aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMatthew Wild <mwild1@gmail.com>2016-09-12 22:31:25 +0100
committerMatthew Wild <mwild1@gmail.com>2016-09-12 22:31:25 +0100
commitf4690a6063ec7940ef304691906fdfdebb57eab6 (patch)
tree1b740492720e5c386b928514e711e90e705f5693
parent0e971a43895405f996ea49fc70142ec9ba182cc1 (diff)
parentcd10e4439e1c9b6209f87bb6c77e51fb2f7992fc (diff)
downloadprosody-f4690a6063ec7940ef304691906fdfdebb57eab6.tar.gz
prosody-f4690a6063ec7940ef304691906fdfdebb57eab6.zip
Merge 0.10->trunk
-rw-r--r--core/certmanager.lua11
-rw-r--r--core/statsmanager.lua2
-rw-r--r--plugins/mod_c2s.lua8
-rw-r--r--plugins/mod_component.lua4
-rw-r--r--plugins/mod_s2s/mod_s2s.lua13
5 files changed, 20 insertions, 18 deletions
diff --git a/core/certmanager.lua b/core/certmanager.lua
index c286a901..3872bd9a 100644
--- a/core/certmanager.lua
+++ b/core/certmanager.lua
@@ -103,7 +103,16 @@ local core_defaults = {
};
verifyext = { "lsec_continue", "lsec_ignore_purpose" };
curve = "secp384r1";
- ciphers = "HIGH+kEDH:HIGH+kEECDH:HIGH:!PSK:!SRP:!3DES:!aNULL";
+ ciphers = { -- Enabled ciphers in order of preference:
+ "HIGH+kEDH", -- Ephemeral Diffie-Hellman key exchange, if a 'dhparam' file is set
+ "HIGH+kEECDH", -- Ephemeral Elliptic curve Diffie-Hellman key exchange
+ "HIGH", -- Other "High strength" ciphers
+ -- Disabled cipher suites:
+ "!PSK", -- Pre-Shared Key - not used for XMPP
+ "!SRP", -- Secure Remote Password - not used for XMPP
+ "!3DES", -- 3DES - slow and of questionable security
+ "!aNULL", -- Ciphers that does not authenticate the connection
+ };
}
local path_options = { -- These we pass through resolve_path()
key = true, certificate = true, cafile = true, capath = true, dhparam = true
diff --git a/core/statsmanager.lua b/core/statsmanager.lua
index 67702dd9..237b1dd5 100644
--- a/core/statsmanager.lua
+++ b/core/statsmanager.lua
@@ -6,7 +6,7 @@ local fire_event = prosody.events.fire_event;
local stats_interval_config = config.get("*", "statistics_interval");
local stats_interval = tonumber(stats_interval_config);
-if stats_config and not stats_interval then
+if stats_interval_config and not stats_interval then
log("error", "Invalid 'statistics_interval' setting, statistics will be disabled");
end
diff --git a/plugins/mod_c2s.lua b/plugins/mod_c2s.lua
index 18375248..7eebaf2d 100644
--- a/plugins/mod_c2s.lua
+++ b/plugins/mod_c2s.lua
@@ -28,7 +28,7 @@ local c2s_timeout = module:get_option_number("c2s_timeout");
local stream_close_timeout = module:get_option_number("c2s_close_timeout", 5);
local opt_keepalives = module:get_option_boolean("c2s_tcp_keepalives", module:get_option_boolean("tcp_keepalives", true));
-local measure_connections = module:measure("connections", "counter");
+local measure_connections = module:measure("connections", "amount");
local sessions = module:shared("sessions");
local core_process_stanza = prosody.core_process_stanza;
@@ -38,7 +38,7 @@ local stream_callbacks = { default_ns = "jabber:client" };
local listener = {};
local runner_callbacks = {};
-do
+module:hook("stats-update", function ()
-- Connection counter resets to 0 on load and reload
-- Bump it up to current value
local count = 0;
@@ -46,7 +46,7 @@ do
count = count + 1;
end
measure_connections(count);
-end
+end);
--- Stream events handlers
local stream_xmlns_attr = {xmlns='urn:ietf:params:xml:ns:xmpp-streams'};
@@ -218,7 +218,6 @@ end
--- Port listener
function listener.onconnect(conn)
- measure_connections(1);
local session = sm_new_session(conn);
sessions[conn] = session;
@@ -291,7 +290,6 @@ function listener.onincoming(conn, data)
end
function listener.ondisconnect(conn, err)
- measure_connections(-1);
local session = sessions[conn];
if session then
(session.log or log)("info", "Client disconnected: %s", err or "connection closed");
diff --git a/plugins/mod_component.lua b/plugins/mod_component.lua
index 340faec0..2ef2533b 100644
--- a/plugins/mod_component.lua
+++ b/plugins/mod_component.lua
@@ -314,7 +314,9 @@ function listener.ondisconnect(conn, err)
local session = sessions[conn];
if session then
(session.log or log)("info", "component disconnected: %s (%s)", tostring(session.host), tostring(err));
- module:fire_event("component-disconnected", { session = session, reason = err });
+ if session.host then
+ module:context(session.host):fire_event("component-disconnected", { session = session, reason = err });
+ end
if session.on_destroy then session:on_destroy(err); end
sessions[conn] = nil;
for k in pairs(session) do
diff --git a/plugins/mod_s2s/mod_s2s.lua b/plugins/mod_s2s/mod_s2s.lua
index a6fdd254..c9b6b137 100644
--- a/plugins/mod_s2s/mod_s2s.lua
+++ b/plugins/mod_s2s/mod_s2s.lua
@@ -38,7 +38,7 @@ local secure_domains, insecure_domains =
module:get_option_set("s2s_secure_domains", {})._items, module:get_option_set("s2s_insecure_domains", {})._items;
local require_encryption = module:get_option_boolean("s2s_require_encryption", false);
-local measure_connections = module:measure("connections", "counter");
+local measure_connections = module:measure("connections", "amount");
local sessions = module:shared("sessions");
@@ -46,7 +46,7 @@ local runner_callbacks = {};
local log = module._log;
-do
+module:hook("stats-update", function ()
-- Connection counter resets to 0 on load and reload
-- Bump it up to current value
local count = 0;
@@ -54,7 +54,7 @@ do
count = count + 1;
end
measure_connections(count);
-end
+end);
--- Handle stanzas to remote domains
@@ -619,7 +619,6 @@ function runner_callbacks:error(err)
end
function listener.onconnect(conn)
- measure_connections(1);
conn:setoption("keepalive", opt_keepalives);
local session = sessions[conn];
if not session then -- New incoming connection
@@ -650,13 +649,7 @@ function listener.onstatus(conn, status)
end
end
-function listener.ontimeout(conn)
- -- Called instead of onconnect when the connection times out
- measure_connections(1);
-end
-
function listener.ondisconnect(conn, err)
- measure_connections(-1);
local session = sessions[conn];
if session then
sessions[conn] = nil;