You are not logged in.
Hey all!
After an update today my Prosody will start, but encryption is broken as it reports cant find LuaSec, I have downgraded the package and it now works fine.
Package community/prosody 1:0.10.2-2 -> 1:0.11.0-1
Here is the log from starting it up.
Nov 27 13:33:21 dave systemd[1]: Starting XMPP (Jabber) Server...
Nov 27 13:33:21 dave prosodyctl[504]: **************************
Nov 27 13:33:21 dave prosodyctl[504]: Prosody was unable to find LuaSec
Nov 27 13:33:21 dave prosodyctl[504]: This package can be obtained in the following ways:
Nov 27 13:33:21 dave prosodyctl[504]: luarocks: luarocks install luasec
Nov 27 13:33:21 dave prosodyctl[504]: Source: https://github.com/brunoos/luasec
Nov 27 13:33:21 dave prosodyctl[504]: Debian/Ubuntu: sudo apt-get install lua-sec
Nov 27 13:33:21 dave prosodyctl[504]: SSL/TLS support will not be available
Nov 27 13:33:21 dave prosodyctl[504]: More help can be found on our website, at https://prosody.im/doc/depends
Nov 27 13:33:21 dave prosodyctl[504]: **************************
Nov 27 13:33:21 dave prosodyctl[504]: **************************
Nov 27 13:33:21 dave prosodyctl[504]: Prosody was unable to find LuaSec
Nov 27 13:33:21 dave prosodyctl[504]: This package can be obtained in the following ways:
Nov 27 13:33:21 dave prosodyctl[504]: Debian/Ubuntu: sudo apt-get install lua-sec
Nov 27 13:33:21 dave prosodyctl[504]: luarocks: luarocks install luasec
Nov 27 13:33:21 dave prosodyctl[504]: Source: https://github.com/brunoos/luasec
Nov 27 13:33:21 dave prosodyctl[504]: SSL/TLS support will not be available
Nov 27 13:33:21 dave prosodyctl[504]: More help can be found on our website, at https://prosody.im/doc/depends
Nov 27 13:33:21 dave prosodyctl[504]: **************************
Nov 27 13:33:22 dave prosody[610]: mod_posix: Prosody is about to detach from the console, disabling further console output
Nov 27 13:33:22 dave prosody[614]: mod_posix: Successfully daemonized to PID 614
Nov 27 13:33:22 dave prosody[614]: hostmanager: Activated host: mickjames.com
Nov 27 13:33:22 dave prosody[614]: modulemanager: Error initializing module 'auth_cyrus' on 'mickjames.com': /usr/lib/prosody/util/startup.lua:141: module 'cyrussasl' not found:
no field package.preload['cyrussasl']
no file '/usr/lib/prosody/cyrussasl.lua'
no file '/usr/share/lua/5.2/cyrussasl.lua'
no file '/usr/share/lua/5.2/cyrussasl/init.lua'
no file '/usr/lib/lua/5.2/cyrussasl.lua'
no file '/usr/lib/lua/5.2/cyrussasl/init.lua'
no file '/usr/lib/prosody/cyrussasl.so'
no file '/usr/lib/lua/5.2/cyrussasl.so'
no file '/usr/lib/lua/5.2/loadall.so'
stack traceback:
[C]: in function '_real_require'
/usr/lib/prosody/util/startup.lua:141: in function 'require'
/usr/lib/prosody/util/sasl_cyrus.lua:14: in main chunk
[C]: in function '_real_require'
/usr/lib/prosody/util/startup.lua:141: in function 'require'
/usr/lib/prosody/modules/mod_auth_cyrus.lua:22: in main chunk
[C]: in function 'xpcall'
/usr/lib/prosody/core/modulemanager.lua:178: in function 'do_load_module'
/usr/lib/prosody/core/modulemanager.lua:256: in function 'load'
/usr/lib/prosody/core/usermanager.lua:67: in function '?'
/usr/lib/prosody/util/events.lua:79: in function </usr/lib/prosody/util/events.lua:75>
(...tail calls...)
/usr/lib/prosody/core/hostmanager.lua:108: in function 'activate'
/usr/lib/prosody/core/hostmanager.lua:58: in function '?'
/usr/lib/prosody/util/events.lua:79: in function </usr/lib/prosody/util/events.lua:75>
(...tail calls...)
/usr/lib/prosody/util/startup.lua:327: in function 'prepare_to_start'
/usr/lib/prosody/util/startup.lua:548: in function 'f'
/usr/lib/prosody/util/async.lua:139: in function 'func'
/usr/lib/prosody/util/async.lua:127: in function </usr/lib/prosody/util/async.lua:125>
Nov 27 13:33:22 dave prosody[614]: storagemanager: map storage driver unavailable, using shim on top of keyval store.
Nov 27 13:33:22 dave prosody[614]: mickjames.com:mam: archive_expires_after = 604800 -- in seconds
Nov 27 13:33:22 dave prosody[614]: storagemanager: map storage driver unavailable, using shim on top of keyval store.
Nov 27 13:33:22 dave prosody[614]: mickjames.com:tls: Error creating context for c2s: LuaSec (required for encryption) was not found
Nov 27 13:33:22 dave prosody[614]: mickjames.com:tls: Error creating contexts for s2sout: LuaSec (required for encryption) was not found
Nov 27 13:33:22 dave prosody[614]: mickjames.com:tls: Error creating contexts for s2sin: LuaSec (required for encryption) was not found
Reinstalling the lua-sec package and the cyrussasl packages didn't help.
Any ideas of what else I could check?
Thanks,
-Toje
EDIT: Updated Title
Last edited by Toje (2018-11-27 03:57:15)
Offline
Did you check the optdeps?
Offline
Thanks,
That fixed the lua sec problem,
Now I am getting
Nov 27 14:14:15 dave prosody[3118]: socket: server.lua: accepted new client connection from 1.129.107.34:25058 to 5222
Nov 27 14:14:15 dave prosody[3118]: c2s56450f3a6fe0: Client connected
Nov 27 14:14:16 dave prosody[3118]: c2s56450f3a6fe0: Client sent opening <stream:stream> to davejames.com
Nov 27 14:14:16 dave prosody[3118]: c2s56450f3a6fe0: Sending[c2s_unauthed]: <?xml version='1.0'?>
Nov 27 14:14:16 dave prosody[3118]: c2s56450f3a6fe0: Sending[c2s_unauthed]: <stream:stream version='1.0' from='davejames.com' id='8d22d4d5-335b-48d7-a73d-3ebec04dc126' xml:lang='en' xmlns:stream='http://etherx.jabber.org/streams' xmlns='jabber:client'>
Nov 27 14:14:16 dave prosody[3118]: c2s56450f3a6fe0: Sent reply <stream:stream> to client
Nov 27 14:14:16 dave prosody[3118]: c2s56450f3a6fe0: Not offering authentication on insecure connection
Nov 27 14:14:16 dave prosody[3118]: c2s56450f3a6fe0: Sending[c2s_unauthed]: <stream:features>
Nov 27 14:14:16 dave prosody[3118]: socket: server.lua: ssl handshake done
Nov 27 14:14:16 dave prosody[3118]: c2s56450f33cea0: Client sent opening <stream:stream> to mickjames.com
Nov 27 14:14:16 dave prosody[3118]: c2s56450f33cea0: Sending[c2s_unauthed]: <?xml version='1.0'?>
Nov 27 14:14:16 dave prosody[3118]: c2s56450f33cea0: Sending[c2s_unauthed]: <stream:stream version='1.0' from='mickjames.com' id='bacd5ea3-4e70-4d91-9ca6-18b9d896b4c2' xml:lang='en' xmlns:stream='http://etherx.jabber.org/streams' xmlns='jabber:client'>
Nov 27 14:14:16 dave prosody[3118]: c2s56450f33cea0: Sent reply <stream:stream> to client
Nov 27 14:14:16 dave prosody[3118]: c2s56450f33cea0: Stream encrypted (TLSv1.3 with TLS_AES_256_GCM_SHA384)
Nov 27 14:14:16 dave prosody[3118]: c2s56450f33cea0: No available SASL mechanisms, verify that the configured authentication module is working
Nov 27 14:14:16 dave prosody[3118]: c2s56450f33cea0: No stream features to offer
Nov 27 14:14:16 dave prosody[3118]: c2s56450f33cea0: Disconnecting client, <stream:error> is: <stream:error><undefined-condition xmlns='urn:ietf:params:xml:ns:xmpp-streams'/><text xmlns='urn:ietf:params:xml:ns:xmpp-streams'>No stream features to proceed with</text></stream:error>
Nov 27 14:14:16 dave prosody[3118]: c2s56450f33cea0: Sending[c2s_unauthed]: <stream:error>
Nov 27 14:14:16 dave prosody[3118]: c2s56450f33cea0: Sending[c2s_unauthed]: </stream:stream>
Nov 27 14:14:16 dave prosody[3118]: c2s56450f33cea0: c2s stream for 130.56.225.240 closed: No stream features to proceed with
Nov 27 14:14:16 dave prosody[3118]: c2s56450f33cea0: Destroying session for (unknown) ((unknown)@mickjames.com): No stream features to proceed with
Nov 27 14:14:16 dave prosody[3118]: c2s56450f33cea0: Client disconnected: connection closed
Nov 27 14:14:16 dave prosody[3118]: c2s56450f33cea0: Destroying session for (unknown) ((unknown)@(unknown))
Nov 27 14:14:16 dave prosody[3118]: socket: server.lua: closed client handler and removed socket from list
I'll have to have a play with it, strange that the SASL mechanisms seem to have now dropped off after an update.
the config file seems fine,
authentication = "cyrus"
sasl_backend = "cyrus"
cyrus_service_name = "xmpp"
Just now on the new version its reporting No available SASL mechanisms
Last edited by Toje (2018-11-27 03:28:56)
Offline
Ok, I would say at this stage the problem is likely with lua-cyrussasl
I suspect it needs to be updated to work with lua 5.2, frustrating but not the end of the world.
Bit outside my area though.
Last edited by Toje (2018-11-27 03:39:12)
Offline
Ok, well switching to internal_hashed for auth has fixed this for me, but cyrus is broken I suspect due to lua-cyrussasl.
Given I only have less than 10 users its not a big impact for me, but other users may run into problems.
Offline
Strange - even with optdeps I am still running into Prosody was unable to find LuaSec. It seems this is a regression of an earlier bug https://bugs.archlinux.org/task/48480.
$ lua5.1 -e 'print(require"ssl" and "ok")'
ok
Downgrading for now does not exhibit this problem.
Offline
What does lua5.1 have to do with anything? (that's a hint, btw).
Offline
Thanks, you're right. All good with luasec.
Offline