08/09: services: prosody: Add support for disable-sasl-mechanisms.

Sun, 26 Nov 2017 06:36:49 -0800 

snape pushed a commit to branch master
in repository guix.

commit e30038dae14d7cfb6372c44e9f4dfc96c205c29e
Author: Clément Lassieur <clem...@lassieur.org>
Date:   Fri Nov 24 22:20:32 2017 +0100

    services: prosody: Add support for disable-sasl-mechanisms.
    
    * doc/guix.texi (Messaging Services): Update accordingly.
    * gnu/services/messaging.scm 
(prosody-configuration)[disable-sasl-mechanisms]:
    New field.
---
 doc/guix.texi              | 11 ++++++++---
 gnu/services/messaging.scm |  6 ++++++
 2 files changed, 14 insertions(+), 3 deletions(-)

diff --git a/doc/guix.texi b/doc/guix.texi
index 51fc40d..2a68256 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -14093,6 +14093,11 @@ See @url{http://prosody.im/doc/modules/mod_tls}.
 Defaults to @samp{#f}.
 @end deftypevr
 
+@deftypevr {@code{prosody-configuration} parameter} string-list 
disable-sasl-mechanisms
+Set of mechanisms that will never be offered.  See
+@url{https://prosody.im/doc/modules/mod_saslauth}.
+@end deftypevr
+
 @deftypevr {@code{prosody-configuration} parameter} boolean 
s2s-require-encryption?
 Whether to force all server-to-server connections to be encrypted or not.
 See @url{http://prosody.im/doc/modules/mod_tls}.
@@ -14170,7 +14175,7 @@ See 
@url{http://prosody.im/doc/configure#virtual_host_settings}.
 
 Available @code{virtualhost-configuration} fields are:
 
-all these @code{prosody-configuration} fields: @code{admins}, 
@code{use-libevent?}, @code{modules-enabled}, @code{modules-disabled}, 
@code{groups-file}, @code{allow-registration?}, @code{ssl}, 
@code{c2s-require-encryption?}, @code{s2s-require-encryption?}, 
@code{s2s-secure-auth?}, @code{s2s-insecure-domains}, 
@code{s2s-secure-domains}, @code{authentication}, @code{log}, 
@code{http-max-content-size}, @code{http-external-url}, @code{raw-content}, 
plus:
+all these @code{prosody-configuration} fields: @code{admins}, 
@code{use-libevent?}, @code{modules-enabled}, @code{modules-disabled}, 
@code{groups-file}, @code{allow-registration?}, @code{ssl}, 
@code{c2s-require-encryption?}, @code{disable-sasl-mechanisms}, 
@code{s2s-require-encryption?}, @code{s2s-secure-auth?}, 
@code{s2s-insecure-domains}, @code{s2s-secure-domains}, @code{authentication}, 
@code{log}, @code{http-max-content-size}, @code{http-external-url}, 
@code{raw-content}, plus:
 @deftypevr {@code{virtualhost-configuration} parameter} string domain
 Domain you wish Prosody to serve.
 @end deftypevr
@@ -14192,7 +14197,7 @@ Defaults to @samp{()}.
 
 Available @code{int-component-configuration} fields are:
 
-all these @code{prosody-configuration} fields: @code{admins}, 
@code{use-libevent?}, @code{modules-enabled}, @code{modules-disabled}, 
@code{groups-file}, @code{allow-registration?}, @code{ssl}, 
@code{c2s-require-encryption?}, @code{s2s-require-encryption?}, 
@code{s2s-secure-auth?}, @code{s2s-insecure-domains}, 
@code{s2s-secure-domains}, @code{authentication}, @code{log}, 
@code{http-max-content-size}, @code{http-external-url}, @code{raw-content}, 
plus:
+all these @code{prosody-configuration} fields: @code{admins}, 
@code{use-libevent?}, @code{modules-enabled}, @code{modules-disabled}, 
@code{groups-file}, @code{allow-registration?}, @code{ssl}, 
@code{c2s-require-encryption?}, @code{disable-sasl-mechanisms}, 
@code{s2s-require-encryption?}, @code{s2s-secure-auth?}, 
@code{s2s-insecure-domains}, @code{s2s-secure-domains}, @code{authentication}, 
@code{log}, @code{http-max-content-size}, @code{http-external-url}, 
@code{raw-content}, plus:
 @deftypevr {@code{int-component-configuration} parameter} string hostname
 Hostname of the component.
 @end deftypevr
@@ -14245,7 +14250,7 @@ Defaults to @samp{()}.
 
 Available @code{ext-component-configuration} fields are:
 
-all these @code{prosody-configuration} fields: @code{admins}, 
@code{use-libevent?}, @code{modules-enabled}, @code{modules-disabled}, 
@code{groups-file}, @code{allow-registration?}, @code{ssl}, 
@code{c2s-require-encryption?}, @code{s2s-require-encryption?}, 
@code{s2s-secure-auth?}, @code{s2s-insecure-domains}, 
@code{s2s-secure-domains}, @code{authentication}, @code{log}, 
@code{http-max-content-size}, @code{http-external-url}, @code{raw-content}, 
plus:
+all these @code{prosody-configuration} fields: @code{admins}, 
@code{use-libevent?}, @code{modules-enabled}, @code{modules-disabled}, 
@code{groups-file}, @code{allow-registration?}, @code{ssl}, 
@code{c2s-require-encryption?}, @code{disable-sasl-mechanisms}, 
@code{s2s-require-encryption?}, @code{s2s-secure-auth?}, 
@code{s2s-insecure-domains}, @code{s2s-secure-domains}, @code{authentication}, 
@code{log}, @code{http-max-content-size}, @code{http-external-url}, 
@code{raw-content}, plus:
 @deftypevr {@code{ext-component-configuration} parameter} string 
component-secret
 Password which the component will use to log in.
 @end deftypevr
diff --git a/gnu/services/messaging.scm b/gnu/services/messaging.scm
index b66d6dd..c75c715 100644
--- a/gnu/services/messaging.scm
+++ b/gnu/services/messaging.scm
@@ -391,6 +391,12 @@ using them.  See 
@url{http://prosody.im/doc/advanced_ssl_config}.";
 See @url{http://prosody.im/doc/modules/mod_tls}.";
      common)
 
+    (disable-sasl-mechanisms
+     (string-list '("DIGEST-MD5"))
+     "Set of mechanisms that will never be offered.  See
+@url{https://prosody.im/doc/modules/mod_saslauth}.";
+     common)
+
     (s2s-require-encryption?
      (boolean #f)
      "Whether to force all server-to-server connections to be encrypted or not.

Reply via email to