From e30038dae14d7cfb6372c44e9f4dfc96c205c29e Mon Sep 17 00:00:00 2001 From: Clément Lassieur Date: Fri, 24 Nov 2017 22:20:32 +0100 Subject: services: prosody: Add support for disable-sasl-mechanisms. * doc/guix.texi (Messaging Services): Update accordingly. * gnu/services/messaging.scm (prosody-configuration)[disable-sasl-mechanisms]: New field. --- doc/guix.texi | 11 ++++++++--- gnu/services/messaging.scm | 6 ++++++ 2 files changed, 14 insertions(+), 3 deletions(-) diff --git a/doc/guix.texi b/doc/guix.texi index 51fc40d7c1..2a68256823 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -14093,6 +14093,11 @@ See @url{http://prosody.im/doc/modules/mod_tls}. Defaults to @samp{#f}. @end deftypevr +@deftypevr {@code{prosody-configuration} parameter} string-list disable-sasl-mechanisms +Set of mechanisms that will never be offered. See +@url{https://prosody.im/doc/modules/mod_saslauth}. +@end deftypevr + @deftypevr {@code{prosody-configuration} parameter} boolean s2s-require-encryption? Whether to force all server-to-server connections to be encrypted or not. See @url{http://prosody.im/doc/modules/mod_tls}. @@ -14170,7 +14175,7 @@ See @url{http://prosody.im/doc/configure#virtual_host_settings}. Available @code{virtualhost-configuration} fields are: -all these @code{prosody-configuration} fields: @code{admins}, @code{use-libevent?}, @code{modules-enabled}, @code{modules-disabled}, @code{groups-file}, @code{allow-registration?}, @code{ssl}, @code{c2s-require-encryption?}, @code{s2s-require-encryption?}, @code{s2s-secure-auth?}, @code{s2s-insecure-domains}, @code{s2s-secure-domains}, @code{authentication}, @code{log}, @code{http-max-content-size}, @code{http-external-url}, @code{raw-content}, plus: +all these @code{prosody-configuration} fields: @code{admins}, @code{use-libevent?}, @code{modules-enabled}, @code{modules-disabled}, @code{groups-file}, @code{allow-registration?}, @code{ssl}, @code{c2s-require-encryption?}, @code{disable-sasl-mechanisms}, @code{s2s-require-encryption?}, @code{s2s-secure-auth?}, @code{s2s-insecure-domains}, @code{s2s-secure-domains}, @code{authentication}, @code{log}, @code{http-max-content-size}, @code{http-external-url}, @code{raw-content}, plus: @deftypevr {@code{virtualhost-configuration} parameter} string domain Domain you wish Prosody to serve. @end deftypevr @@ -14192,7 +14197,7 @@ Defaults to @samp{()}. Available @code{int-component-configuration} fields are: -all these @code{prosody-configuration} fields: @code{admins}, @code{use-libevent?}, @code{modules-enabled}, @code{modules-disabled}, @code{groups-file}, @code{allow-registration?}, @code{ssl}, @code{c2s-require-encryption?}, @code{s2s-require-encryption?}, @code{s2s-secure-auth?}, @code{s2s-insecure-domains}, @code{s2s-secure-domains}, @code{authentication}, @code{log}, @code{http-max-content-size}, @code{http-external-url}, @code{raw-content}, plus: +all these @code{prosody-configuration} fields: @code{admins}, @code{use-libevent?}, @code{modules-enabled}, @code{modules-disabled}, @code{groups-file}, @code{allow-registration?}, @code{ssl}, @code{c2s-require-encryption?}, @code{disable-sasl-mechanisms}, @code{s2s-require-encryption?}, @code{s2s-secure-auth?}, @code{s2s-insecure-domains}, @code{s2s-secure-domains}, @code{authentication}, @code{log}, @code{http-max-content-size}, @code{http-external-url}, @code{raw-content}, plus: @deftypevr {@code{int-component-configuration} parameter} string hostname Hostname of the component. @end deftypevr @@ -14245,7 +14250,7 @@ Defaults to @samp{()}. Available @code{ext-component-configuration} fields are: -all these @code{prosody-configuration} fields: @code{admins}, @code{use-libevent?}, @code{modules-enabled}, @code{modules-disabled}, @code{groups-file}, @code{allow-registration?}, @code{ssl}, @code{c2s-require-encryption?}, @code{s2s-require-encryption?}, @code{s2s-secure-auth?}, @code{s2s-insecure-domains}, @code{s2s-secure-domains}, @code{authentication}, @code{log}, @code{http-max-content-size}, @code{http-external-url}, @code{raw-content}, plus: +all these @code{prosody-configuration} fields: @code{admins}, @code{use-libevent?}, @code{modules-enabled}, @code{modules-disabled}, @code{groups-file}, @code{allow-registration?}, @code{ssl}, @code{c2s-require-encryption?}, @code{disable-sasl-mechanisms}, @code{s2s-require-encryption?}, @code{s2s-secure-auth?}, @code{s2s-insecure-domains}, @code{s2s-secure-domains}, @code{authentication}, @code{log}, @code{http-max-content-size}, @code{http-external-url}, @code{raw-content}, plus: @deftypevr {@code{ext-component-configuration} parameter} string component-secret Password which the component will use to log in. @end deftypevr diff --git a/gnu/services/messaging.scm b/gnu/services/messaging.scm index b66d6ddb96..c75c715850 100644 --- a/gnu/services/messaging.scm +++ b/gnu/services/messaging.scm @@ -391,6 +391,12 @@ using them. See @url{http://prosody.im/doc/advanced_ssl_config}." See @url{http://prosody.im/doc/modules/mod_tls}." common) + (disable-sasl-mechanisms + (string-list '("DIGEST-MD5")) + "Set of mechanisms that will never be offered. See +@url{https://prosody.im/doc/modules/mod_saslauth}." + common) + (s2s-require-encryption? (boolean #f) "Whether to force all server-to-server connections to be encrypted or not. -- cgit v1.2.3