From 1b9ad8094ca4db9b792c2e10bc4f996582ad0ec4 Mon Sep 17 00:00:00 2001
From: Robert Scheck <robert@fedoraproject.org>
Date: Nov 21 2018 22:35:33 +0000
Subject: Upgrade to 0.11.0


---

diff --git a/prosody-0.10.0-config.patch b/prosody-0.10.0-config.patch
deleted file mode 100644
index e57b8d0..0000000
--- a/prosody-0.10.0-config.patch
+++ /dev/null
@@ -1,91 +0,0 @@
-Patch by Robert Scheck <robert@fedoraproject.org> for prosody >= 0.10.0 which sets defaults
-specific for Fedora and Red Hat Enterprise (including derivates like CentOS), adds helpful
-comments about optional dependencies and finally includes some upstream recommendations.
-
---- prosody-0.10.0/prosody.cfg.lua.dist			2017-09-27 16:49:58.000000000 +0200
-+++ prosody-0.10.0/prosody.cfg.lua.dist.config		2017-10-01 15:44:47.000000000 +0200
-@@ -1,4 +1,4 @@
---- Prosody Example Configuration File
-+-- Prosody XMPP Configuration File
- --
- -- Information on configuring Prosody can be found on our
- -- website at https://prosody.im/doc/configure
-@@ -9,8 +9,7 @@
- -- If there are any errors, it will let you know what and where
- -- they are, otherwise it will keep quiet.
- --
---- The only thing left to do is rename this file to remove the .dist ending, and fill in the
---- blanks. Good luck, and happy Jabbering!
-+-- Good luck, and happy Jabbering!
- 
- 
- ---------- Server-wide settings ----------
-@@ -139,7 +138,8 @@
- -- through modules. An "sql" backend is included by default, but requires
- -- additional dependencies. See https://prosody.im/doc/storage for more info.
- 
----storage = "sql" -- Default is "internal"
-+--storage = "sql" -- Default is "internal" (Note: "sql" requires installed
-+-- lua-dbi RPM package)
- 
- -- For the "sql" backend, you can uncomment *one* of the below to configure:
- --sql = { driver = "SQLite3", database = "prosody.sqlite" } -- Default. 'database' is the filename.
-@@ -161,9 +161,11 @@
- -- Logging configuration
- -- For advanced logging see https://prosody.im/doc/logging
- log = {
--	info = "prosody.log"; -- Change 'info' to 'debug' for verbose logging
--	error = "prosody.err";
--	-- "*syslog"; -- Uncomment this for logging to syslog
-+	-- Log everything of level "info" and higher (that is, all except "debug" messages)
-+	-- to /var/log/prosody/prosody.log and errors also to /var/log/prosody/prosody.err
-+	info = "/var/log/prosody/prosody.log"; -- Change 'info' to 'debug' for verbose logging
-+	error = "/var/log/prosody/prosody.err"; -- Log errors also to file
-+	-- error = "*syslog"; -- Log errors also to syslog
- 	-- "*console"; -- Log to the console, useful for debugging with daemonize=false
- }
- 
-@@ -179,14 +181,17 @@
- -- (from e.g. Let's Encrypt) see https://prosody.im/doc/certificates
- 
- -- Location of directory to find certificates in (relative to main config file):
--certificates = "certs"
-+certificates = "/etc/pki/prosody/"
-+
-+-- POSIX configuration
-+-- For more info see https://prosody.im/doc/modules/mod_posix
-+pidfile = "/run/prosody/prosody.pid";
-+--daemonize = false -- Default is "true"
- 
- ----------- Virtual hosts -----------
- -- You need to add a VirtualHost entry for each domain you wish Prosody to serve.
- -- Settings under each VirtualHost entry apply *only* to that host.
- 
--VirtualHost "localhost"
--
- --VirtualHost "example.com"
- --	certificate = "/path/to/example.crt"
- 
-@@ -206,3 +211,10 @@
- --
- --Component "gateway.example.com"
- --	component_secret = "password"
-+
-+------ Additional config files ------
-+-- For organizational purposes you may prefer to add VirtualHost and
-+-- Component definitions in their own config files. This line includes
-+-- all config files in /etc/prosody/conf.d/
-+
-+Include "conf.d/*.cfg.lua"
---- prosody-0.10.0/core/certmanager.lua			2017-09-27 16:49:57.000000000 +0200
-+++ prosody-0.10.0/core/certmanager.lua.config		2017-10-01 15:49:12.000000000 +0200
-@@ -94,7 +94,8 @@
- 
- -- Built-in defaults
- local core_defaults = {
--	capath = "/etc/ssl/certs";
-+	capath = "/etc/pki/tls/certs";
-+	cafile = "/etc/pki/tls/certs/ca-bundle.crt";
- 	depth = 9;
- 	protocol = "tlsv1+";
- 	verify = (ssl_x509 and { "peer", "client_once", }) or "none";
diff --git a/prosody-0.11.0-config.patch b/prosody-0.11.0-config.patch
new file mode 100644
index 0000000..d6254b1
--- /dev/null
+++ b/prosody-0.11.0-config.patch
@@ -0,0 +1,94 @@
+Patch by Robert Scheck <robert@fedoraproject.org> for prosody >= 0.11.0 which sets defaults
+specific for Fedora and Red Hat Enterprise (including derivates like CentOS), adds helpful
+comments about optional dependencies and finally includes some upstream recommendations.
+
+--- prosody-0.11.0/prosody.cfg.lua.dist			2018-11-19 11:42:24.000000000 +0100
++++ prosody-0.11.0/prosody.cfg.lua.dist.config		2018-11-19 22:32:35.000000000 +0100
+@@ -1,4 +1,4 @@
+--- Prosody Example Configuration File
++-- Prosody XMPP Configuration File
+ --
+ -- Information on configuring Prosody can be found on our
+ -- website at https://prosody.im/doc/configure
+@@ -9,8 +9,7 @@
+ -- If there are any errors, it will let you know what and where
+ -- they are, otherwise it will keep quiet.
+ --
+--- The only thing left to do is rename this file to remove the .dist ending, and fill in the
+--- blanks. Good luck, and happy Jabbering!
++-- Good luck, and happy Jabbering!
+ 
+ 
+ ---------- Server-wide settings ----------
+@@ -131,7 +130,8 @@
+ -- through modules. An "sql" backend is included by default, but requires
+ -- additional dependencies. See https://prosody.im/doc/storage for more info.
+ 
+---storage = "sql" -- Default is "internal"
++--storage = "sql" -- Default is "internal" (Note: "sql" requires installed
++-- lua-dbi RPM package)
+ 
+ -- For the "sql" backend, you can uncomment *one* of the below to configure:
+ --sql = { driver = "SQLite3", database = "prosody.sqlite" } -- Default. 'database' is the filename.
+@@ -153,9 +153,11 @@
+ -- Logging configuration
+ -- For advanced logging see https://prosody.im/doc/logging
+ log = {
+-	info = "prosody.log"; -- Change 'info' to 'debug' for verbose logging
+-	error = "prosody.err";
+-	-- "*syslog"; -- Uncomment this for logging to syslog
++	-- Log everything of level "info" and higher (that is, all except "debug" messages)
++	-- to /var/log/prosody/prosody.log and errors also to /var/log/prosody/prosody.err
++	info = "/var/log/prosody/prosody.log"; -- Change 'info' to 'debug' for verbose logging
++	error = "/var/log/prosody/prosody.err"; -- Log errors also to file
++	-- error = "*syslog"; -- Log errors also to syslog
+ 	-- "*console"; -- Log to the console, useful for debugging with daemonize=false
+ }
+ 
+@@ -171,17 +173,20 @@
+ -- (from e.g. Let's Encrypt) see https://prosody.im/doc/certificates
+ 
+ -- Location of directory to find certificates in (relative to main config file):
+-certificates = "certs"
++certificates = "/etc/pki/prosody/"
+ 
+ -- HTTPS currently only supports a single certificate, specify it here:
+ --https_certificate = "certs/localhost.crt"
+ 
++-- POSIX configuration
++-- For more info see https://prosody.im/doc/modules/mod_posix
++pidfile = "/run/prosody/prosody.pid";
++--daemonize = false -- Default is "true"
++
+ ----------- Virtual hosts -----------
+ -- You need to add a VirtualHost entry for each domain you wish Prosody to serve.
+ -- Settings under each VirtualHost entry apply *only* to that host.
+ 
+-VirtualHost "localhost"
+-
+ --VirtualHost "example.com"
+ --	certificate = "/path/to/example.crt"
+ 
+@@ -203,3 +208,10 @@
+ --
+ --Component "gateway.example.com"
+ --	component_secret = "password"
++
++------ Additional config files ------
++-- For organizational purposes you may prefer to add VirtualHost and
++-- Component definitions in their own config files. This line includes
++-- all config files in /etc/prosody/conf.d/
++
++Include "conf.d/*.cfg.lua"
+--- prosody-0.11.0/core/certmanager.lua			2017-09-27 16:49:57.000000000 +0200
++++ prosody-0.11.0/core/certmanager.lua.config		2017-10-01 15:49:12.000000000 +0200
+@@ -94,7 +94,8 @@
+ 
+ -- Built-in defaults
+ local core_defaults = {
+-	capath = "/etc/ssl/certs";
++	capath = "/etc/pki/tls/certs";
++	cafile = "/etc/pki/tls/certs/ca-bundle.crt";
+ 	depth = 9;
+ 	protocol = "tlsv1+";
+ 	verify = (ssl_x509 and { "peer", "client_once", }) or "none";
diff --git a/prosody-example.com.cfg.lua b/prosody-example.com.cfg.lua
index 816f10e..337b8bf 100644
--- a/prosody-example.com.cfg.lua
+++ b/prosody-example.com.cfg.lua
@@ -18,6 +18,8 @@ VirtualHost "example.com"
 
 ---Set up a MUC (multi-user chat) room server on conference.example.com:
 --Component "conference.example.com" "muc"
+--- Store MUC messages in an archive and allow users to access it
+--modules_enabled = { "muc_mam" }
 
 -- Set up a SOCKS5 bytestream proxy for server-proxied file transfers:
 --Component "proxy.example.com" "proxy65"
diff --git a/prosody.logrotate-init b/prosody.logrotate-init
index 6021207..501c2f7 100644
--- a/prosody.logrotate-init
+++ b/prosody.logrotate-init
@@ -4,7 +4,7 @@
 	delaycompress
 	notifempty
 	postrotate
-		/sbin/service prosody reload > /dev/null || true
+		/sbin/service prosody status > /dev/null 2>&1 && /sbin/service prosody reload > /dev/null || true
 	endscript
 	create 0640 prosody prosody
 	sharedscripts
diff --git a/prosody.logrotate-service b/prosody.logrotate-service
index d824bef..5c2bd0f 100644
--- a/prosody.logrotate-service
+++ b/prosody.logrotate-service
@@ -4,7 +4,7 @@
 	delaycompress
 	notifempty
 	postrotate
-		/bin/systemctl reload prosody.service > /dev/null || true
+		/bin/systemctl --quiet is-active prosody.service && /bin/systemctl reload prosody.service || true
 	endscript
 	create 0640 prosody prosody
 	sharedscripts
diff --git a/prosody.spec b/prosody.spec
index 60bdc5a..d33d6e6 100644
--- a/prosody.spec
+++ b/prosody.spec
@@ -4,8 +4,8 @@
 
 Summary:           Flexible communications server for Jabber/XMPP
 Name:              prosody
-Version:           0.10.2
-Release:           2%{?dist}
+Version:           0.11.0
+Release:           1%{?dist}
 License:           MIT
 Group:             System Environment/Daemons
 URL:               https://prosody.im/
@@ -19,7 +19,7 @@ Source6:           prosody.logrotate-service
 Source7:           prosody.tmpfilesd
 Source8:           prosody-localhost.cfg.lua
 Source9:           prosody-example.com.cfg.lua
-Patch0:            prosody-0.10.0-config.patch
+Patch0:            prosody-0.11.0-config.patch
 Patch1:            prosody-0.10.0-bitop.patch
 BuildRequires:     gcc, libidn-devel, openssl-devel
 BuildRequires:     gnupg2
@@ -74,7 +74,11 @@ gpgv2 --keyring %{SOURCE2} %{SOURCE1} %{SOURCE0}
   --with-lua-include=%{_includedir}/lua-%{luaver} \
 %endif
   --add-cflags="$RPM_OPT_FLAGS" \
+%if 0%{?rhel} > 6 || 0%{?fedora}
   --add-ldflags="$RPM_LD_FLAGS" \
+%else
+  --add-ldflags="$RPM_LD_FLAGS -lrt" \
+%endif
   --no-example-certs
 make %{?_smp_mflags}
 
@@ -82,7 +86,6 @@ make %{?_smp_mflags}
 make -C tools/migration %{?_smp_mflags}
 
 %install
-rm -rf $RPM_BUILD_ROOT
 mkdir -p $RPM_BUILD_ROOT{%{_sysconfdir}/pki,%{_localstatedir}/{lib,log}/%{name}}/
 make DESTDIR=$RPM_BUILD_ROOT install
 
@@ -143,7 +146,7 @@ exit 0
 
 if [ ! -f %{sslkey} ]; then
   umask 077
-  %{_bindir}/openssl genrsa 2048 > %{sslkey} 2> /dev/null
+  %{_bindir}/openssl genrsa 4096 > %{sslkey} 2> /dev/null
   chown root:%{name} %{sslkey}
   chmod 640 %{sslkey}
 fi
@@ -154,15 +157,8 @@ if [ ! -f %{sslcert} ]; then
     FQDN=localhost.localdomain
   fi
 
-  cat << EOF | %{_bindir}/openssl req -new -key %{sslkey} -x509 -sha256 -days 365 -set_serial $RANDOM -out %{sslcert} 2> /dev/null
---
-SomeState
-SomeCity
-SomeOrganization
-SomeOrganizationalUnit
-${FQDN}
-root@${FQDN}
-EOF
+  %{_bindir}/openssl req -new -key %{sslkey} -x509 -sha256 -days 365 -set_serial $RANDOM -out %{sslcert} \
+    -subj "/C=--/ST=SomeState/L=SomeCity/O=SomeOrganization/OU=SomeOrganizationalUnit/CN=${FQDN}/emailAddress=root@${FQDN}"
   chmod 644 %{sslcert}
 fi
 
@@ -215,6 +211,12 @@ fi
 %{_mandir}/man1/%{name}*.1*
 
 %changelog
+* Mon Nov 19 2018 Robert Scheck <robert@fedoraproject.org> 0.11.0-1
+- Upgrade to 0.11.0
+
+* Sun Aug 19 2018 Robert Scheck <robert@fedoraproject.org> 0.10.2-3
+- Don't attempt to reload during logrotate if prosody is stopped
+
 * Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.10.2-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
 
diff --git a/sources b/sources
index 05f1ade..067d771 100644
--- a/sources
+++ b/sources
@@ -1,3 +1,3 @@
 SHA512 (gpgkey-32A9EDDE3609931EB98CEAC315907E8E7BDD6BFE.gpg) = daf6d670d3283aac1860cbb77977b0aa17724f41aa517d00e34054ef99a7c571b1d7d33b690824689124dc757dd89fdd43fe5a531b46183fffc22cd4d638a8ae
-SHA512 (prosody-0.10.2.tar.gz) = 9fc05e34b45b0c16835ba94a73532fb3b4ee335f27d56bb9260e1b3e22614f89f44eb5d04b4e90d016db0b5bee6f5c7e7d099e1defb027e6823ee7667c1fe28f
-SHA512 (prosody-0.10.2.tar.gz.asc) = 521cf9ef41761fdce76b1ae06a7a839d1e10527e590e6baa3178da5c2662763b17ceef5882961130555605c8c4baee7c364dcfbc6ddb890d6fdcef37dac88542
+SHA512 (prosody-0.11.0.tar.gz) = 292f555a25108716cd3ceb8ab39210bcb7f2fd113bd844092a51f68127e59b64ec76045740fd93edca8be2c1711a5fbab0f51a285f3ab78d36423a897ea667bf
+SHA512 (prosody-0.11.0.tar.gz.asc) = 55fcf01141da638d0f68be56140dcaa38b6ffe51884c1082efa967fa59c5eca6ed754f9bc3107a842b8902ed030978ccc4f845663734747429854eeab9533fbe