [] ->
 			  Val;
 		      _ ->
-			  F(F, Val, Tail, Default)
+			  GetCfg(Val, Tail, Default)
 		  end
 	  end,
-ModCfg0 = fun(F, Cfg, [Key | Tail], Op, Default) ->
+ModCfg = fun ModCfg(Cfg, [Key | Tail], Op, Default) ->
 		  {OldVal, PartCfg} = case lists:keytake(Key, 1, Cfg) of
 					  {value, {_, V1}, V2} -> {V1, V2};
 					  false -> {if Tail == [] -> Default; true -> [] end, Cfg}
@@ -51,26 +50,26 @@ ModCfg0 = fun(F, Cfg, [Key | Tail], Op, Default) ->
 		      [] ->
 			  [{Key, Op(OldVal)} | PartCfg];
 		      _ ->
-			  [{Key, F(F, OldVal, Tail, Op, Default)} | PartCfg]
+			  [{Key, ModCfg(OldVal, Tail, Op, Default)} | PartCfg]
 		  end
 	  end,

-FilterConfig = fun(F, Cfg, [{Path, true, ModFun, Default} | Tail]) ->
-		       F(F, ModCfg0(ModCfg0, Cfg, Path, ModFun, Default), Tail);
-		  (F, Cfg, [{Path, SourcePath, true, ModFun, Default, SourceDefault} | Tail]) ->
-		       SourceVal = GetCfg0(GetCfg0, Cfg, SourcePath, SourceDefault),
+FilterConfig = fun FilterConfig(Cfg, [{Path, true, ModFun, Default} | Tail]) ->
+		       FilterConfig(ModCfg(Cfg, Path, ModFun, Default), Tail);
+		   FilterConfig(Cfg, [{Path, SourcePath, true, ModFun, Default, SourceDefault} | Tail]) ->
+		       SourceVal = GetCfg(Cfg, SourcePath, SourceDefault),
 		       ModFun2 = fun(V) -> ModFun(V, SourceVal) end,
-		       F(F, ModCfg0(ModCfg0, Cfg, Path, ModFun2, Default), Tail);
-		  (F, Cfg, [_ | Tail]) ->
-		       F(F, Cfg, Tail);
-		  (_, Cfg, []) ->
+		       FilterConfig(ModCfg(Cfg, Path, ModFun2, Default), Tail);
+		   FilterConfig(Cfg, [_ | Tail]) ->
+		       FilterConfig(Cfg, Tail);
+		   FilterConfig(Cfg, []) ->
 		       Cfg
 	       end,

 IsRebar3 = case application:get_key(rebar, vsn) of
 	       {ok, VSN} ->
 		   [VSN1 | _] = string:tokens(VSN, "-"),
-		   [Maj, _Min, _Patch] = string:tokens(VSN1, "."),
+		   [Maj|_] = string:tokens(VSN1, "."),
 		   (list_to_integer(Maj) >= 3);
 	       undefined ->
 		   lists:keymember(mix, 1, application:loaded_applications())
@@ -79,15 +78,15 @@ IsRebar3 = case application:get_key(rebar, vsn) of
 SysVer = erlang:system_info(otp_release),

 ProcessSingleVar = fun(F, Var, Tail) ->
-			   case F(F, [Var], []) of
+			   case F([Var], []) of
 			       [] -> Tail;
 			       [Val] -> [Val | Tail]
 			   end
 		   end,

-ProcessVars = fun(_F, [], Acc) ->
+ProcessVars = fun F([], Acc) ->
 		      lists:reverse(Acc);
-		 (F, [{Type, Ver, Value} | Tail], Acc) when
+		 F([{Type, Ver, Value} | Tail], Acc) when
 			Type == if_version_above orelse
 			Type == if_version_below ->
 		      SysVer = erlang:system_info(otp_release),
@@ -97,11 +96,11 @@ ProcessVars = fun(_F, [], Acc) ->
 					SysVer < Ver
 				end,
 		      if Include ->
-			      F(F, Tail, ProcessSingleVar(F, Value, Acc));
+			      F(Tail, ProcessSingleVar(F, Value, Acc));
 			 true ->
-			      F(F, Tail, Acc)
+			      F(Tail, Acc)
 		      end;
-		 (F, [{Type, Ver, Value, ElseValue} | Tail], Acc) when
+		  F([{Type, Ver, Value, ElseValue} | Tail], Acc) when
 			Type == if_version_above orelse
 			Type == if_version_below ->
 		      Include = if Type == if_version_above ->
@@ -110,53 +109,53 @@ ProcessVars = fun(_F, [], Acc) ->
 					SysVer < Ver
 				end,
 		      if Include ->
-			      F(F, Tail, ProcessSingleVar(F, Value, Acc));
+			      F(Tail, ProcessSingleVar(F, Value, Acc));
 			 true ->
-			      F(F, Tail, ProcessSingleVar(F, ElseValue, Acc))
+			      F(Tail, ProcessSingleVar(F, ElseValue, Acc))
 		      end;
-		 (F, [{Type, Var, Value} | Tail], Acc) when
+		  F([{Type, Var, Value} | Tail], Acc) when
 			Type == if_var_true orelse
 			Type == if_var_false ->
 		      Flag = Type == if_var_true,
 		      case proplists:get_bool(Var, Vars) of
 			  V when V == Flag ->
-			      F(F, Tail, ProcessSingleVar(F, Value, Acc));
+			      F(Tail, ProcessSingleVar(F, Value, Acc));
 			  _ ->
-			      F(F, Tail, Acc)
+			      F(Tail, Acc)
 		      end;
-		 (F, [{Type, Value} | Tail], Acc) when
+		  F([{Type, Value} | Tail], Acc) when
 			Type == if_rebar3 orelse
 			Type == if_not_rebar3 ->
 		      Flag = Type == if_rebar3,
 		      case IsRebar3 == Flag of
 			  true ->
-			      F(F, Tail, ProcessSingleVar(F, Value, Acc));
+			      F(Tail, ProcessSingleVar(F, Value, Acc));
 			  _ ->
-			      F(F, Tail, Acc)
+			      F(Tail, Acc)
 		      end;
-		 (F, [{Type, Var, Match, Value} | Tail], Acc) when
+		  F([{Type, Var, Match, Value} | Tail], Acc) when
 			Type == if_var_match orelse
 			Type == if_var_no_match ->
 		      case proplists:get_value(Var, Vars) of
 			  V when V == Match ->
-			      F(F, Tail, ProcessSingleVar(F, Value, Acc));
+			      F(Tail, ProcessSingleVar(F, Value, Acc));
 			  _ ->
-			      F(F, Tail, Acc)
+			      F(Tail, Acc)
 		      end;
-		 (F, [{if_have_fun, MFA, Value} | Tail], Acc) ->
+		  F([{if_have_fun, MFA, Value} | Tail], Acc) ->
 		      {Mod, Fun, Arity} = MFA,
 		      code:ensure_loaded(Mod),
 		      case erlang:function_exported(Mod, Fun, Arity) of
 			  true ->
-			      F(F, Tail, ProcessSingleVar(F, Value, Acc));
+			      F(Tail, ProcessSingleVar(F, Value, Acc));
 			  false ->
-			      F(F, Tail, Acc)
+			      F(Tail, Acc)
 		      end;
-		 (F, [Other1 | Tail1], Acc) ->
-		      F(F, Tail1, [F(F, Other1, []) | Acc]);
-		 (F, Val, Acc) when is_tuple(Val) ->
-		      list_to_tuple(F(F, tuple_to_list(Val), Acc));
-		 (_F, Other2, _Acc) ->
+		  F([Other1 | Tail1], Acc) ->
+		      F(Tail1, [F(Other1, []) | Acc]);
+		  F(Val, Acc) when is_tuple(Val) ->
+		      list_to_tuple(F(tuple_to_list(Val), Acc));
+		  F(Other2, _Acc) ->
 		      Other2
 	      end,

@@ -205,15 +204,35 @@ fun(DepsList) ->
 		  end, DepsList)
 end,

+DepAlts = fun("esip") -> ["esip", "p1_sip"];
+	     ("xmpp") -> ["xmpp", "p1_xmpp"];
+	     ("fast_xml") -> ["fast_xml", "p1_xml"];
+	     (Val) -> [Val]
+	  end,
+
+LibDirInt = fun F([Dep|Rest], Suffix) ->
+		 case code:lib_dir(Dep) of
+		     {error, _} ->
+			 F(Rest, Suffix);
+		     V -> V ++ Suffix
+		 end;
+	    F([], _) ->
+		 error
+	 end,
+
+LibDir = fun(Name, Suffix) ->
+		 LibDirInt(DepAlts(Name), Suffix)
+	 end,
+
 GlobalDepsFilter =
 fun(Deps) ->
 	DepNames = lists:map(fun({DepName, _, _}) -> DepName;
 				({DepName, _}) -> DepName
 			     end, Deps),
 	lists:filtermap(fun(Dep) ->
-				case code:lib_dir(Dep) of
-				    {error, _} ->
-					{true, "Unable to locate dep '" ++ atom_to_list(Dep) ++ "' in system deps."};
+				case LibDir(atom_to_list(Dep), "") of
+				    error ->
+					exit("Unable to locate dep '" ++ atom_to_list(Dep) ++ "' in system deps.");
 				    _ ->
 					false
 				end
@@ -233,9 +252,10 @@ ResolveDepPath = case {SystemDeps, IsRebar3} of
 		     {true, _} ->
 			 fun("deps/" ++ Rest) ->
 				 Slash = string:str(Rest, "/"),
-				 code:lib_dir(
-				   string:sub_string(Rest, 1, Slash -1)) ++
-				     string:sub_string(Rest, Slash);
+				 case LibDir(string:sub_string(Rest, 1, Slash -1), string:sub_string(Rest, Slash)) of
+				     error -> Rest;
+				     V -> V
+				 end;
 			    (Path) ->
 				 Path
 			 end;
@@ -257,7 +277,7 @@ ResolveDepPath = case {SystemDeps, IsRebar3} of
 CtParams = fun(CompileOpts) ->
 		   ["-ct_hooks cth_surefire ",
 		    lists:map(fun({i, IncPath}) ->
-				      [" -include ", filename:join([Cwd, ResolveDepPath(IncPath)])]
+				      [" -include ", filename:absname(ResolveDepPath(IncPath), Cwd)]
 			      end, CompileOpts),
 		    TestConfig]
 	   end,
@@ -278,8 +298,8 @@ GenDepsConfigure =
 fun(Hooks) ->
 	lists:map(fun({Pkg, Flags}) ->
 			  DepPath = ResolveDepPath("deps/" ++ Pkg ++ "/"),
-			  {add, list_to_atom(Pkg), [{pre_hooks, {'compile',
-			   lists:flatten(GenDepConfigureLine(DepPath, Flags))}}]}
+			  Line = lists:flatten(GenDepConfigureLine(DepPath, Flags)),
+			  {add, list_to_atom(Pkg), [{pre_hooks, [{'compile', Line}, {'configure-deps', Line}]}]}
 		  end, Hooks)
 end,

@@ -352,7 +372,7 @@ Rules = [
 	],

 Config = [{plugin_dir, filename:join([filename:dirname(SCRIPT),"plugins"])}]++
-FilterConfig(FilterConfig, ProcessVars(ProcessVars, CONFIG, []), Rules),
+FilterConfig(ProcessVars(CONFIG, []), Rules),

 %io:format("ejabberd configuration:~n  ~p~n", [Config]),

@@ -109,9 +109,9 @@ CREATE TABLE archive (
 );

 CREATE INDEX i_archive_sh_username_timestamp ON archive (server_host, username, timestamp);
+CREATE INDEX i_archive_sh_username_peer ON archive (server_host, username, peer);
+CREATE INDEX i_archive_sh_username_bare_peer ON archive (server_host, username, bare_peer);
 CREATE INDEX i_archive_sh_timestamp ON archive (server_host, timestamp);
-CREATE INDEX i_archive_sh_peer ON archive (server_host, peer);
-CREATE INDEX i_archive_sh_bare_peer ON archive (server_host, bare_peer);

 CREATE TABLE archive_prefs (
    username text NOT NULL,
@@ -259,8 +259,8 @@ CREATE TABLE pubsub_item (
  nodeid bigint REFERENCES pubsub_node(nodeid) ON DELETE CASCADE,
  itemid text NOT NULL,
  publisher text NOT NULL,
-  creation text NOT NULL,
-  modification text NOT NULL,
+  creation varchar(32) NOT NULL,
+  modification varchar(32) NOT NULL,
  payload text NOT NULL DEFAULT ''
 );
 CREATE INDEX i_pubsub_item_itemid ON pubsub_item (itemid);
@@ -329,16 +329,6 @@ CREATE TABLE muc_room_subscribers (
 CREATE INDEX i_muc_room_subscribers_host_jid ON muc_room_subscribers(host, jid);
 CREATE UNIQUE INDEX i_muc_room_subscribers_host_room_jid ON muc_room_subscribers(host, room, jid);

-CREATE TABLE irc_custom (
-    jid text NOT NULL,
-    host text NOT NULL,
-    server_host text NOT NULL,
-    data text NOT NULL,
-    created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP
-);
-
-CREATE UNIQUE INDEX i_irc_custom_jid_host ON irc_custom (jid, host);
-
 CREATE TABLE motd (
    username text NOT NULL,
    server_host text NOT NULL,
@@ -98,9 +98,9 @@ CREATE TABLE archive (
 );

 CREATE INDEX i_username_timestamp ON archive(username, timestamp);
+CREATE INDEX i_archive_username_peer ON archive (username, peer);
+CREATE INDEX i_archive_username_bare_peer ON archive (username, bare_peer);
 CREATE INDEX i_timestamp ON archive(timestamp);
-CREATE INDEX i_peer ON archive(peer);
-CREATE INDEX i_bare_peer ON archive(bare_peer);

 CREATE TABLE archive_prefs (
    username text NOT NULL PRIMARY KEY,
@@ -236,8 +236,8 @@ CREATE TABLE pubsub_item (
  nodeid bigint REFERENCES pubsub_node(nodeid) ON DELETE CASCADE,
  itemid text NOT NULL,
  publisher text NOT NULL,
-  creation text NOT NULL,
-  modification text NOT NULL,
+  creation varchar(32) NOT NULL,
+  modification varchar(32) NOT NULL,
  payload text NOT NULL DEFAULT ''
 );
 CREATE INDEX i_pubsub_item_itemid ON pubsub_item (itemid);
@@ -302,15 +302,6 @@ CREATE TABLE muc_room_subscribers (
 CREATE INDEX i_muc_room_subscribers_host_jid ON muc_room_subscribers(host, jid);
 CREATE UNIQUE INDEX i_muc_room_subscribers_host_room_jid ON muc_room_subscribers(host, room, jid);

-CREATE TABLE irc_custom (
-    jid text NOT NULL,
-    host text NOT NULL,
-    data text NOT NULL,
-    created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP
-);
-
-CREATE UNIQUE INDEX i_irc_custom_jid_host ON irc_custom (jid, host);
-
 CREATE TABLE motd (
    username text PRIMARY KEY,
    xml text,
@@ -41,15 +41,15 @@ CREATE TABLE [dbo].[archive] (
 CREATE INDEX [archive_username_timestamp] ON [archive] (username, timestamp)
 WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON);

+CREATE INDEX [archive_username_peer] ON [archive] (username, peer)
+WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON);
+
+CREATE INDEX [archive_username_bare_peer] ON [archive] (username, bare_peer)
+WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON);
+
 CREATE INDEX [archive_timestamp] ON [archive] (timestamp)
 WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON);

-CREATE INDEX [archive_peer] ON [archive] (peer)
-WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON);
-
-CREATE INDEX [archive_bare_peer] ON [archive] (bare_peer)
-WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON);
-
 CREATE TABLE [dbo].[archive_prefs] (
        [username] [varchar] (250) NOT NULL,
        [def] [text] NOT NULL,
@@ -72,16 +72,6 @@ CREATE TABLE [dbo].[caps_features] (
 CREATE CLUSTERED INDEX [caps_features_node_subnode] ON [caps_features] (node, subnode)
 WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON);

-CREATE TABLE [dbo].[irc_custom] (
-        [jid] [varchar] (255) NOT NULL,
-        [host] [varchar] (255) NOT NULL,
-        [data] [text] NOT NULL,
-        [created_at] [datetime] NOT NULL DEFAULT GETDATE()
-) TEXTIMAGE_ON [PRIMARY];
-
-CREATE UNIQUE CLUSTERED INDEX [irc_custom_jid_host] ON [irc_custom] (jid, host)
-WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON);
-
 CREATE TABLE [dbo].[last] (
        [username] [varchar] (250) NOT NULL,
        [seconds] [text] NOT NULL,
@@ -144,9 +134,9 @@ CREATE TABLE [dbo].[muc_online_users] (
    node text NOT NULL
 );

-CREATE UNIQUE CLUSTERED INDEX [muc_online_users_i] ON [muc_online_users] (username, server, resource, name, host)
+CREATE UNIQUE INDEX [muc_online_users_i] ON [muc_online_users] (username, server, resource, name, host)
 WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON);
-CREATE UNIQUE CLUSTERED INDEX [muc_online_users_us] ON [muc_online_users] (username, server);
+CREATE UNIQUE CLUSTERED INDEX [muc_online_users_us] ON [muc_online_users] (username, server)
 WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON);

 CREATE TABLE [dbo].[muc_room_subscribers] (
@@ -220,8 +210,8 @@ CREATE TABLE [dbo].[pubsub_item] (
        [nodeid] [bigint] NULL,
        [itemid] [varchar] (255) NOT NULL,
        [publisher] [text] NOT NULL,
-        [creation] [text] NOT NULL,
-        [modification] [varchar] (255) NOT NULL,
+        [creation] [varchar] (32) NOT NULL,
+        [modification] [varchar] (32) NOT NULL,
        [payload] [text] NOT NULL DEFAULT ''
 ) TEXTIMAGE_ON [PRIMARY];

@@ -539,7 +529,7 @@ CREATE TABLE [dbo].[bosh] (
 (
        [sid] ASC
 )WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON)
-) TEXTIMAGE_ON [PRIMARY];
+);

 CREATE TABLE [dbo].[carboncopy] (
    [username] [varchar] (255) NOT NULL,
@@ -565,5 +555,5 @@ CREATE TABLE [dbo].[push_session] (
 CREATE UNIQUE CLUSTERED INDEX [i_push_usn] ON [push_session] (username, service, node)
 WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON);

-CREATE UNIQUE CLUSTERED INDEX [i_push_ut] ON [push_session] (username, timestamp)
+CREATE UNIQUE INDEX [i_push_ut] ON [push_session] (username, timestamp)
 WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON);
@@ -90,7 +90,7 @@ CREATE INDEX i_sr_user_sh_grp ON sr_user(server_host(191), grp);
 CREATE TABLE spool (
    username varchar(191) NOT NULL,
    server_host text NOT NULL,
-    xml BLOB NOT NULL,
+    xml mediumtext NOT NULL,
    seq BIGINT UNSIGNED NOT NULL AUTO_INCREMENT UNIQUE,
    created_at timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP
 ) ENGINE=InnoDB CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
@@ -104,8 +104,8 @@ CREATE TABLE archive (
    timestamp BIGINT UNSIGNED NOT NULL,
    peer varchar(191) NOT NULL,
    bare_peer varchar(191) NOT NULL,
-    xml text NOT NULL,
-    txt text,
+    xml mediumtext NOT NULL,
+    txt mediumtext,
    id BIGINT UNSIGNED NOT NULL AUTO_INCREMENT UNIQUE,
    kind varchar(10),
    nick varchar(191),
@@ -113,10 +113,10 @@ CREATE TABLE archive (
 ) ENGINE=InnoDB CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;

 CREATE FULLTEXT INDEX i_text ON archive(txt);
-CREATE INDEX i_archive_sh_username_timestamp USING BTREE ON archive(server_host(191), username,timestamp);
+CREATE INDEX i_archive_sh_username_timestamp USING BTREE ON archive(server_host(191), username(191), timestamp);
+CREATE INDEX i_archive_sh_username_peer USING BTREE ON archive(server_host(191), username(191), peer(191));
+CREATE INDEX i_archive_sh_username_bare_peer USING BTREE ON archive(server_host(191), username(191), bare_peer(191));
 CREATE INDEX i_archive_sh_timestamp USING BTREE ON archive(server_host(191), timestamp);
-CREATE INDEX i_archive_sh_peer USING BTREE ON archive(server_host(191), peer);
-CREATE INDEX i_archive_sh_bare_peer USING BTREE ON archive(server_host(191), bare_peer);

 CREATE TABLE archive_prefs (
    username varchar(191) NOT NULL,
@@ -274,8 +274,8 @@ CREATE TABLE pubsub_item (
  nodeid bigint,
  itemid text NOT NULL,
  publisher text NOT NULL,
-  creation text NOT NULL,
-  modification text NOT NULL,
+  creation varchar(32) NOT NULL,
+  modification varchar(32) NOT NULL,
  payload text NOT NULL
 ) ENGINE=InnoDB CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
 CREATE INDEX i_pubsub_item_itemid ON pubsub_item(itemid(36));
@@ -345,16 +345,6 @@ CREATE TABLE muc_room_subscribers (

 CREATE INDEX i_muc_room_subscribers_host_jid USING BTREE ON muc_room_subscribers(host, jid);

-CREATE TABLE irc_custom (
-    jid text NOT NULL,
-    host text NOT NULL,
-    server_host text NOT NULL,
-    data text NOT NULL,
-    created_at timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP
-) ENGINE=InnoDB CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
-
-CREATE UNIQUE INDEX i_irc_custom_jid_host USING BTREE ON irc_custom(jid(75), host(75));
-
 CREATE TABLE motd (
    username varchar(191) NOT NULL,
    server_host text NOT NULL,
@@ -422,7 +412,7 @@ CREATE TABLE carboncopy (
    PRIMARY KEY (server_host(191), username(191), resource(191))
 ) ENGINE=InnoDB CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;

-CREATE INDEX i_carboncopy_sh_user ON carboncopy (server_host, username(75));
+CREATE INDEX i_carboncopy_sh_user ON carboncopy (server_host(191), username(75));

 CREATE TABLE proxy65 (
    sid text NOT NULL,
@@ -446,4 +436,4 @@ CREATE TABLE push_session (
    PRIMARY KEY (server_host(191), username(191), timestamp)
 );

-CREATE UNIQUE INDEX i_push_session_susn ON push_session (server_host, username(191), service(191), node(191));
+CREATE UNIQUE INDEX i_push_session_susn ON push_session (server_host(191), username(191), service(191), node(191));
@@ -80,7 +80,7 @@ CREATE INDEX i_sr_user_grp ON sr_user(grp);

 CREATE TABLE spool (
    username varchar(191) NOT NULL,
-    xml BLOB NOT NULL,
+    xml mediumtext NOT NULL,
    seq BIGINT UNSIGNED NOT NULL AUTO_INCREMENT UNIQUE,
    created_at timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP
 ) ENGINE=InnoDB CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
@@ -93,8 +93,8 @@ CREATE TABLE archive (
    timestamp BIGINT UNSIGNED NOT NULL,
    peer varchar(191) NOT NULL,
    bare_peer varchar(191) NOT NULL,
-    xml text NOT NULL,
-    txt text,
+    xml mediumtext NOT NULL,
+    txt mediumtext,
    id BIGINT UNSIGNED NOT NULL AUTO_INCREMENT UNIQUE,
    kind varchar(10),
    nick varchar(191),
@@ -102,10 +102,10 @@ CREATE TABLE archive (
 ) ENGINE=InnoDB CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;

 CREATE FULLTEXT INDEX i_text ON archive(txt);
-CREATE INDEX i_username_timestamp USING BTREE ON archive(username,timestamp);
+CREATE INDEX i_username_timestamp USING BTREE ON archive(username(191), timestamp);
+CREATE INDEX i_username_peer USING BTREE ON archive(username(191), peer(191));
+CREATE INDEX i_username_bare_peer USING BTREE ON archive(username(191), bare_peer(191));
 CREATE INDEX i_timestamp USING BTREE ON archive(timestamp);
-CREATE INDEX i_peer USING BTREE ON archive(peer);
-CREATE INDEX i_bare_peer USING BTREE ON archive(bare_peer);

 CREATE TABLE archive_prefs (
    username varchar(191) NOT NULL PRIMARY KEY,
@@ -251,8 +251,8 @@ CREATE TABLE pubsub_item (
  nodeid bigint,
  itemid text NOT NULL,
  publisher text NOT NULL,
-  creation text NOT NULL,
-  modification text NOT NULL,
+  creation varchar(32) NOT NULL,
+  modification varchar(32) NOT NULL,
  payload text NOT NULL
 ) ENGINE=InnoDB CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
 CREATE INDEX i_pubsub_item_itemid ON pubsub_item(itemid(36));
@@ -318,15 +318,6 @@ CREATE TABLE muc_room_subscribers (

 CREATE INDEX i_muc_room_subscribers_host_jid USING BTREE ON muc_room_subscribers(host, jid);

-CREATE TABLE irc_custom (
-    jid text NOT NULL,
-    host text NOT NULL,
-    data text NOT NULL,
-    created_at timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP
-) ENGINE=InnoDB CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
-
-CREATE UNIQUE INDEX i_irc_custom_jid_host USING BTREE ON irc_custom(jid(75), host(75));
-
 CREATE TABLE motd (
    username varchar(191) PRIMARY KEY,
    xml text,
@@ -61,15 +61,14 @@
 -- ALTER TABLE spool ALTER COLUMN server_host DROP DEFAULT;

 -- ALTER TABLE archive ADD COLUMN server_host text NOT NULL DEFAULT '<HOST>';
-- DROP INDEX i_username;
 -- DROP INDEX i_username_timestamp;
+-- DROP INDEX i_username_peer;
+-- DROP INDEX i_username_bare_peer;
 -- DROP INDEX i_timestamp;
-- DROP INDEX i_peer;
-- DROP INDEX i_bare_peer;
 -- CREATE INDEX i_archive_sh_username_timestamp ON archive USING btree (server_host, username, timestamp);
+-- CREATE INDEX i_archive_sh_username_peer ON archive USING btree (server_host, username, peer);
+-- CREATE INDEX i_archive_sh_username_bare_peer ON archive USING btree (server_host, username, bare_peer);
 -- CREATE INDEX i_archive_sh_timestamp ON archive USING btree (server_host, timestamp);
-- CREATE INDEX i_archive_sh_peer ON archive USING btree (server_host, peer);
-- CREATE INDEX i_archive_sh_bare_peer ON archive USING btree (server_host, bare_peer);
 -- ALTER TABLE archive ALTER COLUMN server_host DROP DEFAULT;

 -- ALTER TABLE archive_prefs ADD COLUMN server_host text NOT NULL DEFAULT '<HOST>';
@@ -145,9 +144,6 @@
 -- ALTER TABLE muc_online_users ADD COLUMN server_host text NOT NULL DEFAULT '<HOST>';
 -- ALTER TABLE muc_online_users ALTER COLUMN server_host DROP DEFAULT;

-- ALTER TABLE irc_custom ADD COLUMN server_host text NOT NULL DEFAULT '<HOST>';
-- ALTER TABLE irc_custom ALTER COLUMN server_host DROP DEFAULT;
-
 -- ALTER TABLE motd ADD COLUMN server_host text NOT NULL DEFAULT '<HOST>';
 -- ALTER TABLE motd DROP CONSTRAINT motd_pkey;
 -- ALTER TABLE motd ADD PRIMARY KEY (server_host, username);
@@ -265,9 +261,9 @@ CREATE TABLE archive (
 );

 CREATE INDEX i_archive_sh_username_timestamp ON archive USING btree (server_host, username, timestamp);
+CREATE INDEX i_archive_sh_username_peer ON archive USING btree (server_host, username, peer);
+CREATE INDEX i_archive_sh_username_bare_peer ON archive USING btree (server_host, username, bare_peer);
 CREATE INDEX i_archive_sh_timestamp ON archive USING btree (server_host, timestamp);
-CREATE INDEX i_archive_sh_peer ON archive USING btree (server_host, peer);
-CREATE INDEX i_archive_sh_bare_peer ON archive USING btree (server_host, bare_peer);

 CREATE TABLE archive_prefs (
    username text NOT NULL,
@@ -429,8 +425,8 @@ CREATE TABLE pubsub_item (
  nodeid bigint REFERENCES pubsub_node(nodeid) ON DELETE CASCADE,
  itemid text NOT NULL,
  publisher text NOT NULL,
-  creation text NOT NULL,
-  modification text NOT NULL,
+  creation varchar(32) NOT NULL,
+  modification varchar(32) NOT NULL,
  payload text NOT NULL DEFAULT ''
 );
 CREATE INDEX i_pubsub_item_itemid ON pubsub_item USING btree (itemid);
@@ -499,16 +495,6 @@ CREATE TABLE muc_room_subscribers (
 CREATE INDEX i_muc_room_subscribers_host_jid ON muc_room_subscribers USING btree (host, jid);
 CREATE UNIQUE INDEX i_muc_room_subscribers_host_room_jid ON muc_room_subscribers USING btree (host, room, jid);

-CREATE TABLE irc_custom (
-    jid text NOT NULL,
-    host text NOT NULL,
-    server_host text NOT NULL,
-    data text NOT NULL,
-    created_at TIMESTAMP NOT NULL DEFAULT now()
-);
-
-CREATE UNIQUE INDEX i_irc_custom_jid_host ON irc_custom USING btree (jid, host);
-
 CREATE TABLE motd (
    username text NOT NULL,
    server_host text NOT NULL,
@@ -102,9 +102,9 @@ CREATE TABLE archive (
 );

 CREATE INDEX i_username_timestamp ON archive USING btree (username, timestamp);
+CREATE INDEX i_username_peer ON archive USING btree (username, peer);
+CREATE INDEX i_username_bare_peer ON archive USING btree (username, bare_peer);
 CREATE INDEX i_timestamp ON archive USING btree (timestamp);
-CREATE INDEX i_peer ON archive USING btree (peer);
-CREATE INDEX i_bare_peer ON archive USING btree (bare_peer);

 CREATE TABLE archive_prefs (
    username text NOT NULL PRIMARY KEY,
@@ -254,8 +254,8 @@ CREATE TABLE pubsub_item (
  nodeid bigint REFERENCES pubsub_node(nodeid) ON DELETE CASCADE,
  itemid text NOT NULL,
  publisher text NOT NULL,
-  creation text NOT NULL,
-  modification text NOT NULL,
+  creation varchar(32) NOT NULL,
+  modification varchar(32) NOT NULL,
  payload text NOT NULL DEFAULT ''
 );
 CREATE INDEX i_pubsub_item_itemid ON pubsub_item USING btree (itemid);
@@ -320,15 +320,6 @@ CREATE TABLE muc_room_subscribers (
 CREATE INDEX i_muc_room_subscribers_host_jid ON muc_room_subscribers USING btree (host, jid);
 CREATE UNIQUE INDEX i_muc_room_subscribers_host_room_jid ON muc_room_subscribers USING btree (host, room, jid);

-CREATE TABLE irc_custom (
-    jid text NOT NULL,
-    host text NOT NULL,
-    data text NOT NULL,
-    created_at TIMESTAMP NOT NULL DEFAULT now()
-);
-
-CREATE UNIQUE INDEX i_irc_custom_jid_host ON irc_custom USING btree (jid, host);
-
 CREATE TABLE motd (
    username text PRIMARY KEY,
    xml text,
@@ -5,7 +5,7 @@
 %%% Created : 18 Jan 2003 by Alexey Shchepin <alexey@process-one.net>
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2018   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -36,14 +36,13 @@
 	 any_rules_allowed/3, transform_options/1, opt_type/1,
 	 acl_rule_matches/3, acl_rule_verify/1, access_matches/3,
 	 transform_access_rules_config/1,
-	 parse_ip_netmask/1,
+	 parse_ip_netmask/1, ip_matches_mask/3,
 	 access_rules_validator/1, shaper_rules_validator/1,
 	 normalize_spec/1, resolve_access/2]).
 %% gen_server callbacks
 -export([init/1, handle_call/3, handle_cast/2, handle_info/2,
 	 terminate/2, code_change/3]).

-include("ejabberd.hrl").
 -include("logger.hrl").
 -include("jid.hrl").

@@ -195,7 +194,7 @@ add_access(Host, Access, Rules) ->
 -spec load_from_config() -> ok.

 load_from_config() ->
-    Hosts = [global|?MYHOSTS],
+    Hosts = [global|ejabberd_config:get_myhosts()],
    lists:foreach(
      fun(Host) ->
              ACLs = ejabberd_config:get_option(
@@ -313,7 +312,7 @@ normalize_spec(Spec) ->
                {ok, Net, Mask} ->
                    {ip, {Net, Mask}};
                error ->
-                    ?INFO_MSG("Invalid network address: ~p", [S]),
+                    ?WARNING_MSG("Invalid network address: ~p", [S]),
                    none
 	    end;
 	BadVal ->
@@ -447,13 +446,13 @@ acl_rule_matches({acl, Name}, Data, Host) ->
    RawACLs = lists:map(fun(#acl{aclspec = R}) -> R end, ACLs),
    any_acl_rules_matches(RawACLs, Data, Host);
 acl_rule_matches({ip, {Net, Mask}}, #{ip := {IP, _Port}}, _Host) ->
-    is_ip_match(IP, Net, Mask);
+    ip_matches_mask(IP, Net, Mask);
 acl_rule_matches({ip, {Net, Mask}}, #{ip := IP}, _Host) ->
-    is_ip_match(IP, Net, Mask);
+    ip_matches_mask(IP, Net, Mask);
 acl_rule_matches({user, {U, S}}, #{usr := {U, S, _}}, _Host) ->
    true;
 acl_rule_matches({user, U}, #{usr := {U, S, _}}, _Host) ->
-    lists:member(S, ?MYHOSTS);
+    lists:member(S, ejabberd_config:get_myhosts());
 acl_rule_matches({server, S}, #{usr := {_, S, _}}, _Host) ->
    true;
 acl_rule_matches({resource, R}, #{usr := {_, _, R}}, _Host) ->
@@ -467,7 +466,7 @@ acl_rule_matches({shared_group, G}, #{usr := {U, S, _}}, Host) ->
 acl_rule_matches({user_regexp, {UR, S}}, #{usr := {U, S, _}}, _Host) ->
    is_regexp_match(U, UR);
 acl_rule_matches({user_regexp, UR}, #{usr := {U, S, _}}, _Host) ->
-    lists:member(S, ?MYHOSTS) andalso is_regexp_match(U, UR);
+    lists:member(S, ejabberd_config:get_myhosts()) andalso is_regexp_match(U, UR);
 acl_rule_matches({server_regexp, SR}, #{usr := {_, S, _}}, _Host) ->
    is_regexp_match(S, SR);
 acl_rule_matches({resource_regexp, RR}, #{usr := {_, _, R}}, _Host) ->
@@ -477,7 +476,7 @@ acl_rule_matches({node_regexp, {UR, SR}}, #{usr := {U, S, _}}, _Host) ->
 acl_rule_matches({user_glob, {UR, S}}, #{usr := {U, S, _}}, _Host) ->
    is_glob_match(U, UR);
 acl_rule_matches({user_glob, UR}, #{usr := {U, S, _}}, _Host) ->
-    lists:member(S, ?MYHOSTS) andalso is_glob_match(U, UR);
+    lists:member(S, ejabberd_config:get_myhosts()) andalso is_glob_match(U, UR);
 acl_rule_matches({server_glob, SR}, #{usr := {_, S, _}}, _Host) ->
    is_glob_match(S, SR);
 acl_rule_matches({resource_glob, RR}, #{usr := {_, _, R}}, _Host) ->
@@ -549,18 +548,30 @@ is_glob_match(String, Glob) ->
    is_regexp_match(String,
 		    ejabberd_regexp:sh_to_awk(Glob)).

-is_ip_match({_, _, _, _} = IP, {_, _, _, _} = Net, Mask) ->
+ip_matches_mask({_, _, _, _} = IP, {_, _, _, _} = Net, Mask) ->
    IPInt = ip_to_integer(IP),
    NetInt = ip_to_integer(Net),
    M = bnot (1 bsl (32 - Mask) - 1),
    IPInt band M =:= NetInt band M;
-is_ip_match({_, _, _, _, _, _, _, _} = IP,
-            {_, _, _, _, _, _, _, _} = Net, Mask) ->
+ip_matches_mask({_, _, _, _, _, _, _, _} = IP,
+		{_, _, _, _, _, _, _, _} = Net, Mask) ->
    IPInt = ip_to_integer(IP),
    NetInt = ip_to_integer(Net),
    M = bnot (1 bsl (128 - Mask) - 1),
    IPInt band M =:= NetInt band M;
-is_ip_match(_, _, _) ->
+ip_matches_mask({_, _, _, _} = IP,
+		{0, 0, 0, 0, 0, 16#FFFF, _, _} = Net, Mask) ->
+    IPInt = ip_to_integer({0, 0, 0, 0, 0, 16#FFFF, 0, 0}) + ip_to_integer(IP),
+    NetInt = ip_to_integer(Net),
+    M = bnot (1 bsl (128 - Mask) - 1),
+    IPInt band M =:= NetInt band M;
+ip_matches_mask({0, 0, 0, 0, 0, 16#FFFF, _, _} = IP,
+		{_, _, _, _} = Net, Mask) ->
+    IPInt = ip_to_integer(IP) - ip_to_integer({0, 0, 0, 0, 0, 16#FFFF, 0, 0}),
+    NetInt = ip_to_integer(Net),
+    M = bnot (1 bsl (32 - Mask) - 1),
+    IPInt band M =:= NetInt band M;
+ip_matches_mask(_, _, _) ->
    false.

 ip_to_integer({IP1, IP2, IP3, IP4}) ->
@@ -14,7 +14,6 @@
 %% 3. tls-sni-01: https://tools.ietf.org/html/draft-ietf-acme-acme-05#section-7.4
 %% 4. (?) oob-01:  https://tools.ietf.org/html/draft-ietf-acme-acme-05#section-7.5

-include("ejabberd.hrl").
 -include("logger.hrl").
 -include("xmpp.hrl").
 -include("ejabberd_http.hrl").
@@ -100,7 +99,7 @@ solve_challenge1(Chal = #challenge{type = <<"http-01">>, token=Tkn}, Key) ->
    ets_put_key_authorization(Tkn, KeyAuthz),
    {ok, Chal#challenge.uri, KeyAuthz};
 solve_challenge1(Challenge, _Key) ->
-    ?ERROR_MSG("Unkown Challenge Type: ~p", [Challenge]),
+    ?ERROR_MSG("Unknown Challenge Type: ~p", [Challenge]),
    {error, unknown_challenge}.


@@ -1,230 +0,0 @@
-%%%----------------------------------------------------------------------
-%%% File    : cyrsasl.erl
-%%% Author  : Alexey Shchepin <alexey@process-one.net>
-%%% Purpose : Cyrus SASL-like library
-%%% Created :  8 Mar 2003 by Alexey Shchepin <alexey@process-one.net>
-%%%
-%%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
-%%%
-%%% This program is free software; you can redistribute it and/or
-%%% modify it under the terms of the GNU General Public License as
-%%% published by the Free Software Foundation; either version 2 of the
-%%% License, or (at your option) any later version.
-%%%
-%%% This program is distributed in the hope that it will be useful,
-%%% but WITHOUT ANY WARRANTY; without even the implied warranty of
-%%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-%%% General Public License for more details.
-%%%
-%%% You should have received a copy of the GNU General Public License along
-%%% with this program; if not, write to the Free Software Foundation, Inc.,
-%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-%%%
-%%%----------------------------------------------------------------------
-
-module(cyrsasl).
-
-author('alexey@process-one.net').
-behaviour(gen_server).
-
-export([start_link/0, register_mechanism/3, listmech/1,
-	 server_new/7, server_start/3, server_step/2,
-	 get_mech/1, format_error/2]).
-%% gen_server callbacks
-export([init/1, handle_call/3, handle_cast/2, handle_info/2,
-	 terminate/2, code_change/3]).
-
-include("ejabberd.hrl").
-include("logger.hrl").
-
-record(state, {}).
-
-record(sasl_mechanism,
-        {mechanism = <<"">>    :: mechanism() | '$1',
-         module                :: atom(),
-         password_type = plain :: password_type() | '$2'}).
-
-type(mechanism() :: binary()).
-type(mechanisms() :: [mechanism(),...]).
-type(password_type() :: plain | digest | scram).
-type sasl_property() :: {username, binary()} |
-			 {authzid, binary()} |
-			 {mechanism, binary()} |
-			 {auth_module, atom()}.
-type sasl_return() :: {ok, [sasl_property()]} |
-		       {ok, [sasl_property()], binary()} |
-		       {continue, binary(), sasl_state()} |
-		       {error, atom(), binary()}.
-
-type(sasl_mechanism() :: #sasl_mechanism{}).
-type error_reason() :: cyrsasl_digest:error_reason() |
-			cyrsasl_oauth:error_reason() |
-			cyrsasl_plain:error_reason() |
-			cyrsasl_scram:error_reason() |
-			unsupported_mechanism | nodeprep_failed |
-			empty_username | aborted.
-record(sasl_state,
-{
-    service,
-    myname,
-    realm,
-    get_password,
-    check_password,
-    check_password_digest,
-    mech_name = <<"">>,
-    mech_mod,
-    mech_state
-}).
-type sasl_state() :: #sasl_state{}.
-export_type([mechanism/0, mechanisms/0, sasl_mechanism/0, error_reason/0,
-	      sasl_state/0, sasl_return/0, sasl_property/0]).
-
-callback start(list()) -> any().
-callback stop() -> any().
-callback mech_new(binary(), fun(), fun(), fun()) -> any().
-callback mech_step(any(), binary()) -> sasl_return().
-
-start_link() ->
-    gen_server:start_link({local, ?MODULE}, ?MODULE, [], []).
-
-init([]) ->
-    ets:new(sasl_mechanism,
-	    [named_table, public,
-	     {keypos, #sasl_mechanism.mechanism}]),
-    cyrsasl_plain:start([]),
-    cyrsasl_digest:start([]),
-    cyrsasl_scram:start([]),
-    cyrsasl_anonymous:start([]),
-    cyrsasl_oauth:start([]),
-    {ok, #state{}}.
-
-handle_call(_Request, _From, State) ->
-    Reply = ok,
-    {reply, Reply, State}.
-
-handle_cast(_Msg, State) ->
-    {noreply, State}.
-
-handle_info(_Info, State) ->
-    {noreply, State}.
-
-terminate(_Reason, _State) ->
-    cyrsasl_plain:stop(),
-    cyrsasl_digest:stop(),
-    cyrsasl_scram:stop(),
-    cyrsasl_anonymous:stop(),
-    cyrsasl_oauth:stop().
-
-code_change(_OldVsn, State, _Extra) ->
-    {ok, State}.
-
-spec format_error(mechanism() | sasl_state(), error_reason()) -> {atom(), binary()}.
-format_error(_, unsupported_mechanism) ->
-    {'invalid-mechanism', <<"Unsupported mechanism">>};
-format_error(_, nodeprep_failed) ->
-    {'bad-protocol', <<"Nodeprep failed">>};
-format_error(_, empty_username) ->
-    {'bad-protocol', <<"Empty username">>};
-format_error(_, aborted) ->
-    {'aborted', <<"Aborted">>};
-format_error(#sasl_state{mech_mod = Mod}, Reason) ->
-    Mod:format_error(Reason);
-format_error(Mech, Reason) ->
-    case ets:lookup(sasl_mechanism, Mech) of
-	[#sasl_mechanism{module = Mod}] ->
-	    Mod:format_error(Reason);
-	[] ->
-	    {'invalid-mechanism', <<"Unsupported mechanism">>}
-    end.
-
-spec register_mechanism(Mechanim :: mechanism(), Module :: module(),
-			 PasswordType :: password_type()) -> any().
-
-register_mechanism(Mechanism, Module, PasswordType) ->
-	  ets:insert(sasl_mechanism,
-		     #sasl_mechanism{mechanism = Mechanism, module = Module,
-			       password_type = PasswordType}).
-
-check_credentials(_State, Props) ->
-    User = proplists:get_value(authzid, Props, <<>>),
-    case jid:nodeprep(User) of
-      error -> {error, nodeprep_failed};
-      <<"">> -> {error, empty_username};
-      _LUser -> ok
-    end.
-
-spec listmech(Host ::binary()) -> Mechanisms::mechanisms().
-
-listmech(Host) ->
-    ets:select(sasl_mechanism,
-		       [{#sasl_mechanism{mechanism = '$1',
-					 password_type = '$2', _ = '_'},
-			 case catch ejabberd_auth:store_type(Host) of
-			   external -> [{'==', '$2', plain}];
-			   scram -> [{'/=', '$2', digest}];
-			   {'EXIT', {undef, [{Module, store_type, []} | _]}} ->
-			       ?WARNING_MSG("~p doesn't implement the function store_type/0",
-					    [Module]),
-			       [];
-			   _Else -> []
-			 end,
-		 ['$1']}]).
-
-spec server_new(binary(), binary(), binary(), term(),
-		 fun(), fun(), fun()) -> sasl_state().
-server_new(Service, ServerFQDN, UserRealm, _SecFlags,
-	   GetPassword, CheckPassword, CheckPasswordDigest) ->
-    #sasl_state{service = Service, myname = ServerFQDN,
-		realm = UserRealm, get_password = GetPassword,
-		check_password = CheckPassword,
-		check_password_digest = CheckPasswordDigest}.
-
-spec server_start(sasl_state(), mechanism(), binary()) -> sasl_return().
-server_start(State, Mech, ClientIn) ->
-    case lists:member(Mech,
-		      listmech(State#sasl_state.myname))
-	of
-      true ->
-	  case ets:lookup(sasl_mechanism, Mech) of
-	    [#sasl_mechanism{module = Module}] ->
-		{ok, MechState} =
-		    Module:mech_new(State#sasl_state.myname,
-				    State#sasl_state.get_password,
-				    State#sasl_state.check_password,
-				    State#sasl_state.check_password_digest),
-		server_step(State#sasl_state{mech_mod = Module,
-					     mech_name = Mech,
-					     mech_state = MechState},
-			    ClientIn);
-	    _ -> {error, unsupported_mechanism, <<"">>}
-	  end;
-      false -> {error, unsupported_mechanism, <<"">>}
-    end.
-
-spec server_step(sasl_state(), binary()) -> sasl_return().
-server_step(State, ClientIn) ->
-    Module = State#sasl_state.mech_mod,
-    MechState = State#sasl_state.mech_state,
-    case Module:mech_step(MechState, ClientIn) of
-        {ok, Props} ->
-            case check_credentials(State, Props) of
-                ok             -> {ok, Props};
-                {error, Error} -> {error, Error, <<"">>}
-            end;
-        {ok, Props, ServerOut} ->
-            case check_credentials(State, Props) of
-                ok             -> {ok, Props, ServerOut};
-                {error, Error} -> {error, Error, <<"">>}
-            end;
-        {continue, ServerOut, NewMechState} ->
-            {continue, ServerOut, State#sasl_state{mech_state = NewMechState}};
-        {error, Error, Username} ->
-            {error, Error, Username};
-        {error, Error} ->
-            {error, Error, <<"">>}
-    end.
-
-spec get_mech(sasl_state()) -> binary().
-get_mech(#sasl_state{mech_name = Mech}) ->
-    Mech.
@@ -1,50 +0,0 @@
-%%%----------------------------------------------------------------------
-%%% File    : cyrsasl_anonymous.erl
-%%% Author  : Magnus Henoch <henoch@dtek.chalmers.se>
-%%% Purpose : ANONYMOUS SASL mechanism
-%%%  See http://www.ietf.org/internet-drafts/draft-ietf-sasl-anon-05.txt
-%%% Created : 23 Aug 2005 by Magnus Henoch <henoch@dtek.chalmers.se>
-%%%
-%%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
-%%%
-%%% This program is free software; you can redistribute it and/or
-%%% modify it under the terms of the GNU General Public License as
-%%% published by the Free Software Foundation; either version 2 of the
-%%% License, or (at your option) any later version.
-%%%
-%%% This program is distributed in the hope that it will be useful,
-%%% but WITHOUT ANY WARRANTY; without even the implied warranty of
-%%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-%%% General Public License for more details.
-%%%
-%%% You should have received a copy of the GNU General Public License along
-%%% with this program; if not, write to the Free Software Foundation, Inc.,
-%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-%%%
-%%%----------------------------------------------------------------------
-
-module(cyrsasl_anonymous).
-
-protocol({xep, 175, '1.2'}).
-
-export([start/1, stop/0, mech_new/4, mech_step/2]).
-
-behaviour(cyrsasl).
-
-record(state, {server = <<"">> :: binary()}).
-
-start(_Opts) ->
-    cyrsasl:register_mechanism(<<"ANONYMOUS">>, ?MODULE, plain).
-
-stop() -> ok.
-
-mech_new(Host, _GetPassword, _CheckPassword, _CheckPasswordDigest) ->
-    {ok, #state{server = Host}}.
-
-mech_step(#state{}, _ClientIn) ->
-    User = iolist_to_binary([randoms:get_string(),
-                             integer_to_binary(p1_time_compat:unique_integer([positive]))]),
-    {ok, [{username, User},
-	  {authzid, User},
-	  {auth_module, ejabberd_auth_anonymous}]}.
@@ -1,271 +0,0 @@
-%%%----------------------------------------------------------------------
-%%% File    : cyrsasl_digest.erl
-%%% Author  : Alexey Shchepin <alexey@sevcom.net>
-%%% Purpose : DIGEST-MD5 SASL mechanism
-%%% Created : 11 Mar 2003 by Alexey Shchepin <alexey@sevcom.net>
-%%%
-%%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
-%%%
-%%% This program is free software; you can redistribute it and/or
-%%% modify it under the terms of the GNU General Public License as
-%%% published by the Free Software Foundation; either version 2 of the
-%%% License, or (at your option) any later version.
-%%%
-%%% This program is distributed in the hope that it will be useful,
-%%% but WITHOUT ANY WARRANTY; without even the implied warranty of
-%%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-%%% General Public License for more details.
-%%%
-%%% You should have received a copy of the GNU General Public License along
-%%% with this program; if not, write to the Free Software Foundation, Inc.,
-%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-%%%
-%%%----------------------------------------------------------------------
-
-module(cyrsasl_digest).
-
-behaviour(ejabberd_config).
-
-author('alexey@sevcom.net').
-
-export([start/1, stop/0, mech_new/4, mech_step/2,
-	 parse/1, format_error/1, opt_type/1]).
-
-include("ejabberd.hrl").
-include("logger.hrl").
-
-behaviour(cyrsasl).
-
-type get_password_fun() :: fun((binary()) -> {false, any()} |
-                                              {binary(), atom()}).
-type check_password_fun() :: fun((binary(), binary(), binary(), binary(),
-                                   fun((binary()) -> binary())) ->
-                                           {boolean(), any()} |
-                                           false).
-type error_reason() :: parser_failed | invalid_digest_uri |
-			not_authorized | unexpected_response.
-export_type([error_reason/0]).
-
-record(state, {step = 1 :: 1 | 3 | 5,
-                nonce = <<"">> :: binary(),
-                username = <<"">> :: binary(),
-                authzid = <<"">> :: binary(),
-                get_password :: get_password_fun(),
-                check_password :: check_password_fun(),
-                auth_module :: atom(),
-                host = <<"">> :: binary(),
-                hostfqdn = [] :: [binary()]}).
-
-start(_Opts) ->
-    Fqdn = get_local_fqdn(),
-    ?INFO_MSG("FQDN used to check DIGEST-MD5 SASL authentication: ~s",
-	      [Fqdn]),
-    cyrsasl:register_mechanism(<<"DIGEST-MD5">>, ?MODULE,
-			       digest).
-
-stop() -> ok.
-
-spec format_error(error_reason()) -> {atom(), binary()}.
-format_error(parser_failed) ->
-    {'bad-protocol', <<"Response decoding failed">>};
-format_error(invalid_digest_uri) ->
-    {'bad-protocol', <<"Invalid digest URI">>};
-format_error(not_authorized) ->
-    {'not-authorized', <<"Invalid username or password">>};
-format_error(unexpected_response) ->
-    {'bad-protocol', <<"Unexpected response">>}.
-
-mech_new(Host, GetPassword, _CheckPassword,
-	 CheckPasswordDigest) ->
-    {ok,
-     #state{step = 1, nonce = randoms:get_string(),
-	    host = Host, hostfqdn = get_local_fqdn(),
-	    get_password = GetPassword,
-	    check_password = CheckPasswordDigest}}.
-
-mech_step(#state{step = 1, nonce = Nonce} = State, _) ->
-    {continue,
-     <<"nonce=\"", Nonce/binary,
-       "\",qop=\"auth\",charset=utf-8,algorithm=md5-sess">>,
-     State#state{step = 3}};
-mech_step(#state{step = 3, nonce = Nonce} = State,
-	  ClientIn) ->
-    case parse(ClientIn) of
-	bad -> {error, parser_failed};
-	KeyVals ->
-	  DigestURI = proplists:get_value(<<"digest-uri">>, KeyVals, <<>>),
-	  UserName = proplists:get_value(<<"username">>, KeyVals, <<>>),
-	  case is_digesturi_valid(DigestURI, State#state.host,
-				  State#state.hostfqdn)
-	      of
-	    false ->
-		?DEBUG("User login not authorized because digest-uri "
-		       "seems invalid: ~p (checking for Host "
-		       "~p, FQDN ~p)",
-		       [DigestURI, State#state.host, State#state.hostfqdn]),
-		{error, invalid_digest_uri, UserName};
-	    true ->
-		AuthzId = proplists:get_value(<<"authzid">>, KeyVals, <<>>),
-		case (State#state.get_password)(UserName) of
-		  {false, _} -> {error, not_authorized, UserName};
-		  {Passwd, AuthModule} ->
-		      case (State#state.check_password)(UserName, UserName, <<"">>,
-							proplists:get_value(<<"response">>, KeyVals, <<>>),
-							fun (PW) ->
-								response(KeyVals,
-									 UserName,
-									 PW,
-									 Nonce,
-									 AuthzId,
-									 <<"AUTHENTICATE">>)
-							end)
-			  of
-			{true, _} ->
-			    RspAuth = response(KeyVals, UserName, Passwd, Nonce,
-					       AuthzId, <<"">>),
-			    {continue, <<"rspauth=", RspAuth/binary>>,
-			     State#state{step = 5, auth_module = AuthModule,
-					 username = UserName,
-					 authzid = AuthzId}};
-			false -> {error, not_authorized, UserName};
-			{false, _} -> {error, not_authorized, UserName}
-		      end
-		end
-	  end
-    end;
-mech_step(#state{step = 5, auth_module = AuthModule,
-		 username = UserName, authzid = AuthzId},
-	  <<"">>) ->
-    {ok,
-     [{username, UserName}, {authzid, case AuthzId of
-        <<"">> -> UserName;
-        _ -> AuthzId
-      end
-    },
-      {auth_module, AuthModule}]};
-mech_step(A, B) ->
-    ?DEBUG("SASL DIGEST: A ~p B ~p", [A, B]),
-    {error, unexpected_response}.
-
-parse(S) -> parse1(binary_to_list(S), "", []).
-
-parse1([$= | Cs], S, Ts) ->
-    parse2(Cs, lists:reverse(S), "", Ts);
-parse1([$, | Cs], [], Ts) -> parse1(Cs, [], Ts);
-parse1([$\s | Cs], [], Ts) -> parse1(Cs, [], Ts);
-parse1([C | Cs], S, Ts) -> parse1(Cs, [C | S], Ts);
-parse1([], [], T) -> lists:reverse(T);
-parse1([], _S, _T) -> bad.
-
-parse2([$" | Cs], Key, Val, Ts) ->
-    parse3(Cs, Key, Val, Ts);
-parse2([C | Cs], Key, Val, Ts) ->
-    parse4(Cs, Key, [C | Val], Ts);
-parse2([], _, _, _) -> bad.
-
-parse3([$" | Cs], Key, Val, Ts) ->
-    parse4(Cs, Key, Val, Ts);
-parse3([$\\, C | Cs], Key, Val, Ts) ->
-    parse3(Cs, Key, [C | Val], Ts);
-parse3([C | Cs], Key, Val, Ts) ->
-    parse3(Cs, Key, [C | Val], Ts);
-parse3([], _, _, _) -> bad.
-
-parse4([$, | Cs], Key, Val, Ts) ->
-    parse1(Cs, "", [{list_to_binary(Key), list_to_binary(lists:reverse(Val))} | Ts]);
-parse4([$\s | Cs], Key, Val, Ts) ->
-    parse4(Cs, Key, Val, Ts);
-parse4([C | Cs], Key, Val, Ts) ->
-    parse4(Cs, Key, [C | Val], Ts);
-parse4([], Key, Val, Ts) ->
-%% @doc Check if the digest-uri is valid.
-%% RFC-2831 allows to provide the IP address in Host,
-%% however ejabberd doesn't allow that.
-%% If the service (for example jabber.example.org)
-%% is provided by several hosts (being one of them server3.example.org),
-%% then acceptable digest-uris would be:
-%% xmpp/server3.example.org/jabber.example.org, xmpp/server3.example.org and
-%% xmpp/jabber.example.org
-%% The last version is not actually allowed by the RFC, but implemented by popular clients
-    parse1([], "", [{list_to_binary(Key), list_to_binary(lists:reverse(Val))} | Ts]).
-
-is_digesturi_valid(DigestURICase, JabberDomain,
-		   JabberFQDN) ->
-    DigestURI = stringprep:tolower(DigestURICase),
-    case catch str:tokens(DigestURI, <<"/">>) of
-	[<<"xmpp">>, Host] ->
-	    IsHostFqdn = is_host_fqdn(Host, JabberFQDN),
-	    (Host == JabberDomain) or IsHostFqdn;
-	[<<"xmpp">>, Host, ServName] ->
-	    IsHostFqdn = is_host_fqdn(Host, JabberFQDN),
-	    (ServName == JabberDomain) and IsHostFqdn;
-	_ ->
-	    false
-    end.
-
-is_host_fqdn(_Host, []) ->
-    false;
-is_host_fqdn(Host, [Fqdn | _FqdnTail]) when Host == Fqdn ->
-    true;
-is_host_fqdn(Host, [Fqdn | FqdnTail]) when Host /= Fqdn ->
-    is_host_fqdn(Host, FqdnTail).
-
-get_local_fqdn() ->
-    case ejabberd_config:get_option(fqdn) of
-	undefined ->
-	    {ok, Hostname} = inet:gethostname(),
-	    {ok, {hostent, Fqdn, _, _, _, _}} = inet:gethostbyname(Hostname),
-	    [list_to_binary(Fqdn)];
-	Fqdn ->
-	    Fqdn
-    end.
-
-hex(S) ->
-    str:to_hexlist(S).
-
-proplists_get_bin_value(Key, Pairs, Default) ->
-    case proplists:get_value(Key, Pairs, Default) of
-        L when is_list(L) ->
-            list_to_binary(L);
-        L2 ->
-            L2
-    end.
-
-response(KeyVals, User, Passwd, Nonce, AuthzId,
-	 A2Prefix) ->
-    Realm = proplists_get_bin_value(<<"realm">>, KeyVals, <<>>),
-    CNonce = proplists_get_bin_value(<<"cnonce">>, KeyVals, <<>>),
-    DigestURI = proplists_get_bin_value(<<"digest-uri">>, KeyVals, <<>>),
-    NC = proplists_get_bin_value(<<"nc">>, KeyVals, <<>>),
-    QOP = proplists_get_bin_value(<<"qop">>, KeyVals, <<>>),
-    MD5Hash = erlang:md5(<<User/binary, ":", Realm/binary, ":",
-                           Passwd/binary>>),
-    A1 = case AuthzId of
-	   <<"">> ->
-	       <<MD5Hash/binary, ":", Nonce/binary, ":", CNonce/binary>>;
-	   _ ->
-	       <<MD5Hash/binary, ":", Nonce/binary, ":", CNonce/binary, ":",
-		 AuthzId/binary>>
-	 end,
-    A2 = case QOP of
-	   <<"auth">> ->
-	       <<A2Prefix/binary, ":", DigestURI/binary>>;
-	   _ ->
-	       <<A2Prefix/binary, ":", DigestURI/binary,
-		 ":00000000000000000000000000000000">>
-	 end,
-    T = <<(hex((erlang:md5(A1))))/binary, ":", Nonce/binary,
-	  ":", NC/binary, ":", CNonce/binary, ":", QOP/binary,
-	  ":", (hex((erlang:md5(A2))))/binary>>,
-    hex((erlang:md5(T))).
-
-spec opt_type(fqdn) -> fun((binary() | [binary()]) -> [binary()]);
-	      (atom()) -> [atom()].
-opt_type(fqdn) ->
-    fun(FQDN) when is_binary(FQDN) ->
-	    [FQDN];
-       (FQDNs) when is_list(FQDNs) ->
-	    [iolist_to_binary(FQDN) || FQDN <- FQDNs]
-    end;
-opt_type(_) -> [fqdn].
@@ -1,104 +0,0 @@
-%%%----------------------------------------------------------------------
-%%% File    : cyrsasl_oauth.erl
-%%% Author  : Alexey Shchepin <alexey@process-one.net>
-%%% Purpose : X-OAUTH2 SASL mechanism
-%%% Created : 17 Sep 2015 by Alexey Shchepin <alexey@process-one.net>
-%%%
-%%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
-%%%
-%%% This program is free software; you can redistribute it and/or
-%%% modify it under the terms of the GNU General Public License as
-%%% published by the Free Software Foundation; either version 2 of the
-%%% License, or (at your option) any later version.
-%%%
-%%% This program is distributed in the hope that it will be useful,
-%%% but WITHOUT ANY WARRANTY; without even the implied warranty of
-%%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-%%% General Public License for more details.
-%%%
-%%% You should have received a copy of the GNU General Public License along
-%%% with this program; if not, write to the Free Software Foundation, Inc.,
-%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-%%%
-%%%----------------------------------------------------------------------
-
-module(cyrsasl_oauth).
-
-author('alexey@process-one.net').
-
-export([start/1, stop/0, mech_new/4, mech_step/2, parse/1, format_error/1]).
-
-behaviour(cyrsasl).
-
-record(state, {host}).
-type error_reason() :: parser_failed | not_authorized.
-export_type([error_reason/0]).
-
-start(_Opts) ->
-    cyrsasl:register_mechanism(<<"X-OAUTH2">>, ?MODULE, plain).
-
-stop() -> ok.
-
-spec format_error(error_reason()) -> {atom(), binary()}.
-format_error(parser_failed) ->
-    {'bad-protocol', <<"Response decoding failed">>};
-format_error(not_authorized) ->
-    {'not-authorized', <<"Invalid token">>}.
-
-mech_new(Host, _GetPassword, _CheckPassword, _CheckPasswordDigest) ->
-    {ok, #state{host = Host}}.
-
-mech_step(State, ClientIn) ->
-    case prepare(ClientIn) of
-        [AuthzId, User, Token] ->
-            case ejabberd_oauth:check_token(
-                   User, State#state.host, [<<"sasl_auth">>], Token) of
-                true ->
-                    {ok,
-                     [{username, User}, {authzid, AuthzId},
-                      {auth_module, ejabberd_oauth}]};
-                _ ->
-                    {error, not_authorized, User}
-            end;
-        _ -> {error, parser_failed}
-    end.
-
-prepare(ClientIn) ->
-    case parse(ClientIn) of
-        [<<"">>, UserMaybeDomain, Token] ->
-            case parse_domain(UserMaybeDomain) of
-                %% <NUL>login@domain<NUL>pwd
-                [User, _Domain] -> [User, User, Token];
-                %% <NUL>login<NUL>pwd
-                [User] -> [User, User, Token]
-            end;
-        %% login@domain<NUL>login<NUL>pwd
-        [AuthzId, User, Token] ->
-            case parse_domain(AuthzId) of
-                %% login@domain<NUL>login<NUL>pwd
-                [AuthzUser, _Domain] -> [AuthzUser, User, Token];
-                %% login<NUL>login<NUL>pwd
-                [AuthzUser] -> [AuthzUser, User, Token]
-            end;
-        _ -> error
-    end.
-
-parse(S) -> parse1(binary_to_list(S), "", []).
-
-parse1([0 | Cs], S, T) ->
-    parse1(Cs, "", [list_to_binary(lists:reverse(S)) | T]);
-parse1([C | Cs], S, T) -> parse1(Cs, [C | S], T);
-%parse1([], [], T) ->
-%    lists:reverse(T);
-parse1([], S, T) ->
-    lists:reverse([list_to_binary(lists:reverse(S)) | T]).
-
-parse_domain(S) -> parse_domain1(binary_to_list(S), "", []).
-
-parse_domain1([$@ | Cs], S, T) ->
-    parse_domain1(Cs, "", [list_to_binary(lists:reverse(S)) | T]);
-parse_domain1([C | Cs], S, T) ->
-    parse_domain1(Cs, [C | S], T);
-parse_domain1([], S, T) ->
-    lists:reverse([list_to_binary(lists:reverse(S)) | T]).
--- a/Show More
+++ b/Show More