aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMatthew Wild <mwild1@gmail.com>2013-04-05 10:05:18 +0100
committerMatthew Wild <mwild1@gmail.com>2013-04-05 10:05:18 +0100
commit6f71d38f1f92ef51fd9d82cbfb8c33a518010651 (patch)
tree60c4be5a40bd2c13dcfb8435083d1b23619523a4
parenta5ccb8a860924f48570242e468267885137e3e9a (diff)
parenta115da90578ef0e91e7fb911421142552a4e8e4a (diff)
downloadprosody-6f71d38f1f92ef51fd9d82cbfb8c33a518010651.tar.gz
prosody-6f71d38f1f92ef51fd9d82cbfb8c33a518010651.zip
Merge 0.9->trunk
-rwxr-xr-xconfigure8
-rw-r--r--core/portmanager.lua31
-rw-r--r--core/rostermanager.lua6
-rw-r--r--plugins/mod_http.lua1
-rw-r--r--plugins/mod_s2s/mod_s2s.lua13
-rw-r--r--plugins/mod_storage_none.lua23
-rwxr-xr-xprosody2
-rw-r--r--util/stanza.lua26
8 files changed, 101 insertions, 9 deletions
diff --git a/configure b/configure
index 5c6439fc..ecf77a86 100755
--- a/configure
+++ b/configure
@@ -41,15 +41,17 @@ Configure Prosody prior to building.
Default is "$LUA_SUFFIX" (lua$LUA_SUFFIX...)
--with-lua=PREFIX Use Lua from given prefix.
Default is $LUA_DIR
+--runwith=BINARY What Lua binary to set as runtime environment.
+ Default is $RUNWITH
--with-lua-include=DIR You can also specify Lua's includes dir.
Default is \$LUA_DIR/include
--with-lua-lib=DIR You can also specify Lua's libraries dir.
Default is \$LUA_DIR/lib
--with-idn=LIB The name of the IDN library to link with.
Default is $IDN_LIB
---idn-library=(idn|icu) Select library to use for IDNA functionality.
- idn: use GNU libidn (default)
- icu: use ICU from IBM
+--idn-library=(idn|icu) Select library to use for IDNA functionality.
+ idn: use GNU libidn (default)
+ icu: use ICU from IBM
--with-ssl=LIB The name of the SSL to link with.
Default is $OPENSSL_LIB
--cflags=FLAGS Flags to pass to the compiler
diff --git a/core/portmanager.lua b/core/portmanager.lua
index 68c7617a..1b3740cf 100644
--- a/core/portmanager.lua
+++ b/core/portmanager.lua
@@ -70,6 +70,16 @@ prosody.events.add_handler("item-removed/net-provider", function (event)
unregister_service(item.name, item);
end);
+local function duplicate_ssl_config(ssl_config)
+ local ssl_config = type(ssl_config) == "table" and ssl_config or {};
+
+ local _config = {};
+ for k, v in pairs(ssl_config) do
+ _config[k] = v;
+ end
+ return _config;
+end
+
--- Public API
function activate(service_name)
@@ -114,9 +124,24 @@ function activate(service_name)
local err;
-- Create SSL context for this service/port
if service_info.encryption == "ssl" then
- local ssl_config = config.get("*", config_prefix.."ssl");
- ssl, err = certmanager.create_context(service_info.name.." port "..port, "server", ssl_config and (ssl_config[port_number]
- or (ssl_config.certificate and ssl_config)));
+ local ssl_config = duplicate_ssl_config((config.get("*", config_prefix.."ssl") and config.get("*", config_prefix.."ssl")[interface])
+ or (config.get("*", config_prefix.."ssl") and config.get("*", config_prefix.."ssl")[port])
+ or config.get("*", config_prefix.."ssl")
+ or (config.get("*", "ssl") and config.get("*", "ssl")[interface])
+ or (config.get("*", "ssl") and config.get("*", "ssl")[port])
+ or config.get("*", "ssl"));
+ -- add default entries for, or override ssl configuration
+ if ssl_config and service_info.ssl_config then
+ for key, value in pairs(service_info.ssl_config) do
+ if not service_info.ssl_config_override and not ssl_config[key] then
+ ssl_config[key] = value;
+ elseif service_info.ssl_config_override then
+ ssl_config[key] = value;
+ end
+ end
+ end
+
+ ssl, err = certmanager.create_context(service_info.name.." port "..port, "server", ssl_config);
if not ssl then
log("error", "Error binding encrypted port for %s: %s", service_info.name, error_to_friendly_message(service_name, port_number, err) or "unknown error");
end
diff --git a/core/rostermanager.lua b/core/rostermanager.lua
index f14bb435..5e06e3f7 100644
--- a/core/rostermanager.lua
+++ b/core/rostermanager.lua
@@ -18,6 +18,7 @@ local hosts = hosts;
local bare_sessions = bare_sessions;
local datamanager = require "util.datamanager"
+local um_user_exists = require "core.usermanager".user_exists;
local st = require "util.stanza";
module "rostermanager"
@@ -105,6 +106,11 @@ function load_roster(username, host)
end
function save_roster(username, host, roster)
+ if not um_user_exists(username, host) then
+ log("debug", "not saving roster for %s@%s: the user doesn't exist", username, host);
+ return nil;
+ end
+
log("debug", "save_roster: saving roster for %s@%s", username, host);
if not roster then
roster = hosts[host] and hosts[host].sessions[username] and hosts[host].sessions[username].roster;
diff --git a/plugins/mod_http.lua b/plugins/mod_http.lua
index 2fa87421..0689634e 100644
--- a/plugins/mod_http.lua
+++ b/plugins/mod_http.lua
@@ -139,6 +139,7 @@ module:provides("net", {
listener = server.listener;
default_port = 5281;
encryption = "ssl";
+ ssl_config = { verify = "none" };
multiplex = {
pattern = "^[A-Z]";
};
diff --git a/plugins/mod_s2s/mod_s2s.lua b/plugins/mod_s2s/mod_s2s.lua
index 639f464b..1547345d 100644
--- a/plugins/mod_s2s/mod_s2s.lua
+++ b/plugins/mod_s2s/mod_s2s.lua
@@ -15,6 +15,7 @@ local core_process_stanza = prosody.core_process_stanza;
local tostring, type = tostring, type;
local t_insert = table.insert;
local xpcall, traceback = xpcall, debug.traceback;
+local NULL = {};
local add_task = require "util.timer".add_task;
local st = require "util.stanza";
@@ -226,11 +227,19 @@ local function check_cert_status(session)
end
if cert then
- local chain_valid, errors = conn:getpeerverification()
+ local chain_valid, errors;
+ if conn.getpeerverification then
+ chain_valid, errors = conn:getpeerverification();
+ elseif conn.getpeerchainvalid then -- COMPAT mw/luasec-hg
+ chain_valid, errors = conn:getpeerchainvalid();
+ errors = (not chain_valid) and { { errors } } or nil;
+ else
+ chain_valid, errors = false, { { "Chain verification not supported by this version of LuaSec" } };
+ end
-- Is there any interest in printing out all/the number of errors here?
if not chain_valid then
(session.log or log)("debug", "certificate chain validation result: invalid");
- for depth, t in ipairs(errors) do
+ for depth, t in ipairs(errors or NULL) do
(session.log or log)("debug", "certificate error(s) at depth %d: %s", depth-1, table.concat(t, ", "))
end
session.cert_chain_status = "invalid";
diff --git a/plugins/mod_storage_none.lua b/plugins/mod_storage_none.lua
new file mode 100644
index 00000000..8f2d2f56
--- /dev/null
+++ b/plugins/mod_storage_none.lua
@@ -0,0 +1,23 @@
+local driver = {};
+local driver_mt = { __index = driver };
+
+function driver:open(store)
+ return setmetatable({ store = store }, driver_mt);
+end
+function driver:get(user)
+ return {};
+end
+
+function driver:set(user, data)
+ return nil, "Storage disabled";
+end
+
+function driver:stores(username)
+ return { "roster" };
+end
+
+function driver:purge(user)
+ return true;
+end
+
+module:provides("storage", driver);
diff --git a/prosody b/prosody
index 875140de..9a88eac0 100755
--- a/prosody
+++ b/prosody
@@ -290,12 +290,12 @@ function load_secondary_libraries()
--- Load and initialise core modules
require "util.import"
require "util.xmppstream"
- require "core.rostermanager"
require "core.stanza_router"
require "core.hostmanager"
require "core.portmanager"
require "core.modulemanager"
require "core.usermanager"
+ require "core.rostermanager"
require "core.sessionmanager"
package.loaded['core.componentmanager'] = setmetatable({},{__index=function()
log("warn", "componentmanager is deprecated: %s", debug.traceback():match("\n[^\n]*\n[ \t]*([^\n]*)"));
diff --git a/util/stanza.lua b/util/stanza.lua
index 213ed506..59c88c4e 100644
--- a/util/stanza.lua
+++ b/util/stanza.lua
@@ -18,6 +18,7 @@ local pairs = pairs;
local ipairs = ipairs;
local type = type;
local s_gsub = string.gsub;
+local s_sub = string.sub;
local s_find = string.find;
local os = os;
@@ -174,6 +175,31 @@ function stanza_mt:maptags(callback)
return self;
end
+function stanza_mt:find(path)
+ local pos = 1;
+ local len = #path + 1;
+
+ repeat
+ local xmlns, name, text;
+ local char = s_sub(path, pos, pos);
+ if char == "@" then
+ return self.attr[s_sub(path, pos + 1)];
+ elseif char == "{" then
+ xmlns, pos = s_match(path, "^([^}]+)}()", pos + 1);
+ end
+ name, text, pos = s_match(path, "^([^@/#]*)([/#]?)()", pos);
+ name = name ~= "" and name or nil;
+ if pos == len then
+ if text == "#" then
+ return self:get_child_text(name, xmlns);
+ end
+ return self:get_child(name, xmlns);
+ end
+ self = self:get_child(name, xmlns);
+ until not self
+end
+
+
local xml_escape
do
local escape_table = { ["'"] = "&apos;", ["\""] = "&quot;", ["<"] = "&lt;", [">"] = "&gt;", ["&"] = "&amp;" };