#1370 mod_auth_external error

Reporter Ingo
Owner Nobody
Created
Updated
Stars ★ (1)
Tags
  • Priority-Medium
  • Status-CantReproduce
  • Type-Defect
  • Component-Community
  1. Ingo on

    What steps will reproduce the problem? During the night Prosody stop working. Clients are then offline and can't reconnect. Restarting prosody service doesn't help. Server seems to start again, but clients still can't connect. What is the expected output? Well, keep running, of course. ;-) What version of the product are you using? On what operating system? ii prosody 0.11.2-1~stretch1 amd64 on Debian Stretch. Please provide any additional information below. May 28 00:36:32 mod_s2s debug opening a new outgoing connection for this stanza May 28 00:36:32 mod_s2s debug stanza [presence] queued until connection complete May 28 00:36:32 s2sout55cd30b463a0 debug First attempt to connect to pirati.ca, starting with SRV lookup... May 28 00:36:32 adns debug Records for _xmpp-server._tcp.pirati.ca. not in cache, sending query (thread: 0x55cd2fcf8cb0)... May 28 00:36:32 adns debug Sending DNS query to 192.168.254.1 May 28 00:36:32 util.async debug New guard! May 28 00:36:32 runnerCPr3ZA57 debug changed state from ready to waiting May 28 00:36:32 socket debug try to close client connection with id: 55cd2ff76100 May 28 00:36:32 socket debug closing delayed until writebuffer is empty May 28 00:36:32 rostermanager debug load_roster: asked for: ij@nerdica.net May 28 00:36:32 mod_admin_web debug Added client ij@nerdica.net/jitsi-26cqglj May 28 00:36:32 c2s55cd30f1ab00 debug Sending[c2s]: <iq type='result' id='Tyr1o-17713'> May 28 00:36:32 c2s55cd30f1ab00 debug Resource bound: ij@nerdica.net/jitsi-26cqglj May 28 00:36:32 socket debug closing client after writing May 28 00:36:32 socket debug closing client with id: 55cd2ff76100 client to close May 28 00:36:32 c2s55cd2ff79680 info Client disconnected: connection closed May 28 00:36:32 c2s55cd2ff79680 debug Destroying session for (unknown) ((unknown)@(unknown)) May 28 00:36:32 socket debug new connection established. id: 55cd304f4de0 May 28 00:36:32 util.async debug Guard off duty. May 28 00:36:32 runnerCPr3ZA57 debug Calling 'error' watcher May 28 00:36:32 c2s55cd2ff79680 error Traceback[c2s]: /usr/lib/prosody/core/stanza_router.lua:176: attempt to index field '?' (a nil value) stack traceback: /usr/lib/prosody/core/stanza_router.lua:176: in function 'core_post_stanza' /usr/lib/prosody/modules/mod_presence.lua:63: in function 'handle_normal_presence' /usr/lib/prosody/modules/mod_presence.lua:303: in function '?' /usr/lib/prosody/util/events.lua:79: in function </usr/lib/prosody/util/events.lua:75> (...tail calls...) /usr/lib/prosody/core/stanza_router.lua:180: in function 'core_post_stanza' /usr/lib/prosody/core/stanza_router.lua:127: in function 'core_process_stanza' /usr/lib/prosody/modules/mod_c2s.lua:276: in function 'func' /usr/lib/prosody/util/async.lua:127: in function </usr/lib/prosody/util/async.lua:125> May 28 00:36:32 runnerCPr3ZA57 debug creating new coroutine May 28 00:36:32 runnerCPr3ZA57 debug changed state from waiting to ready May 28 00:36:32 general error Top-level error, please report: /usr/lib/prosody/modules/mod_c2s.lua:228: attempt to index field 'conn' (a nil value) stack traceback: /usr/lib/prosody/modules/mod_c2s.lua:228: in function 'handler' /usr/lib/prosody/util/async.lua:211: in function </usr/lib/prosody/util/async.lua:149> (...tail calls...) /usr/lib/prosody/util/async.lua:79: in function 'done' /usr/lib/prosody/modules/mod_auth_external.lua:86: in function </usr/lib/prosody/modules/mod_auth_external.lua:84> [C]: in function 'loop' /usr/lib/prosody/net/server_event.lua:763: in function </usr/lib/prosody/net/server_event.lua:762> [C]: in function 'xpcall' /usr/bin/prosody:80: in function 'loop' /usr/bin/prosody:90: in main chunk [C]: in ? May 28 00:36:32 general error stack traceback: [C]: in function 'loop' /usr/lib/prosody/net/server_event.lua:763: in function </usr/lib/prosody/net/server_event.lua:762> [C]: in function 'xpcall' /usr/bin/prosody:80: in function 'loop' /usr/bin/prosody:90: in main chunk [C]: in ? May 28 00:36:32 c2s55cd30f1ab00 debug Received[c2s]: <iq id='Tyr1o-17714' type='set'> May 28 00:36:32 c2s55cd30f1ab00 debug Sending[c2s]: <iq type='result' id='Tyr1o-17714' to='ij@nerdica.net/jitsi-26cqglj'> May 28 00:36:32 socket debug try to close client connection with id: 55cd304f4de0 May 28 00:36:32 socket debug closing client with id: 55cd304f4de0 client to close May 28 00:36:32 adns debug Reply for _xmpp-server._tcp.pirati.ca. (thread: 0x55cd2fcf8cb0) May 28 00:36:32 s2sout55cd30b463a0 debug pirati.ca has SRV records, handling... May 28 00:36:32 s2sout55cd30b463a0 debug Best record found, will connect to manitu.pirati.ca.:5269 May 28 00:36:32 adns debug Records for manitu.pirati.ca. not in cache, sending query (thread: 0x55cd2f796910)... May 28 00:36:32 adns debug Sending DNS query to 192.168.254.1 May 28 00:36:32 adns debug Records for manitu.pirati.ca. not in cache, sending query (thread: 0x55cd2fa44ac0)... May 28 00:36:32 adns debug Sending DNS query to 192.168.254.1 May 28 00:36:32 socket debug new connection established. id: 55cd31077930 May 28 00:36:32 adns debug Reply for manitu.pirati.ca. (thread: 0x55cd2fa44ac0) May 28 00:36:32 s2sout55cd30b463a0 debug DNS reply for manitu.pirati.ca. gives us 2a00:1828:2000:195::2 May 28 00:36:32 socket debug try to close client connection with id: 55cd31077930 May 28 00:36:32 socket debug closing client with id: 55cd31077930 client to close May 28 00:36:32 adns debug Reply for manitu.pirati.ca. (thread: 0x55cd2f796910) May 28 00:36:32 s2sout55cd30b463a0 debug DNS reply for manitu.pirati.ca. gives us 89.238.64.144 May 28 00:36:32 s2sout55cd30b463a0 debug Beginning new connection attempt to pirati.ca ([2a00:1828:2000:195::2]:5269) May 28 00:36:32 s2sout55cd30b463a0 debug Connection attempt in progress... May 28 00:36:32 socket debug new connection established. id: 55cd3039e4a0 May 28 00:36:32 s2sout55cd30b463a0 debug Sending[s2sout_unauthed]: <?xml version='1.0'?> May 28 00:36:32 s2sout55cd30b463a0 debug Sending[s2sout_unauthed]: <stream:stream version='1.0' from='nerdica.net' to='pirati.ca' xml:lang='en' xmlns:db='jabber:server:dialback' xmlns:stream='http://etherx.jabber.org/streams' xmlns='jabber:server'> May 28 00:36:32 c2s55cd30f1ab00 debug Received[c2s]: <iq id='Tyr1o-17715' type='get'> May 28 00:36:32 c2s55cd30f1ab00 debug Sending[c2s]: <iq type='result' id='Tyr1o-17715' to='ij@nerdica.net/jitsi-26cqglj'> May 28 00:36:32 runnernN2fIJc4 debug creating new coroutine May 28 00:36:32 s2sout55cd30b463a0 debug Received[s2sout_unauthed]: <features xmlns='http://etherx.jabber.org/streams'> May 28 00:36:32 nerdica.net:tls debug Received features element May 28 00:36:32 nerdica.net:tls debug pirati.ca is offering TLS, taking up the offer... May 28 00:36:32 s2sout55cd30b463a0 debug Sending[s2sout_unauthed]: <starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'> May 28 00:36:32 c2s55cd30f1ab00 debug Received[c2s]: <iq type='get' id='Tyr1o-17716' to='nerdica.net'> May 28 00:36:32 c2s55cd30f1ab00 debug Sending[c2s]: <iq type='result' from='nerdica.net' id='Tyr1o-17716' to='ij@nerdica.net/jitsi-26cqglj'> May 28 00:36:32 s2sout55cd30b463a0 debug Received[s2sout_unauthed]: <proceed xmlns='urn:ietf:params:xml:ns:xmpp-tls'> May 28 00:36:32 nerdica.net:tls debug Proceeding with TLS on s2sout... May 28 00:36:32 socket debug try to start ssl at client id: 55cd3039e4a0 May 28 00:36:32 socket debug starting handshake... May 28 00:36:32 socket debug ssl handshake of client with id:table: 0x55cd3039e4a0, attempt:1 May 28 00:36:32 c2s55cd30f1ab00 debug Received[c2s]: <presence id='Tyr1o-17717'> May 28 00:36:32 nerdica.net:pep debug get_pep_service("ij") May 28 00:36:32 c2s55cd30f1ab00 debug Sending[c2s]: <presence id='Tyr1o-17717' from='ij@nerdica.net/jitsi-26cqglj'> May 28 00:36:32 nerdica.net:pep debug get_pep_service("ij") May 28 00:36:32 c2s55cd2e5d8450 debug Sending[c2s]: <presence from='ij@nerdica.net/jitsi-26cqglj' id='Tyr1o-17717' to='ij@nerdica.net/jitsi-3hv9jtv'> May 28 00:36:32 nerdica.net:pep debug get_pep_service("ij") May 28 00:36:32 s2sout55cd30b463a0 debug trying to send over unauthed s2sout to pirati.ca May 28 00:36:32 s2sout55cd30b463a0 debug stanza [presence] queued May 28 00:36:32 nerdica.net:pep debug get_pep_service("ij") May 28 00:36:32 util.async debug New guard! May 28 00:36:32 runnerWlP5xUBN debug changed state from ready to waiting May 28 00:36:32 general error Top-level error, please report: /usr/lib/prosody/util/async.lua:81: done() called too many times stack traceback: [C]: in function 'error' /usr/lib/prosody/util/async.lua:81: in function 'done' /usr/lib/prosody/modules/mod_auth_external.lua:86: in function </usr/lib/prosody/modules/mod_auth_external.lua:84> [C]: in function 'loop' /usr/lib/prosody/net/server_event.lua:763: in function </usr/lib/prosody/net/server_event.lua:762> [C]: in function 'xpcall' /usr/bin/prosody:80: in function 'loop' /usr/bin/prosody:90: in main chunk [C]: in ? May 28 00:36:32 general error stack traceback: [C]: in function 'loop' /usr/lib/prosody/net/server_event.lua:763: in function </usr/lib/prosody/net/server_event.lua:762> [C]: in function 'xpcall' /usr/bin/prosody:80: in function 'loop' /usr/bin/prosody:90: in main chunk [C]: in ? ------------------------------------------------------- prosodoy.cfg.lua --------------------- admins = { "ingo@juergensmann.de", "ij@jabber.windfluechter.net" } use_libevent = true; https_ssl = { key = "/etc/letsencrypt.sh/certs/jabber.windfluechter.net/privkey.pem"; certificate = "/etc/letsencrypt.sh/certs/jabber.windfluechter.net/fullchain.pem"; } c2s_ports = { 5222, 5223, 5225 }; c2s_require_encryption = true legcacy_ssl_ports = {5223, 5225}; legacy_ssl_ssl = { [5223] = { key = "/etc/letsencrypt.sh/certs/jabber.windfluechter.net/privkey.pem"; certificate = "/etc/letsencrypt.sh/certs/jabber.windfluechter.net/fullchain.pem"; }; [5225] = { key = "/etc/letsencrypt.sh/certs/nerdica.net/privkey.pem"; certificate = "/etc/letsencrypt.sh/certs/nerdica.net/fullchain.pem"; }; } modules_enabled = { -- Generally required "roster"; -- Allow users to have a roster. Recommended ;) "saslauth"; -- Authentication for clients and servers. Recommended if you want to log in. "tls"; -- Add support for secure TLS on c2s/s2s connections "dialback"; -- s2s dialback support "disco"; -- Service discovery -- Not essential, but recommended "private"; -- Private XML storage (for room bookmarks, etc.) "vcard4"; -- Allow users to set vCards "vcard_legacy"; -- https://prosody.im/doc/release/0.11.0#upgrade_notes -- "vcard_muc"; -- https://modules.prosody.im/mod_vcard_muc.html - XEP-0153 -- These are commented by default as they have a performance impact "blocklist"; -- https://prosody.im/doc/modules/mod_blocklist -- Nice to have "version"; -- Replies to server version requests "uptime"; -- Report how long server has been running "time"; -- Let others know the time here on this server "ping"; -- Replies to XMPP pings with pongs "pep"; -- _simple"; -- Enables users to publish their mood, activity, playing music and more "register"; -- Allow users to register on this server using a client and change passwords "register_web"; -- https://modules.prosody.im/mod_register_web.html -- Admin interfaces "admin_adhoc"; -- Allows administration via an XMPP client that supports ad-hoc commands "admin_telnet"; -- Opens telnet console interface on localhost port 5582 -- HTTP modules "bosh"; -- Enable BOSH clients, aka "Jabber over HTTP" "http"; -- Enable Prosody Webserver on default port 5280/5281 "http_files"; -- Serve static files from a directory over HTTP "http_upload"; -- uploads via HTTP "pubsub"; -- https://modules.prosody.im/mod_pubsub.html "pubsub_hub"; -- https://modules.prosody.im/mod_pubsub_hub.html "pubsub_eventsource"; "pubsub_post"; -- Other specific functionality "posix"; -- POSIX functionality, sends server to background, enables syslog, etc. "groups"; -- Shared roster support "announce"; -- Send announcement to all online users --"welcome"; -- Welcome users who register accounts "watchregistrations"; -- Alert admins of registrations --"motd"; -- Send a message to users when they log in "legacyauth"; -- Legacy authentication. Only used by some old clients and bots. "admin_web"; -- Web Administration, see https://code.google.com/p/prosody-modules/wiki/mod_admin_web "websocket"; -- Enable mod_websocket "service_directories"; -- enable xep-0309 for automatic directory listing on xmpp.org "carbons"; "csi_simple"; -- https://prosody.im/doc/release/0.11.0#upgrade_notes "csi"; -- https://modules.prosody.im/mod_csi "filter_chatstates"; -- https://modules.prosody.im/mod_filter_chatstates.html "throttle_presence"; -- https://modules.prosody.im/mod_throttle_presence.html -- "blocking"; --replaced by mod_blocklist, see above "smacks"; "smacks_offline"; "mam"; -- https://modules.prosody.im/mod_mam.html for config "muc_mam"; -- https://prosody.im/doc/release/0.11.0#upgrade_notes "cloud_notify"; -- https://modules.prosody.im/mod_cloud_notify.html -- "omemo_all_access"; "server_contact_info"; -- https://prosody.im/doc/modules/mod_server_contact_info "conversejs"; -- https://modules.prosody.im/mod_conversejs.html "munin"; -- https://modules.prosody.im/mod_munin.html }; reload_modules = { "tls"; }; modules_disabled = { -- "offline"; -- Store offline messages -- "c2s"; -- Handle client connections -- "s2s"; -- Handle server-to-server connections }; allow_registration = true; daemonize = true; pidfile = "/var/run/prosody/prosody.pid"; c2s_require_encryption = true s2s_secure_auth = true s2s_insecure_domains = { "aida.de", "niebegeg.net", "jabber.zugschlus.de", "pirati.ca", "schafweide.org", "joindiaspora.com" } authentication = "internal_plain" log = { -- Log files (change 'info' to 'debug' for debug logs): debug = "/var/log/prosody/prosody.log"; error = "/var/log/prosody/prosody.err"; -- Syslog: -- { levels = { "info" }; to = "syslog"; }; } muc_log_by_default = true muc_log_presences = false log_all_rooms = false allow_registration = true registration_whitelist = { "31.172.31.205", "2a01:a700:4629:205::1" } registration_url = "http://jabber.windfluechter.net/" registration_text = "Please register via webpage instead of inband registration" registration_oob = true whitelist_registration_only = true -- noone can register apart from blacklisted IP addresses min_seconds_between_registrations = 1800 -- Clients must wait 30 minutes before they can register another account registration_throttle_max = 3 registration_throttle_period = 3600 bosh_default_hold = 2 bosh_max_requests = 64 cross_domain_bosh = true consider_bosh_secure = true trusted_proxies = { "127.0.0.1", "192.168.254.0/24", "31.172.31.192/26", "2a01:a700:4629::/48" } autocreate_on_subscribe = true autocreate_on_publish = true munin_node_name = "jabber.windfluechter.net" munin_ports = 4948; munin_interfaces = { "192.168.254.7"; } statistics_interval = 300 -- every 5 minutes, same as munin contact_info = { abuse = { "mailto:abuse@jabber.windfluechter.net", "xmpp:ij@jabber.windfluechter.net" }; admin = { "mailto:admin@jabber.windfluechter.net", "xmpp:ij@jabber.windfluechter.net" }; -- feedback = { "http://jabber.windfluechter.net/feedback.php", "mailto:info@jabberwindfluechter.net", "xmpp:ij@jabber.windfluechter.net" }; -- sales = { "xmpp:bard@jabber.windfluechter.net" }; -- security = { "xmpp:security@jabber.windfluechter.net" }; -- support = { "http://jabber.windfluechter.net/support.php", "xmpp:support@jabber.windfluechter.net" }; }; conversejs_options = { debug = false; view_mode = "fullscreen"; } cross_domain_websocket = { "https://jabber.windfluechter.net" }; consider_websocket_secure = true; -- Assign this host a certificate for TLS, otherwise it would use the one -- set in the global section (if any). -- Note that old-style SSL on port 5223 only supports one certificate, and will always -- use the global one. Component "proxy.jabber.windfluechter.net" "proxy65" Component "pubsub.jabber.windfluechter.net" "pubsub" Component "conference.jabber.windfluechter.net" "muc" modules_enabled = { "muc_mam"; -- https://prosody.im/doc/release/0.11.0#upgrade_notes "vcard_muc"; -- https://modules.prosody.im/mod_vcard_muc.html - XEP-0153 } Include "conf.d/*.cfg.lua" --------------------------------------- vhost jabber.windfluechter.net ----------- VirtualHost "jabber.windfluechter.net" enabled = true -- Remove this line to enable this host -- Assign this host a certificate for TLS, otherwise it would use the one -- set in the global section (if any). -- Note that old-style SSL on port 5223 only supports one certificate, and will always -- use the global one. ssl = { key = "/etc/letsencrypt.sh/certs/jabber.windfluechter.net/privkey.pem"; certificate = "/etc/letsencrypt.sh/certs/jabber.windfluechter.net/fullchain.pem"; } https_ssl = { key = "/etc/letsencrypt.sh/certs/jabber.windfluechter.net/privkey.pem"; certificate = "/etc/letsencrypt.sh/certs/jabber.windfluechter.net/fullchain.pem"; } allow_registration = true registration_whitelist = { "31.172.31.205" } registrarion_url = "https://jabber.windfluechter.net/register_web" registration_text = "Please register via webpage instead of inband registration. No bots or spammers allowed." registration_oob = true Component "conference.jabber.windfluechter.net" "muc" Component "proxy.jabber.windfluechter.net" "proxy65" ------------------------------------ vhost juergensmann.de ---------------- VirtualHost "juergensmann.de" enabled = true -- Remove this line to enable this host -- Assign this host a certificate for TLS, otherwise it would use the one -- set in the global section (if any). -- Note that old-style SSL on port 5223 only supports one certificate, and will always -- use the global one. ssl = { key = "/etc/letsencrypt.sh/certs/jabber.windfluechter.net/privkey.pem"; certificate = "/etc/letsencrypt.sh/certs/jabber.windfluechter.net/fullchain.pem"; } allow_registration = false Component "conference.juergensmann.de" "muc" modules_enabled = { "mam_muc"; } Component "proxy.jabber.windfluechter.net" "proxy65" ------------------------------ vhost mycr.de ------------ VirtualHost "mycr.de" enabled = true -- Remove this line to enable this host -- Assign this host a certificate for TLS, otherwise it would use the one -- set in the global section (if any). -- Note that old-style SSL on port 5223 only supports one certificate, and will always -- use the global one. ssl = { key = "/etc/letsencrypt.sh/certs/mycr.de/privkey.pem"; certificate = "/etc/letsencrypt.sh/certs/mycr.de/fullchain.pem"; } --authentication = "external" --external_auth_protocol = "generic" --external_auth_command = "/etc/prosody/prosody-auth-external.sh" authentication = "dovecot" -- dovecot_auth_socket = "/var/run/dovecot/auth-login" auth_append_host = "true" dovecot_auth_host = "127.0.0.1" dovecot_auth_port = "19999" allow_registration = false Component "conference.mycr.de" "muc" modules_enabled = { "mam_muc"; "vcard_muc"; -- https://modules.prosody.im/mod_vcard_muc.html - XEP-0153 }; Component "proxy.mycr.de" "proxy65" ---------------------------------- nerdica.net ------------- VirtualHost "nerdica.net" enabled = true -- Remove this line to enable this host -- Assign this host a certificate for TLS, otherwise it would use the one -- set in the global section (if any). -- Note that old-style SSL on port 5223 only supports one certificate, and will always -- use the global one. ssl = { key = "/etc/letsencrypt.sh/certs/nerdica.net/privkey.pem"; certificate = "/etc/letsencrypt.sh/certs/nerdica.net/fullchain.pem"; } authentication = "external" external_auth_protocol = "generic" external_auth_command = "/etc/prosody/prosody-auth-external.sh" external_auth_blocking = false; --authentication = "dovecot" -- dovecot_auth_socket = "/var/run/dovecot/auth-login" --auth_append_host = "true" --dovecot_auth_host = "127.0.0.1" --dovecot_auth_port = "19999" allow_registration = false c2s_require_encryption = true allow_unencrypted_plain_auth = false Component "conference.nerdica.net" "muc" Component "proxy.nerdica.net" "proxy65" modules_enabled = { -- "saslauth"; -- Enable mod_saslauth "ping"; -- Enable mod_ping "mam_muc"; "vcard_muc"; -- https://modules.prosody.im/mod_vcard_muc.html - XEP-0153 } modules_disabled = { "saslauth"; -- Enable mod_saslauth } -------------------------------------- vhost nerdwind.de -------------------- VirtualHost "nerdwind.de" enabled = true -- Remove this line to enable this host -- Assign this host a certificate for TLS, otherwise it would use the one -- set in the global section (if any). -- Note that old-style SSL on port 5223 only supports one certificate, and will always -- use the global one. ssl = { key = "/etc/letsencrypt.sh/certs/jabber.windfluechter.net/privkey.pem"; certificate = "/etc/letsencrypt.sh/certs/jabber.windfluechter.net/fullchain.pem"; } -- authentication = "external" -- external_auth_protocol = "generic" -- external_auth_command = "/etc/prosody/prosody-auth-external.sh" authentication = "dovecot" -- dovecot_auth_socket = "/var/run/dovecot/auth-login" auth_append_host = "true" dovecot_auth_host = "127.0.0.1" dovecot_auth_port = "19999" allow_registration = false c2s_require_encryption = true allow_unencrypted_plain_auth = false disable_sasl_mechanisms = { "DIGEST-MD5" } Component "room.nerdwind.de" "muc" Component "proxy.nerdwind.de" "proxy65" modules_enabled = { "saslauth"; -- Enable mod_saslauth "mam_muc"; } ---------------------------------------- vhost netzwerk-kombinat.de ------------------- VirtualHost "netzwerk-kombinat.de" enabled = true -- Remove this line to enable this host -- Assign this host a certificate for TLS, otherwise it would use the one -- set in the global section (if any). -- Note that old-style SSL on port 5223 only supports one certificate, and will always -- use the global one. ssl = { key = "/etc/letsencrypt.sh/certs/netzwerk-kombinat.de/privkey.pem"; certificate = "/etc/letsencrypt.sh/certs/netzwerk-kombinat.de/fullchain.pem"; } -- authentication = "external" -- external_auth_protocol = "generic" -- external_auth_command = "/etc/prosody/prosody-auth-external.sh" authentication = "dovecot" -- dovecot_auth_socket = "/var/run/dovecot/auth-login" auth_append_host = "true" dovecot_auth_host = "127.0.0.1" dovecot_auth_port = "19999" allow_registration = false c2s_require_encryption = true allow_unencrypted_plain_auth = false disable_sasl_mechanisms = { "DIGEST-MD5" } Component "rooms.netzwerk-kombinat.de" "muc" modules_enabled = { "muc_mam"; -- https://prosody.im/doc/release/0.11.0#upgrade_notes "vcard_muc"; -- https://modules.prosody.im/mod_vcard_muc.html - XEP-0153 "server_contact_info"; } Component "proxy.netzwerk-kombinat.de" "proxy65" Component "pubsub.netzwerk-kombinat.de" "pubsub"

  2. Ingo on

    After just like 3 hours or so: May 28 11:38:18 s2sin5573fb940a30 info Stream encrypted (TLSv1.2 with ECDHE-RSA-AES256-GCM-SHA384) May 28 11:38:18 s2sin5573fb940a30 debug Incoming s2s received <stream:stream xml:lang='en' from='jabber.ccc.de' to='juergensmann.de' version='1.0' xmlns='http://etherx.jabber.org/streams'> May 28 11:38:18 s2sin5573fb940a30 debug certificate chain validation result: valid May 28 11:38:18 x509 debug Cert dNSName jabber.ccc.de matched hostname May 28 11:38:18 s2sin5573fb940a30 debug certificate identity validation result: valid May 28 11:38:18 s2sin5573fb940a30 debug Sending[s2sin_unauthed]: <?xml version='1.0'?> May 28 11:38:18 s2sin5573fb940a30 debug Sending[s2sin_unauthed]: <stream:stream xml:lang='en' xmlns:stream='http://etherx.jabber.org/streams' xmlns:db='jabber:server:dialback' from='juergensmann.de' to='jabber.ccc.de' xmlns='jabber:server' version='1.0' id='f92d8183-9002-4d8b-9872-5fdd6ef0080d'> May 28 11:38:18 juergensmann.de:saslauth debug Offering SASL EXTERNAL May 28 11:38:18 mod_s2s debug Sending stream features: <stream:features><dialback xmlns='urn:xmpp:features:dialback'/><mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'><mechanism>EXTERNAL</mechanism></mechanisms></stream:features> May 28 11:38:18 s2sin5573fb940a30 debug Sending[s2sin_unauthed]: <stream:features> May 28 11:38:18 general error Top-level error, please report: /usr/lib/prosody/util/async.lua:81: done() called too many times stack traceback: [C]: in function 'error' /usr/lib/prosody/util/async.lua:81: in function 'done' /usr/lib/prosody/modules/mod_auth_external.lua:86: in function </usr/lib/prosody/modules/mod_auth_external.lua:84> [C]: in function 'loop' /usr/lib/prosody/net/server_event.lua:763: in function </usr/lib/prosody/net/server_event.lua:762> [C]: in function 'xpcall' /usr/bin/prosody:80: in function 'loop' /usr/bin/prosody:90: in main chunk [C]: in ? May 28 11:38:18 general error stack traceback: [C]: in function 'loop' /usr/lib/prosody/net/server_event.lua:763: in function </usr/lib/prosody/net/server_event.lua:762> [C]: in function 'xpcall' /usr/bin/prosody:80: in function 'loop' /usr/bin/prosody:90: in main chunk [C]: in ?

  3. Zash on

    Thanks for the report. This looks like a problem with mod_auth_external If it causes Prosody to shut down it then the external process may hold on to the ports, leading to symptoms like you describe. Does Prosody actually stop running? Your log snippets don't show anything about stopping or starting.

    Changes
    • title Prosody stops working mod_auth_external error
    • tags Component-Community Status-NeedInfo
  4. Ingo on

    Since the issue didn't happen for weeks now, I think you can close this issue... Thanks! Ingo

  5. Zash on

    Ok, thanks anyways!

    Changes
    • tags Status-CantReproduce

New comment

Not published. Used for spam prevention and optional update notifications.