You are not logged in.

#1 2018-11-27 03:04:45

Toje
Member
Registered: 2014-07-29
Posts: 14

[Prosody] Stream error cyrus sasl not wokring after update 1:0.11.0

Hey all!

After an update today my Prosody will start, but encryption is broken as it reports cant find LuaSec, I have downgraded the package and it now works fine.

Package community/prosody 1:0.10.2-2 -> 1:0.11.0-1
Here is the log from starting it up.

Nov 27 13:33:21 dave systemd[1]: Starting XMPP (Jabber) Server...
Nov 27 13:33:21 dave prosodyctl[504]: **************************
Nov 27 13:33:21 dave prosodyctl[504]: Prosody was unable to find LuaSec
Nov 27 13:33:21 dave prosodyctl[504]: This package can be obtained in the following ways:
Nov 27 13:33:21 dave prosodyctl[504]:         luarocks:         luarocks install luasec
Nov 27 13:33:21 dave prosodyctl[504]:         Source:           https://github.com/brunoos/luasec
Nov 27 13:33:21 dave prosodyctl[504]:         Debian/Ubuntu:    sudo apt-get install lua-sec
Nov 27 13:33:21 dave prosodyctl[504]: SSL/TLS support will not be available
Nov 27 13:33:21 dave prosodyctl[504]: More help can be found on our website, at https://prosody.im/doc/depends
Nov 27 13:33:21 dave prosodyctl[504]: **************************
Nov 27 13:33:21 dave prosodyctl[504]: **************************
Nov 27 13:33:21 dave prosodyctl[504]: Prosody was unable to find LuaSec
Nov 27 13:33:21 dave prosodyctl[504]: This package can be obtained in the following ways:
Nov 27 13:33:21 dave prosodyctl[504]:         Debian/Ubuntu:    sudo apt-get install lua-sec
Nov 27 13:33:21 dave prosodyctl[504]:         luarocks:         luarocks install luasec
Nov 27 13:33:21 dave prosodyctl[504]:         Source:           https://github.com/brunoos/luasec
Nov 27 13:33:21 dave prosodyctl[504]: SSL/TLS support will not be available
Nov 27 13:33:21 dave prosodyctl[504]: More help can be found on our website, at https://prosody.im/doc/depends
Nov 27 13:33:21 dave prosodyctl[504]: **************************
Nov 27 13:33:22 dave prosody[610]: mod_posix: Prosody is about to detach from the console, disabling further console output
Nov 27 13:33:22 dave prosody[614]: mod_posix: Successfully daemonized to PID 614
Nov 27 13:33:22 dave prosody[614]: hostmanager: Activated host: mickjames.com
Nov 27 13:33:22 dave prosody[614]: modulemanager: Error initializing module 'auth_cyrus' on 'mickjames.com': /usr/lib/prosody/util/startup.lua:141: module 'cyrussasl' not found:
                                             no field package.preload['cyrussasl']
                                             no file '/usr/lib/prosody/cyrussasl.lua'
                                             no file '/usr/share/lua/5.2/cyrussasl.lua'
                                             no file '/usr/share/lua/5.2/cyrussasl/init.lua'
                                             no file '/usr/lib/lua/5.2/cyrussasl.lua'
                                             no file '/usr/lib/lua/5.2/cyrussasl/init.lua'
                                             no file '/usr/lib/prosody/cyrussasl.so'
                                             no file '/usr/lib/lua/5.2/cyrussasl.so'
                                             no file '/usr/lib/lua/5.2/loadall.so'
                                     stack traceback:
                                             [C]: in function '_real_require'
                                             /usr/lib/prosody/util/startup.lua:141: in function 'require'
                                             /usr/lib/prosody/util/sasl_cyrus.lua:14: in main chunk
                                             [C]: in function '_real_require'
                                             /usr/lib/prosody/util/startup.lua:141: in function 'require'
                                             /usr/lib/prosody/modules/mod_auth_cyrus.lua:22: in main chunk
                                             [C]: in function 'xpcall'
                                             /usr/lib/prosody/core/modulemanager.lua:178: in function 'do_load_module'
                                             /usr/lib/prosody/core/modulemanager.lua:256: in function 'load'
                                             /usr/lib/prosody/core/usermanager.lua:67: in function '?'
                                             /usr/lib/prosody/util/events.lua:79: in function </usr/lib/prosody/util/events.lua:75>
                                             (...tail calls...)
                                             /usr/lib/prosody/core/hostmanager.lua:108: in function 'activate'
                                             /usr/lib/prosody/core/hostmanager.lua:58: in function '?'
                                             /usr/lib/prosody/util/events.lua:79: in function </usr/lib/prosody/util/events.lua:75>
                                             (...tail calls...)
                                             /usr/lib/prosody/util/startup.lua:327: in function 'prepare_to_start'
                                             /usr/lib/prosody/util/startup.lua:548: in function 'f'
                                             /usr/lib/prosody/util/async.lua:139: in function 'func'
                                             /usr/lib/prosody/util/async.lua:127: in function </usr/lib/prosody/util/async.lua:125>
Nov 27 13:33:22 dave prosody[614]: storagemanager: map storage driver unavailable, using shim on top of keyval store.
Nov 27 13:33:22 dave prosody[614]: mickjames.com:mam: archive_expires_after = 604800 -- in seconds
Nov 27 13:33:22 dave prosody[614]: storagemanager: map storage driver unavailable, using shim on top of keyval store.
Nov 27 13:33:22 dave prosody[614]: mickjames.com:tls: Error creating context for c2s: LuaSec (required for encryption) was not found
Nov 27 13:33:22 dave prosody[614]: mickjames.com:tls: Error creating contexts for s2sout: LuaSec (required for encryption) was not found
Nov 27 13:33:22 dave prosody[614]: mickjames.com:tls: Error creating contexts for s2sin: LuaSec (required for encryption) was not found

Reinstalling the lua-sec package and the cyrussasl packages didn't help.
Any ideas of what else I could check?

Thanks,
-Toje

EDIT: Updated Title

Last edited by Toje (2018-11-27 03:57:15)

Offline

#2 2018-11-27 03:07:27

Scimmia
Fellow
Registered: 2012-09-01
Posts: 11,461

Re: [Prosody] Stream error cyrus sasl not wokring after update 1:0.11.0

Did you check the optdeps?

Offline

#3 2018-11-27 03:19:40

Toje
Member
Registered: 2014-07-29
Posts: 14

Re: [Prosody] Stream error cyrus sasl not wokring after update 1:0.11.0

Thanks,

That fixed the lua sec problem,

Now I am getting

Nov 27 14:14:15 dave prosody[3118]: socket: server.lua: accepted new client connection from 1.129.107.34:25058 to 5222
Nov 27 14:14:15 dave prosody[3118]: c2s56450f3a6fe0: Client connected
Nov 27 14:14:16 dave prosody[3118]: c2s56450f3a6fe0: Client sent opening <stream:stream> to davejames.com
Nov 27 14:14:16 dave prosody[3118]: c2s56450f3a6fe0: Sending[c2s_unauthed]: <?xml version='1.0'?>
Nov 27 14:14:16 dave prosody[3118]: c2s56450f3a6fe0: Sending[c2s_unauthed]: <stream:stream version='1.0' from='davejames.com' id='8d22d4d5-335b-48d7-a73d-3ebec04dc126' xml:lang='en' xmlns:stream='http://etherx.jabber.org/streams' xmlns='jabber:client'>
Nov 27 14:14:16 dave prosody[3118]: c2s56450f3a6fe0: Sent reply <stream:stream> to client
Nov 27 14:14:16 dave prosody[3118]: c2s56450f3a6fe0: Not offering authentication on insecure connection
Nov 27 14:14:16 dave prosody[3118]: c2s56450f3a6fe0: Sending[c2s_unauthed]: <stream:features>
Nov 27 14:14:16 dave prosody[3118]: socket: server.lua: ssl handshake done
Nov 27 14:14:16 dave prosody[3118]: c2s56450f33cea0: Client sent opening <stream:stream> to mickjames.com
Nov 27 14:14:16 dave prosody[3118]: c2s56450f33cea0: Sending[c2s_unauthed]: <?xml version='1.0'?>
Nov 27 14:14:16 dave prosody[3118]: c2s56450f33cea0: Sending[c2s_unauthed]: <stream:stream version='1.0' from='mickjames.com' id='bacd5ea3-4e70-4d91-9ca6-18b9d896b4c2' xml:lang='en' xmlns:stream='http://etherx.jabber.org/streams' xmlns='jabber:client'>
Nov 27 14:14:16 dave prosody[3118]: c2s56450f33cea0: Sent reply <stream:stream> to client
Nov 27 14:14:16 dave prosody[3118]: c2s56450f33cea0: Stream encrypted (TLSv1.3 with TLS_AES_256_GCM_SHA384)
Nov 27 14:14:16 dave prosody[3118]: c2s56450f33cea0: No available SASL mechanisms, verify that the configured authentication module is working
Nov 27 14:14:16 dave prosody[3118]: c2s56450f33cea0: No stream features to offer
Nov 27 14:14:16 dave prosody[3118]: c2s56450f33cea0: Disconnecting client, <stream:error> is: <stream:error><undefined-condition xmlns='urn:ietf:params:xml:ns:xmpp-streams'/><text xmlns='urn:ietf:params:xml:ns:xmpp-streams'>No stream features to proceed with</text></stream:error>
Nov 27 14:14:16 dave prosody[3118]: c2s56450f33cea0: Sending[c2s_unauthed]: <stream:error>
Nov 27 14:14:16 dave prosody[3118]: c2s56450f33cea0: Sending[c2s_unauthed]: </stream:stream>
Nov 27 14:14:16 dave prosody[3118]: c2s56450f33cea0: c2s stream for 130.56.225.240 closed: No stream features to proceed with
Nov 27 14:14:16 dave prosody[3118]: c2s56450f33cea0: Destroying session for (unknown) ((unknown)@mickjames.com): No stream features to proceed with
Nov 27 14:14:16 dave prosody[3118]: c2s56450f33cea0: Client disconnected: connection closed
Nov 27 14:14:16 dave prosody[3118]: c2s56450f33cea0: Destroying session for (unknown) ((unknown)@(unknown))
Nov 27 14:14:16 dave prosody[3118]: socket: server.lua: closed client handler and removed socket from list

I'll have to have a play with it, strange that the SASL mechanisms seem to have now dropped off after an update.

the config file seems fine,

authentication = "cyrus"
sasl_backend = "cyrus"
cyrus_service_name = "xmpp"

Just now on the new version its reporting No available SASL mechanisms

Last edited by Toje (2018-11-27 03:28:56)

Offline

#4 2018-11-27 03:38:59

Toje
Member
Registered: 2014-07-29
Posts: 14

Re: [Prosody] Stream error cyrus sasl not wokring after update 1:0.11.0

Ok, I would say at this stage the problem is likely with lua-cyrussasl

I suspect it needs to be updated to work with lua 5.2, frustrating but not the end of the world.
Bit outside my area though.

Last edited by Toje (2018-11-27 03:39:12)

Offline

#5 2018-11-27 04:34:53

Toje
Member
Registered: 2014-07-29
Posts: 14

Re: [Prosody] Stream error cyrus sasl not wokring after update 1:0.11.0

Ok, well switching to internal_hashed for auth has fixed this for me, but cyrus is broken I suspect due to lua-cyrussasl.

Given I only have less than 10 users its not a big impact for me, but other users may run into problems.

Offline

#6 2018-12-01 22:32:52

cirkit
Member
From: San Francisco
Registered: 2008-01-29
Posts: 80
Website

Re: [Prosody] Stream error cyrus sasl not wokring after update 1:0.11.0

Strange - even with optdeps I am still running into Prosody was unable to find LuaSec. It seems this is a regression of an earlier bug https://bugs.archlinux.org/task/48480.

$ lua5.1 -e 'print(require"ssl" and "ok")'
ok

Downgrading for now does not exhibit this problem.

Offline

#7 2018-12-01 23:14:07

Scimmia
Fellow
Registered: 2012-09-01
Posts: 11,461

Re: [Prosody] Stream error cyrus sasl not wokring after update 1:0.11.0

What does lua5.1 have to do with anything? (that's a hint, btw).

Offline

#8 2018-12-01 23:55:42

cirkit
Member
From: San Francisco
Registered: 2008-01-29
Posts: 80
Website

Re: [Prosody] Stream error cyrus sasl not wokring after update 1:0.11.0

Thanks, you're right. All good with luasec.

Offline

Board footer

Powered by FluxBB