Planet Jabber

November 26, 2015

Nicolas Vérité

Exciting XMPP news of the world!

Lots of news this week!

SPIRIT DSP released VideoMost SDK 5.0 for mobile videoconferencing service providers

VideoMost uses XMPP for signalling.

node-xmpp-core 5.0

The node-xmpp project has released node-xmpp-core 5.0.

xmppbot in PHP

xmppbot is a client for the Laravel PHP framework.

How to Chat on Using an External XMPP Client has explained in a blog post how to live chat on top of coding streams.

Roundup of the IM in Firefoex OS (french)

The french-speaking Firefox OS community has released an interesting and insightful article (in french, sorry) about the Instant Messaging apps in Firefox OS.

Do you want to read it in automated, approximately translated version?

Movim has tags

The excellent XMPP-based social network has now received the new tagging feature:

MongooseIM 1.6 is available

Check out the blog post for all the infos: MongooseIM 1.6: Riak, DevOps love, and so much more!

PBX-versie has XMPP has released version 6.0.10 of the cloud PBX, with XMPP integration, for presence and signalling.


by nyco at November 26, 2015 12:03


Grapherl: Google Summer of Code / Metrics for ejabberd

Grapherl Google Summer of Code (GSOC) project is a project targeting the ejabberd environment to provide a metric / analytics system for ejabberd, but also other Erlang projects.

Project was completed successfully by Vanshdeep Singh and is available on Github: processone/grapherl.


Grapherl introduction

The file includes on complete tutorial on how to compile and install the project.

The project should be considered in beta and Vanshdeep Singh is looking for feedback and contributions to improve his tool. Grapherl Github Issue is probably the best place to report your issue with the project.

The project is using leveldb for the metrics data store, but other backend could be used.

The front-end can be customized and you can download the configuration of the dashboard and upload it again to visualize the data. For the moment the dashboards are not persistent on the server.

The client protocol is basic at the moment and takes a simple text format, sent over UDP on port 11111. You can see examples of the client protocol in Erlang or Python in Grapherl repository.

Format for sending a metric point is as follows:

randomClient1/memory_usage:g/1441005678:1002938389   # example

Metric types are gauge and counter values. By default for a gauge metric values are averaged over an interval and for counter metric values are added over an interval.

ejabberd metrics

That module is an opportunity to expose more largely ejabberd internals and to allow admin to get nice feedback on ejabberd internals.

Grapherl has an ejabberd module mod_metrics.erl showing example on how to report ejabberd metrics for gauge and counter. You can already test this module to get a feeling of what is coming for ejabberd regarding metrics reporting. Just compile that module with ejabberd and add it to the configuration file. We expect that module will report data on Grapherl server on localhost.

The plan is to incrementally increase the number of metrics covered in ejabberd, based on our experience of large scale platform management. Even if we now focus on providing a few metrics during a beta test phase and we will expose more metrics after we have received feedback from users.

Feedback welcome

While the Google Summer of Code is now over and Grapherl has produced a working graphing tool in Erlang as a result, the work is pretty much in progress. We are aware of a few bugs that we have been adding to Github issues for the project and the author expects you will find more, when more users are given it a try.

The next steps depend on your feedback.

by Mickaël Rémond at November 26, 2015 10:49

November 25, 2015

Erlang Solutions

MongooseIM 1.6: Riak, DevOps love, and so much more!

Most of the development work around MongooseIM is done by working closely with our clients. Many of the new features in MongooseIM 1.6 are the result of building and testing around particular client requirements. We are particularly excited about this release, as it means the beginning of an improved team dynamic, new high-value features, and many improvements.


What’s new in MongooseIM 1.6

Riak KV

MongooseIM 1.6 introduces support for Riak - the scalable, fault-tolerant, distributed database written in Erlang. For this release, four modules can be configured with Riak, but more are on their way.


Currently, MongooseIM supports Riak as a storage backend for:

  • Authentication
  • Message Archive Management (MAM, XEP-0313) for one-to-one conversations
  • vCards (XEP-0054)
  • Private XML storage (XEP-0049)

This brings more flexibility in terms of database choice for any infrastructure, as you are free to choose between a RDBMS or NOSQL data store.

Powerful metrics, DevOps love

Version 1.6 offers very powerful metrics and monitoring infrastructure. For the underlying instrumentation, MongooseIM relies on Exometer. It reports OS-level and Erlang VM metrics, in addition to business metrics. You can then push those metrics to any ingesting and graphing system, such as Grafana or Kibana.

This greatly improves DevOps' visibility for managing systems, no matter the size of the installation. Other departments will benefit from having more data to dig into (big data, analytics), thus better understanding the end-users and eventually discovering new opportunities to improve UX, core competencies, and selling points.

Additionally, we have improved how session data from the DB is cleaned up when a node goes down. It eases the support for more database backends in the future, and it brings better cluster handling for DevOps.

Also, it is now possible to change log-level dynamically with a custom log path. For DevOps, once again, it helps consolidated logging for easier deployment, administration, and analysis.


Get your own easy-to deploy Docker image of MongooseIM. As it is still experimental and will improve over time, please handle it with care: Give it a test drive, come back to us with feedback or questions and tell us and what you'd like to see in the future. Feel free to fork it from:

Additional high value improvements

Extensive technical investment means we can continue to deliver a better MongooseIM with the Open Source community: we made changes to the core and integrated our test suite, the first of its kind, in the hope of seeing even more Open Source contribution.

Selected improvements:

  • Supported XEPs are now documented on
  • Substantial refactoring: authentication mechanism, c2s, simplified MAM
  • Erlang/OTP 18 support
  • Better RFC & XEP conformance

We encourage everybody to review the release notes on GitHub.

Coming up next

MongooseIM 1.6 will continue to bring many benefits such as: extensive and powerful business metrics, flexibility for DevOps, a rock-solid code base and stability for server and backend developers, more conformance for client developers, and extensive testing for all.

1.6.x maintenance series

We will be working on a maintenance version, 1.6.1 (and perhaps a 1.6.2 later), with more complete Riak support, and of course the usual bug fixes, optimisations, and general improvements.

1.7 and subsequent releases

The development cycle for version 1.7 has already begun! We will focus on cloud, mobile, and testing. That is all we can share for now, but feel free to tell us what you think. We will also put more effort and commitment into making release schedules more predictable - in fact we already are.


Be the first to get informed!

We have set up a new public mailing-list for all announcements of major events happening on the MongooseIM front. Expect one or two emails per month, the archives are free and open. We highly encourage you to subscribe here:

Click on the blue button "Join group":

MongooseIM mailing list

Then click in "Email delivery preference" on "Notify me for every new message":

How to join MongooseIM mailing list


We received some very valuable contributions over the last months, and we would like to thank all of the developers who took part in the delivery of version 1.6: @rgrinberg, @vooolll, @syhpoon, @mweibel, @Stelminator, @larshesel, @ruanpienaar,@aszlig, @jonathanve, @gmodarelli.

We hope to see everyone contributing again in the coming months - you have all the power to closely participate in this fully open source project.

Influence our roadmap!

We encourage you to comment below this blog post, tell us what you think about this release, and where we should go in the future. You can also give feedback on GitHub through “Issues” - we are keen on gathering common problems and goals to provide solutions.

We believe the best thing to do is fork the project, and make a pull requests when you are happy. We will discuss with you, and include that into a milestone, entering our fully automated testing process.

November 25, 2015 15:53

November 24, 2015


Riak and ejabberd in-depth explanation at Basho Advanced Erlang Workshop

As Basho just joined Advanced Erlang Initiative, we are joining forces to explain the implications, benefits and strength of ejabberd deployment with Riak (among other Riak talks, prepared by Basho team).

During hands-on session, we will show what is possible when mixing two great Erlang products together, on December 9th, in London.

You can learn more and book ticket for Basho Advanced Erlang Workshop on Advanced Erlang Initiative


by Mickaël Rémond at November 24, 2015 13:23

November 23, 2015

Ignite Realtime Blog

Smack 4.1.5 released

The Ignite Realtime community is proud to announce the availability of Smack 4.1.5. Like all patch level releases, this release includes some important fixes and users are strongly encouraged to update. Smack 4.1.5 is a API compatible drop-in replacement for every release of the Smack 4.1 series. Have a look at the changelog and the git changelog.


Thanks to everyone who contributed to this release by providing bug reports and patches.

by Ignite Realtime Blog ( at November 23, 2015 13:40

Nicolas Vérité

Crowdfunding XMPP

Do you want to help XMPP?

Want a decentralized, encrypted, Free (as in freedom) “social” app on Android and desktop ?

The « Salut à Toi » project says:


Please contribute!

You can go to the crowdfunding platform, and give money to: Libervia- Ethical and Free (Libre) social network.

by nyco at November 23, 2015 09:05

November 20, 2015


ejabberd 15.11: Simpler cluster setup

This new version of ejabberd improves the cluster management to make it simpler to use. It fixes issues some may have faced when setting cluster with ejabberd 15.09 and 15.10.


The commands join_cluster and leave_cluster do not depend on external scripts anymore. This makes operation simpler from user perspective and more portable across systems. The commands are supported on Microsoft Windows the same way as on Linux and OSX.

Adding a node to a cluster

Suppose you have already configured ejabberd on one node named ejabberd@node1. Let’s create an additional node ejabberd@node2 and connect them together.

  1. Copy the .erlang.cookie file from node1‘s home to node2‘s home.

  2. Start node2 node, and join it to the cluster:

    $ ejabberdctl start
    $ ejabberdctl join_cluster 'ejabberd@node1'
    $ ejabberdctl list_cluster

This enables ejabberd’s internal replications to be launched across all nodes so new node can start receiving messages from other nodes and be registered in the routing tables.

Removing a node from the cluster

Suppose you have already configured ejabberd cluster with nodes named ejabberd@node1 and ejabberd@node2 and you want to remove node1 from the cluster.
You just needs to shut down node1. There is no specific delay for the cluster to figure out that the node is gone, the node is immediately removed from other router entries.
If the node node1 is started again, it’s immediately attached back to the cluster until it has been explicitly removed permanently from the cluster.

To permanently remove node1 from the cluster, just call leave_cluster command from anywhere in your cluster (either node1 or node2):

$ ejabberdctl leave_cluster 'ejabberd@node1'

The removed node must be running while calling leave_cluster to make it permanently removed. It’s then immediately stopped.


As usual, the release is tagged in the Git source code repository on Github.

The source package and binary installers are available at ProcessOne.

If you suspect that you’ve found a bug, please search or fill a bug report on Github.

by Christophe Romain at November 20, 2015 14:55

Nicolas Vérité

XMPP News! HabaHaba, Beaux Boulons, Paranoid,, DreamHost, Fastmail, Fedora

Here are the new news of XMPP!, did you know?

The online service is described in the wiki:  features, sceenshots, and video. The source code is available: Thanks to Sergey Dobrov! frontpage chat

XMPP presentation: the protocole the revolutionises internet

The « Atelier des Beaux Boulons » is a non-profit FabLab in Auxerre, France, and they presente XMPP, here is the proof:

XMPP For Paranoid People

_NSAKEY has published:

The presentation « XMPP For Paranoid People » (instructive) has an 8-bits design! ;-)

The WordPress dot com bot

Did you know that notifies you via XMPP of all the comments on your blog?

How to send Jabber (XMPP) messages from Django

Alex Morozov blogged this:

simple Django notification bot.

DreamHost October Newslettery: What’s That Feature?

The WTF of DreamHost: « What’s that feature? It’s XMPP!« . This points to their wiki.

Fastmail : Shutting down our XMPP chat service

Fastmail closes their XMPP server on the 31st of January 2016. Sad.

Building teams around SIP and XMPP in Debian and Fedora

Daniel Pocock tries to reproduce the Debian experience, but this time at Fedora.

Do you like these news?

by nyco at November 20, 2015 14:41

November 18, 2015

Ignite Realtime Blog

Openfire 3.10.3 Released

The Ignite Realtime Community is pleased to announce the release of version 3.10.3 of Openfire.  This release continues our effort to produce a stable 3.10 release series of Openfire while we work toward the next major release of Openfire.  The release is available now for download from our website.


The Changelog for this release denotes 12 fixed Jira issues with thanks to contributions from speedy3k , tevans , csh, Guus, and dwd.


Here are SHA-1 hashes for the download artifacts


10093d7d5af8e68a69544d1a647978f2523f88c7  openfire_3_10_3.dmg

ecc63d97173f6795759fe8bfab5974477d98d608  openfire_3_10_3.exe

8e5609b1d44cd1f6ede939f5219c70acd7d06e38  openfire_3_10_3.tar.gz


22cf5b6a62760d53bcd87d4b87f3c787cb5a57b7  openfire_src_3_10_3.tar.gz


ebf86f137e4cf95552f7d22d2e65fb93e3aa6794  openfire-3.10.3-1.i386.rpm

211545b3c4e1f88a34ee7ba4a9fd5d5325de72b8  openfire_3.10.3_all.deb


Please note that we are no longer producing a Solaris build, due to perceived lack of interest and some strange build problems we encountered with our Bamboo build agent.  If you would like to help out with creating a Solaris build, please respond in the community forums.


As a reminder, Openfire is developed by a group of volunteers and are always looking for more developers and testers to pitch in.  Please stop by our XMPP chatroom at any time and say if you are interested in helping out!


Happy Chatting!


by Ignite Realtime Blog ( at November 18, 2015 16:21

Peter Saint-Andre

RFC 7711 and RFC 7712: POSH and DNA

Today the IETF published two intertwined specifications that I've co-authored with a few folks in the XMPP community: RFC 7711 and RFC 7712.

November 18, 2015 00:00

November 14, 2015

Tigase Blog

November 13, 2015

Daniel Pocock

Building teams around SIP and XMPP in Debian and Fedora

I've recently started a discussion on the Fedora devel mailing list about building a team to collaborate on RTC services (SIP, XMPP, TURN and WebRTC) for the Fedora community. We already started a similar team within Debian.

This isn't only for developers or package maintainers and virtually anybody with a keen interest in free software can help. Testing different softphones and putting screenshots on the wiki can help a lot (the Debian wiki already provides some examples). The site is not intended to be an advertisement for my web design skills and anybody with expertise in design would be very welcome to contribute.

Teamwork in this endeavor can provide many benefits:

  • Sharing knowledge about RTC, for use within our communities and also for other communities using the free and open technology
  • Engaging with collaborators who are not involved in packaging teams, for example, the Debian RTC team has also had interest from upstream developers who are not on other Debian or Fedora mailing lists
  • Minimizing the effort required by the system administrators (the DSA team in Debian or Infrastructure team in Fedora) by triaging user problems and planning and testing any proposed changes.
  • Freeing up developer time to work on new features, such as the exciting work I'm doing on telepathy-resiprocate.

There are also many opportunities for project work that go beyond traditional packaging responsibilities. Wouldn't it be interesting to find ways to integrate the publish/subscribe capabilities of SIP and XMPP with the Fedmsg infrastructure?

Bringing XMPP to

We recently launched XMPP for and it would not be hard to replicate for users. Sure, some people are happy running their own XMPP servers. There are just as many people who prefer to focus on development and have something like XMPP provided for them.

With the strong emphasis on building a roster/buddy-list, XMPP can also help to facilitate long-term engagement in the community and users may identify more closely with the project.

I haven't offered XMPP on the trial service because it would be inconvenient for people to migrate buddy lists to the domain when the service is officially adopted.

Collaboration across communities

There are various other places where we can share knowledge between teams in different communities and people are invited to participate.

The Free-RTC mailing list is a great place to discuss free RTC strategies and initiatives.

The XMPP operators mailing list provides a forum to discuss operational issues in the XMPP space, such as keeping out the spammers.

Would you like to participate?

Please consider joining some of the mailing lists I've mentioned, replying to the thread on the Fedora devel mailing list, volunteering for the Debian RTC team or emailing me personally.

by Daniel.Pocock at November 13, 2015 11:52

November 11, 2015

Nicolas Vérité

Some news of the XMPP universe

The XMPP universe is still alive. Some may have forgotten too quickly. Here are some fresh items.

XMPP and SIP together on!

In this article: « RTC: announcing XMPP, SIP presence and more », Daniel Pocock says:

The Debian Project now has an XMPP service available to all Debian Developers. Your email identity can be used as your XMPP address.

It is based on! Congrats!

Debian Debian

jabberd2 is alive!

Tomasz Sterna releases  (minor) version de jabberd2, the XMPP server, written in C, under the GPL licence!

The changes:

  • Rewrite TLS ephemeral key + cipher handling
  • Recover Berkeley DB before opening it
  • bcrypt support for PostgreSQL
  • Option to set authreg module per realm
  • AuthReg ANONYMOUS does not offer password check
  • Answer to disco#info queries to user JID
  • WebSocket C2S SX plugin

The force awakens? Huh… sorry.

Zombie Hack services, not bad

Zombie Hack offers some collaboration services: open, standards, and open source:

  • XMPP, what else?
  • IRC
  • Etherpad
  • Soon ownCloud

converse.js in version 0.10.0

The free and open source web XMPP client converse.js is delivered in version 0.10.0, under MPL license:

This release drops CSS support for IE8 and IE9.

  • #459 Wrong datatype passed to converse.chatboxes.getChatBox. [hobblegobber, jcbrand]
  • #493 Roster push fix [jcbrand]
  • #403 emit an event rosterPush when a roster push happens [teseo]
  • #502. Chat room not opened in non_amd version. [rjanbiah]
  • #505 Typo caused [object Object] in room info [gromiak]
  • #508 « Is typing » doesn’t automatically disappear [jcbrand]
  • #509 Updated Polish translations [ser]
  • #510 MUC room memberlist is being cleared with page reload when keepalive option is set. [jcbrand]
  • Add the ability to also drag-resize chat boxes horizontally. [jcbrand]
  • Updated Sass files and created a new style. [jcbrand]

Thanks JC Brand!

Hacker News

Hacker News has recently covered XMPP:

XMPP For Paranoid People

_NSAKEY has published:

The presentation « XMPP For Paranoid People » (instructive) has a 8-bits design! ;-)

XMPP is alive!

XMPP might not be trendy anymore, we are in a local minima:

This will go back to normal, soon.

by nyco at November 11, 2015 21:00

November 09, 2015

Nicolas Vérité

Des news de, jabberd2, Zombie Hack, converse.js

Léger rafraîchissement de l’univers XMPP…

XMPP et SIP main dans la main sur !

Dans un article intitulé: « RTC: announcing XMPP, SIP presence and more », Daniel Pocock nous dit :

The Debian Project now has an XMPP service available to all Debian Developers. Your email identity can be used as your XMPP address.

C’est basé sur ! Félicitations !

Debian Debian

jabberd2 est vivant !

Tomasz Sterna nous gratifie d’une toute nouvelle version (mineure) de jabberd2, le serveur XMPP écrit en C sous licence GPL !

Les changements :

  • Rewrite TLS ephemeral key + cipher handling
  • Recover Berkeley DB before opening it
  • bcrypt support for PostgreSQL
  • Option to set authreg module per realm
  • AuthReg ANONYMOUS does not offer password check
  • Answer to disco#info queries to user JID
  • WebSocket C2S SX plugin

Le réveil de la force ? Euh… hum… pardon.

Zombie Hack, des services pas bêtes

Le site Zombie Hack offre des services de collaborations ouverts, standards et open source :

  • XMPP bien sûr, what else?
  • IRC
  • Etherpad
  • Bientôt ownCloud

converse.js en version 0.10.0

Le client XMPP web libre et open source converse.js est livré en version 0.10.0, sous sa licence MPL :

This release drops CSS support for IE8 and IE9.

  • #459 Wrong datatype passed to converse.chatboxes.getChatBox. [hobblegobber, jcbrand]
  • #493 Roster push fix [jcbrand]
  • #403 emit an event rosterPush when a roster push happens [teseo]
  • #502. Chat room not opened in non_amd version. [rjanbiah]
  • #505 Typo caused [object Object] in room info [gromiak]
  • #508 « Is typing » doesn’t automatically disappear [jcbrand]
  • #509 Updated Polish translations [ser]
  • #510 MUC room memberlist is being cleared with page reload when keepalive option is set. [jcbrand]
  • Add the ability to also drag-resize chat boxes horizontally. [jcbrand]
  • Updated Sass files and created a new style. [jcbrand]

Merci JC Brand !

XMPP est bien vivant !

XMPP n’est plus à la mode, on est dans le creu :

Mais ça va remonter, et ça va être efficace !

by nyco at November 09, 2015 11:30

Daniel Pocock RTC: announcing XMPP, SIP presence and more

Announced 7 November 2015 on the debian-devel-announce mailing list.

The Debian Project now has an XMPP service available to all Debian Developers. Your email identity can be used as your XMPP address.

The SIP service has also been upgraded and now supports presence. SIP and XMPP presence, rosters and messaging are not currently integrated.

The Lumicall app has been improved to enable rapid setup for SIP users.

This announcement concludes the maintenance window on the RTC services. All services are now running on jessie (using packages from jessie-backports).

XMPP and SIP enable a whole new world of real-time multimedia communications possibilities: video/webcam, VoIP, chat messaging, desktop sharing and distributed, federated communication are the most common use cases.

Details about how to get started and get support are explained in the User Guide in the Debian wiki. As it is a wiki, you are completely welcome to help it evolve.

Several of the people involved in the RTC team were also at the Cambridge mini-DebConf (7-8 November).

The password for all these real time communication services can be set via the LDAP control panel. Please note that this password needs to be different to any of your other existing passwords. Please use a strong password and please keep it secure.

Some of the infrastructure, like the TURN server, is shared by clients of both SIP and XMPP. Please configure your XMPP and SIP clients to use the TURN server for audio or video streaming to work most reliably through NAT.

A key feature of both our XMPP and SIP services is that they support federated inter-connectivity with other domains. Please try it. The FedRTC service for Fedora developers is one example of another SIP service that supports federation. For details of how it works and how we establish trust between domains, please see the RTC Quick Start Guide. Please reach out to other communities you are involved with and help them consider enabling SIP and XMPP federation of their own communities/domains: as Metcalfe's law suggests, each extra person or community who embraces open standards like SIP and XMPP has far more than just an incremental impact on the value of these standards and makes them more pervasive.

If you are keen to support and collaborate on the wider use of Free RTC technology, please consider joining the Free RTC mailing list sponsored by FSF Europe. There will also be a dedicated debian-rtc list for discussion of these technologies within Debian and derivatives.

This service has been made possible by the efforts of the DSA team in the original SIP+WebRTC project and the more recent jessie upgrades and XMPP project. Real-time communications systems have specific expectations for network latency, connectivity, authentication schemes and various other things. Therefore, it is a great endorsement of the caliber of the team and the quality of the systems they have in place that they have been able to host this largely within their existing framework for Debian services. Feedback from the DSA team has also been helpful in improving the upstream software and packaging to make them convenient for system administrators everywhere.

Special thanks to Peter Palfrader and Luca Filipozzi from the DSA team, Matthew Wild from the Prosody XMPP server project, Scott Godin from the reSIProcate project, Juliana Louback for her contributions to JSCommunicator during GSoC 2014, Iain Learmonth for helping get the RTC team up and running, Enrico Tassi, Sergei Golovan and Victor Seva for the Prosody and prosody-modules packaging and also the Debian backports team, especially Alexander Wirt, helping us ensure that rapidly evolving packages like those used in RTC are available on a stable Debian system.

by Daniel.Pocock at November 09, 2015 07:57

November 08, 2015

Daniel Pocock

Problems observed during Cambridge mini-DebConf RTC demo

A few problems were observed during the demo of RTC services at the Cambridge mini-DebConf yesterday. As it turns out, many of them are already documented and solutions are available for some of them.

Multiple concurrent SIP registrations

I had made some test calls on Friday using and I still had the site open in another tab in another browser window. When people tried to call me during the demo, both tabs were actually ringing but only one was visible.

When a SIP client registers, the SIP registration server sends it a list of all other concurrent registrations in the response message. We simply need to extend JSCommunicator to inspect the response message and give some visual feedback about other concurrent registrations. Issue #69. SIP also provides a mechanism to clear concurrent registrations and that could be made available with a button or configuration option too (Issue #9).

Callee hears ringing before connectivity checks completed

The second issue during the WebRTC demo was that the callee (myself) was alerted about the call before the ICE checks had been performed. The optimal procedure to provide a slick user experience is to run the connectivity checks before alerting the callee. If the connectivity checks fail, the callee should never be alerted with a ringing sound and would never know somebody had tried to call. The caller would be told that the call was unable to be attempted and encouraged to consider trying again on another wifi network.

RFC 5245 recommends that connectivity checks should be done first but it is not mandatory. One reason this is problematic with WebRTC is the need to display the pop-up asking the user for permission to share their microphone and webcam: the popup must appear before connectivity checks can commence. This has been discussed in the JsSIP issue tracker.

Non-WebRTC softphones, such as Lumicall, do the connectivity checks before alerting the callee.

Dealing with UDP blocking

It appears the corporate wifi network in the venue was blocking the UDP packets so the connectivity checks could never complete, not even using a TURN server to relay the packets.

People trying to use the service on home wifi networks, in small offices and mobile tethering should not have this problem as these services generally permit UDP by default.

Some corporate networks, student accommodation and wifi networks in some larger hotels have blocked UDP and in these cases, additional effort must be made to get through the firewall.

The TURN server we are running for also supports a TLS transport but it simply isn't configured yet. At the time we originally launched the WebRTC service in 2013, the browsers didn't support TURN over TLS at all but now they do. This is probably the biggest problem encountered during the demo but it does not require any code change to resolve this, just configuration, so a solution is well within reach.

During the demo, we worked around the issue by turning off the wifi on my laptop and using tethering with a 4G mobile network. All the calls made successfully during the demo used the tethering solution.

Add a connectivity check timeout

The ICE connectivity checks appeared to keep running for a long time. Usually, if UDP is not blocked, the ICE checks would complete in less than two seconds. Therefore, the JavaScript needs to set a timeout between two and five seconds when it starts the checks and give the user a helpful warning about their network problems if the timeout is exceeded. Issue #73 in JSCommunicator.

While these lengthy connectivity checks appear disappointing, it is worth remembering that this is an improvement over the first generation of softphones: none of them made these checks at all, they would simply tell the user the call had been answered but audio and video would only be working in one direction or not at all.

Microphone issues

One of the users calling into the demo, Juliana, was visible on the screen but we couldn't hear her. This was a local audio hardware issue with her laptop or headset. It would be useful if the JavaScript could provide visual feedback when it detects a voice (issue #74) and even better, integrating with the sound settings so that the user can see if the microphone is muted or the gain is very low (issue #75).

Thanks to participants in the demo

I'd like to thank all the participants in the demo, including Juliana Louback who called us from New York, Laura Arjona who called us from Madrid, Daniel Silverstone who called from about three meters away in the front row and Iain Learmonth who helped co-ordinate the test calls over IRC.

Thanks are also due to Steve McIntyre, the local Debian community, ARM and the other sponsors for making another mini-DebConf in the UK this year.

by Daniel.Pocock at November 08, 2015 09:16

November 06, 2015

Remko Tronçon

Optimizing Static Sites

As an excuse to play around with some web stuff, I pretended my website was getting so much traffic it was costing me an arm and leg to host it, and that my users complained it was too slow for them. Because my website is statically generated, optimizing it was pretty low hanging fruit, so I set out to do a few tweaks to optimize it, and wrote them down here for future reference.

Continue reading post

by Remko Tronçon at November 06, 2015 23:00


Elixir Paris Meetup #3 Summary

After having been inactive for some time, Elixir Meetup reboot gathering happened last Tuesday in Paris. It gathered quite a large crowd of enthusiastic developers that came to exchange and learn about Elixir programming language.


The talks were a good mix of highly advanced demos and good overview for newcomers. Arnaud Wetzel and Antoine Reyt demoed how to build an robust, scalable and fault-tolerant ad-server. The demo was very impressive and coverage many concept of the Elixir environment, including Erlang supervision process, macros, etc. The result of their work with explanations and screenshot from the demo is published on Github: awetzel/ssp_demo.

Following that excellent demo, I (Mickaël Rémond) covered the history of the Elixir programming language and explained the reasons of the success and the key features. Here are the slides of my presentation:

Next Elixir Paris Meetup will take place on November 25th, with a focus on Phoenix framework. Given the success of our third meetup, we will need for sure a much bigger room :)

You can join us on Meetup: Elixir Paris

by Mickaël Rémond at November 06, 2015 17:58

XMPP Radar Newsletter #4

Welcome to the fourth issue of our newsletter. This month was very busy for XMPP development with several projects reaching important milestones. You can subscribe to the XMPP Radar newsletter and receive it in your inbox at the end of each month. Here are the links we found interesting in October:

ProcessOne released ejabberd 15.10 with HTTP upload, metrics and performance

This month’s ejabberd release contains brand new features, performance optimisations, bugfixes and many other improvements. This release includes a brand new module to help with file transfer. In XMPP transferring files between users required users to be online at the same time. Not any more.

The Tor Project releases beta version of its anonymous instant messenger

The Tor Project has just released the beta version of Tor Messenger, a chat client that allows for anonymous, “off-the-record” chats based on Tor’s secure browsing system.

Nexedi releases HTML5 Jabber Client on OfficeJS

Interestingly, the project uses two front end frameworks: RenderJS and jIO. RenderJS gadgets cover reusable components made from HTML, JavaScript and CSS. jIO maintains a chat history in the browser’s storage (indexedDB) keeping conversion histories on the respective users’ devices.

Building an XMPP iOS client in Swift 2

The goal here is to be able to create a simple yet powerful messaging app, in a record time. With the power of CocoaPods and our Swift Wrapper, we, and now YOU are able to do so much more when it comes to messaging in Swift.

Lightwatch: An IOT prototype using XMPP and Android

IOT HUB prepared a deep description of a prototype of an IOT system that will continuously transmit information about ambient light conditions from an Android device.

10 reasons why instant messaging is essential for recruitment

The majority of recruitment communication is still done over email. Tons of threaded emails with parties joining and leaving. Andy Headworth argues that recruitment should switch to XMPP as soon as possible.

84% of millennials act on push notifications

Everybody knows that push notifications are a powerful trigger for users, but this article gives the actual numbers to prove it.

by Marek Foss at November 06, 2015 13:42

November 05, 2015


XMPP Academy #2 Video and Slides

We had last wednesday our second XMPP Academy live online event. Thank you for all our customers who attended and for all the questions we received.

Here are the questions that were covered during that session:

  1. ejabberd questions:
  1. XMPP questions:

The full video recording of that session is now online and available for everyone to enjoy.

Please, send us your XMPP questions for the next event !

For those who just need access to the slides, they are on Slideshare:

And of course, do not hesitate to watch XMPP Academy #1 video.

by Mickaël Rémond at November 05, 2015 14:43

November 03, 2015

Daniel Pocock

How much of Linux will be illegal in the UK?

This week I've been in the UK again, giving a talk about Lumicall and JSCommunicator in Manchester last night and a talk about Free Real-Time Communications at the mini-DebConf in Cambridge on the weekend of 7-8 November.

An interesting backdrop to these activities has been a national debate about Internet privacy. The UK Government and police are demanding laws to mandate back doors in all communications products and services.

It leaves me wondering about a range of issues:

  • Will overzealous UK police, reknowned for singling out and bullying people who don't conform with their idea of normality, start taking a more sinister attitude to people using software like Linux? For example, if airport security asks to inspect a laptop and doesn't see the familiar Windows or Mac OS desktop, will the owner of the laptop be delayed or told to leave it behind? Some people may feel this is extreme, but workers in these roles are known for taking initiative in their own special way, such as the infamous baby pat-down. If the owner of a Linux laptop is a Muslim, like the Texas schoolboy recently arrested because his clock looks suspicious to the untrained eye of a policeman, the chances of a rough encounter with authority probably rise even further.
  • Will developers still be able to use technologies like PGP and ZRTP in the UK? Will PGP key-signing parties become illegal or have to be held 20 miles offshore on a boat like the legendary pirate radio stations of the sixties?
  • Will Linux distributions such as Debian and Fedora have to avoid distributing packages such as Enigmail?
  • Will updates to Android and iOS on smartphones seek to automatically disable or remove apps like Lumicall?
  • Even if a user chooses a secure app like Lumicall for communication, will the vendor of the operating system be required to provide alternative ways to monitor the user, for example, by intercepting audio before it is encrypted by the app?
  • Without strong encryption algorithms, digital signatures will no longer be possible either and it will be impossible for software vendors to securely distribute new versions of their software.
  • Why should the police be the only workers to have their job done for them by Internet snooping? Why shouldn't spouses have a right to all their partner's communications to periodically verify they are not cheating and putting themselves at risk of diseases? Why shouldn't employers be able to check on employee's private communications and home computers to help prevent leaks of customer data? Why shouldn't the NHS be able to go through people's garbage to monitor what they eat given the WHO warning that bacon is more likely to kill you than a terrorist?
  • While the authorities moan about the internet being a "safe" place for terrorists and paedophiles, what is their real motivation for trying to bring in these new laws, even when their best technical advisors must surely be telling them about the risks and negative consequences for compatibility of UK systems in a global Internet? If the terrorist scare story is not so credible, is it more likely they are seeking to snoop on people who may not be paying taxes or to maintain the upper hand over rival political parties like the Greens and the UKIP in a time of prolonged and increasingly punitive austerity?
  • Australia already introduced similar laws a few weeks ago, despite widespread criticism from around the world. With cricket and rugby now over, is the UK just looking to go one up on Australia in the game of snooping?

Island mentality in the Internet age

Politics aside, what would this mean from a technical perspective? The overwhelming consensus among experts is that secure technology that people use and expect in many other parts of the world, including the US, simply won't be compatible with the products and services that UK residents will be permitted to use. Bigger companies like Google and Apple may be able to offer differentiated versions of their services for the UK but smaller companies or companies who have built their reputation on technical excellence simply won't be able or willing to offer crippled versions of their products with backdoors for the UK. The UK's island geography will become a metaphor for its relationship with the global marketplace.

The first thing to take note of is that encryption and authentication are closely related. Public-key cryptography, for example, simply swaps the public key and private key when being used to authenticate instead of encrypt. An effective and wide-reaching legal ban on encryption would also potentially prohibit the algorithms used for authentication.

Many methods of distributing software, including packages distributed through Linux distributions or apps distributed through the Google Play store are authenticated with such algorithms. This is often referred to as a digital signature. Digital signatures help ensure that software is not corrupted, tampered with by hackers or infected by viruses when it is transmitted and stored in the public Internet.

To correctly implement these mechanisms for installing software safely, every device running an operating system such as Debian, Ubuntu, Fedora or Android needs to include some software modules implementing the algorithms. In Linux, for example, I'm referring to packages like GnuPG, OpenSSL and GnuTLS. Without these components, it would be hard or even impossible for developers in the UK to contribute or publish new versions of their software. Users of the software would not be able to securely receive vital updates to their systems.

An opportunity for free software?

Some people say that any publicity can be good publicity. Now the Government has put the ball into play, people promoting secure solutions based on free software have an opportunity to participate in the debate too.

While laws may or may not change, principles don't. It is a perfect time to remind users that many of the principles of software freedom were written down many years ago, before the opportunity for mass surveillance came into existence. These principles remain relevant to this day. The experts who developed these principles back then are also far more likely to offer insights and trustworthy solutions for the road ahead.

If you'd like to discuss these issues or ask questions, please join the Free-RTC mailing list.

by Daniel.Pocock at November 03, 2015 19:13

November 02, 2015

Daniel Pocock

FOSDEM 2016 Real-Time Communications dev-room and lounge

FOSDEM is one of the world's premier meetings of free software developers, with over five thousand people attending each year. FOSDEM 2016 takes place 30-31 January 2016 in Brussels, Belgium.

This call-for-participation contains information about:

  • Real-Time communications dev-room and lounge,
  • speaking opportunities,
  • volunteering in the dev-room and lounge,
  • related events around FOSDEM, including the XMPP summit,
  • social events (including the Saturday night dinner),
  • the Planet aggregation sites for RTC blogs

Call for participation - Real Time Communications (RTC)

The Real-Time dev-room and Real-Time lounge is about all things involving real-time communication, including: XMPP, SIP, WebRTC, telephony, mobile VoIP, codecs, privacy and encryption. The dev-room is a successor to the previous XMPP and telephony dev-rooms. We are looking for speakers for the dev-room and volunteers and participants for the tables in the Real-Time lounge.

The dev-room is only on Saturday, 30 January 2016 in room K.3.401. The lounge will be present for both days in building K.

To discuss the dev-room and lounge, please join the FSFE-sponsored Free RTC mailing list.

Speaking opportunities

Note: if you used Pentabarf before, please use the same account/username

Main track: the deadline for main track presentations was midnight on 30 October. Leading developers in the Real-Time Communications field are encouraged to consider submitting a presentation to the main track.

Real-Time Communications dev-room: deadline 27 November. Please also use the Pentabarf system to submit a talk proposal for the dev-room. On the "General" tab, please look for the "Track" option and choose "Real-Time devroom".

Other dev-rooms: some speakers may find their topic is in the scope of more than one dev-room. It is permitted to apply to more than one dev-room but please be kind enough to tell us if you do this. See the full list of dev-rooms.

Lightning talks: deadline 27 November. The lightning talks are an excellent opportunity to introduce a wider audience to your project. Given that dev-rooms are becoming increasingly busy, all speakers are encouraged to consider applying for a lightning talk as well as a slot in the dev-room. Pentabarf system to submit a lightning talk proposal. On the "General" tab, please look for the "Track" option and choose "Lightning Talks".

First-time speaking?

FOSDEM dev-rooms are a welcoming environment for people who have never given a talk before. Please feel free to contact the dev-room administrators personally if you would like to ask any questions about it.

Submission guidelines

The Pentabarf system will ask for many of the essential details. Please remember to re-use your account from previous years if you have one.

In the "Submission notes", please tell us about:

  • the purpose of your talk
  • any other talk applications (dev-rooms, lightning talks, main track)
  • availability constraints and special needs

You can use HTML in your bio, abstract and description.

If you maintain a blog, please consider providing us with the URL of a feed with posts tagged for your RTC-related work.

We will be looking for relevance to the conference and dev-room themes, presentations aimed at developers of free and open source software about RTC-related topics.

Please feel free to suggest a duration between 20 minutes and 55 minutes but note that the final decision on talk durations will be made by the dev-room administrators. As the two previous dev-rooms have been combined into one, we may decide to give shorter slots than in previous years so that more speakers can participate.

Please note FOSDEM aims to record and live-stream all talks. The CC-BY license is used.

For any questions, please join the FSFE-sponsored Free RTC mailing list.

Volunteers needed

To make the dev-room and lounge run successfully, we are looking for volunteers:

  • FOSDEM provides video recording equipment and live streaming, volunteers are needed to assist in this
  • organizing one or more restaurant bookings (dependending upon number of participants) for the evening of Saturday, 30 January
  • participation in the Real-Time lounge
  • helping attract sponsorship funds for the dev-room to pay for the Saturday night dinner and any other expenses
  • circulating this Call for Participation to other mailing lists

FOSDEM is made possible by volunteers and if you have time to contribute, please feel free to get involved.

Related events - XMPP and RTC summits

The XMPP Standards Foundation (XSF) has traditionally held a summit in the days before FOSDEM. There is discussion about a similar summit taking place on 28 and 29 January 2016. Please see the XSF Summit 19 wiki and join the mailing list to discuss.

We are also considering a more general RTC or telephony summit, potentially on 29 January. Please join the Free-RTC mailing list and send an email if you would be interested in participating, sponsoring or hosting such an event.

Social events and dinners

The traditional FOSDEM beer night occurs on Friday, 29 January

On Saturday night, there are usually dinners associated with each of the dev-rooms. Most restaurants in Brussels are not so large so these dinners have space constraints. Please subscribe to the Free-RTC mailing list for further details about the Saturday night dinner options and how you can register for a seat.

Spread the word and discuss

If you know of any mailing lists where this CfP would be relevant, please forward this email. If this dev-room excites you, please blog or microblog about it, especially if you are submitting a talk.

If you regularly blog about RTC topics, please send details about your blog to the planet site administrators:

Please also link to the Planet sites from your own blog or web site.


For discussion and queries, please subscribe to the Free-RTC mailing list.

The dev-room administration team:

by Daniel.Pocock at November 02, 2015 10:29

October 29, 2015


ejabberd 15.10: HTTP upload, metrics and performance

This month’s ejabberd release contains brand new features, performance optimisations, bugfixes and many other improvements.

This release includes a brand new module to help with file transfer. In XMPP transferring files between users required users to be online at the same time. It all changed with XEP-0363 and it is now possible to share file using HTTP protocol while doing the signaling over XMPP. Thanks to Holger and Evgeny, we are now pleases to include this feature in ejabberd core, with mod_http_upload.

ejabberd now also include a module to export metrics information about ejabberd behaviour to Grapherl, a tool that was developed during the Google Summer of Code by Vanshdeep Singh. This is only the beginning, as we are planning to both increase the number of metrics and available backends in upcoming releases. As a start, you can now track the traffic (both from clients and between servers), the offline messages and the user registration and account deletion.

We improved the overall performance of ejabberd, thanks to optimisation in the XML parser.

We also improved the documentation to help you set up mod_xmlrpc with OAuth for those who were already using it prior to 15.09 release.

Finally, as usual, we fixed bugs and improved many features across the whole server.

Here is the full list of changes.



  • c2s: Let stop/1 close XEP-0198 sessions
  • c2s: Close socket when waiting for resume
  • s2s: Don’t crash on certificates without extensions
  • xml: Optimizations in memory allocator
  • OAuth: Fix cyrsasl_oauth:mech_new call


  • mod_http_upload: New HTTP File Upload module (XEP-0363)
  • mod_http_upload_quota: New module to support user quotas
  • mod_metrics: New simple metrics module for use with grapherl
  • mod_mam: Advertise XEP-0313 v0.4 support in room disco
  • mod_mam: Avoid MAM dups when routing to multiple resources


  • Make: Pass {C,CPP,LD}FLAGS used in main ./configure to deps
  • Use OTP directory structure for ‘make install’
  • mix.lock should be commited to ensure consistent builds
  • Code cosmetic cleanup


  • Let modules_update_specs report failures
  • Fix problem with –auth
  • Fix unauthenticated calls to commands with policy=user
  • Improve access_commands option backward compatibility


  • ejabberdctl.cfg: New CONTRIB_MODULES_CONF_DIR
  • Be able to merge old style configs with {listen,…}
  • Fix support for macros
  • mod_ping: New option ping_ack_timeout


As usual, the release is tagged in the Git source code repository on Github.

The source package and binary installers are available at ProcessOne.

If you suspect that you’ve found a bug, please search or fill a bug report on Github.

by Christophe Romain at October 29, 2015 14:55

October 28, 2015

Daniel Pocock

Free Real-Time Communications workshop in Manchester, 2 November

Manchester Free Software and MadLab are hosting a workshop on Free and Federated Real-Time Communications with Free Software next Monday night, 2 November from 7pm.

Add this to your calendar (iCalendar link)

Users and developers are invited to come and discover the opportunities for truly free and secure chat, voice and video with WebRTC, mobile VoIP and the free desktop.

This is an interactive workshop with practical, hands-on opportunities to explore this topic, see what works and what doesn't and learn about troubleshooting techniques to help developers like myself improve the software. This is also a great opportunity for any Java developers who would like to get some exposure to the Android platform.

People wishing to fully participate in all the activities are encouraged to bring a laptop with the Wireshark software and Android tools (especially adb, the command line utility) or if you prefer to focus on WebRTC, have the latest version of Firefox and Chrome installed.

If you are keen to run the DruCall module for WebRTC or your own SIP or XMPP server, you can try setting it up as described in the RTC Quick Start Guide and come along to the workshop with any questions you have.

A workshop near you?

Manchester has a history of great technological innovation, including the first stored program computer and it is a real thrill for me to offer this workshop there.

FSFE Manchester ran a workshop evaluating the performance of free software softphones back in 2012.

Over the coming months, I would like to be able to hold further workshops in other locations to get feedback from people who are trying this technology, including the Lumicall app, JSCommunicator and DruCall. If you are interested in helping organize such an event or you have any other feedback about this topic, please come and discuss it on the Free RTC mailing list.

by Daniel.Pocock at October 28, 2015 16:29


ejabberd Saas Console: Introducing Delegation and Permission System

We just release a new feature on our ejabberd SaaS Console

Server owners can now invite their co-workers and give them access to some parts of their dashboard.

To do so, from the dashboard root, choose Permission tab. By the way, you can notice that dashboard root changed. It is not your own server page status anymore but the list of all servers you have access to : your own one and those that some people may have shared with you as we will see further.


The new permission system is based on Group. You can associate a user (using his/her email address) to one or many groups and you can define one or more permissions on each group.


Here we will add a new DevOps Group to existing Admin and Dev Group

Screenshot 2015-10-20 15.01.17

Then we will allow users from Admin Group to have access to status, documentation and metrics of our “another” server. For DevOps Group, we will only allow server status access. At any time, you can remove any permission to a group, just edit them by clicking again on Authorize.


Screenshot 2015-10-20 15.03.46

Screenshot 2015-10-20 15.26.01

To add a user to a Group, just click on “User list” and fill the form. Here we will add a new admin user to Admin Group and a new devops user to DevOps Group

Screenshot 2015-10-20 15.03.11

Screenshot 2015-10-20 15.35.44

Now, if we sign in using recently invited admin account, we will a see “another” server and the three links : Metrics, Status and Documentation.

Screenshot 2015-10-20 15.25.23

But as Devops user, we will only see Status link for “another” server and “test” server that some other account will have shared (status only) with us.

Screenshot 2015-10-20 15.23.52

Happy sharing and collaboration on your ejabberd server.

by Sébastien Luquet at October 28, 2015 10:42