diff options
author | Matthew Wild <mwild1@gmail.com> | 2016-09-12 22:31:25 +0100 |
---|---|---|
committer | Matthew Wild <mwild1@gmail.com> | 2016-09-12 22:31:25 +0100 |
commit | f4690a6063ec7940ef304691906fdfdebb57eab6 (patch) | |
tree | 1b740492720e5c386b928514e711e90e705f5693 | |
parent | 0e971a43895405f996ea49fc70142ec9ba182cc1 (diff) | |
parent | cd10e4439e1c9b6209f87bb6c77e51fb2f7992fc (diff) | |
download | prosody-f4690a6063ec7940ef304691906fdfdebb57eab6.tar.gz prosody-f4690a6063ec7940ef304691906fdfdebb57eab6.zip |
Merge 0.10->trunk
-rw-r--r-- | core/certmanager.lua | 11 | ||||
-rw-r--r-- | core/statsmanager.lua | 2 | ||||
-rw-r--r-- | plugins/mod_c2s.lua | 8 | ||||
-rw-r--r-- | plugins/mod_component.lua | 4 | ||||
-rw-r--r-- | plugins/mod_s2s/mod_s2s.lua | 13 |
5 files changed, 20 insertions, 18 deletions
diff --git a/core/certmanager.lua b/core/certmanager.lua index c286a901..3872bd9a 100644 --- a/core/certmanager.lua +++ b/core/certmanager.lua @@ -103,7 +103,16 @@ local core_defaults = { }; verifyext = { "lsec_continue", "lsec_ignore_purpose" }; curve = "secp384r1"; - ciphers = "HIGH+kEDH:HIGH+kEECDH:HIGH:!PSK:!SRP:!3DES:!aNULL"; + ciphers = { -- Enabled ciphers in order of preference: + "HIGH+kEDH", -- Ephemeral Diffie-Hellman key exchange, if a 'dhparam' file is set + "HIGH+kEECDH", -- Ephemeral Elliptic curve Diffie-Hellman key exchange + "HIGH", -- Other "High strength" ciphers + -- Disabled cipher suites: + "!PSK", -- Pre-Shared Key - not used for XMPP + "!SRP", -- Secure Remote Password - not used for XMPP + "!3DES", -- 3DES - slow and of questionable security + "!aNULL", -- Ciphers that does not authenticate the connection + }; } local path_options = { -- These we pass through resolve_path() key = true, certificate = true, cafile = true, capath = true, dhparam = true diff --git a/core/statsmanager.lua b/core/statsmanager.lua index 67702dd9..237b1dd5 100644 --- a/core/statsmanager.lua +++ b/core/statsmanager.lua @@ -6,7 +6,7 @@ local fire_event = prosody.events.fire_event; local stats_interval_config = config.get("*", "statistics_interval"); local stats_interval = tonumber(stats_interval_config); -if stats_config and not stats_interval then +if stats_interval_config and not stats_interval then log("error", "Invalid 'statistics_interval' setting, statistics will be disabled"); end diff --git a/plugins/mod_c2s.lua b/plugins/mod_c2s.lua index 18375248..7eebaf2d 100644 --- a/plugins/mod_c2s.lua +++ b/plugins/mod_c2s.lua @@ -28,7 +28,7 @@ local c2s_timeout = module:get_option_number("c2s_timeout"); local stream_close_timeout = module:get_option_number("c2s_close_timeout", 5); local opt_keepalives = module:get_option_boolean("c2s_tcp_keepalives", module:get_option_boolean("tcp_keepalives", true)); -local measure_connections = module:measure("connections", "counter"); +local measure_connections = module:measure("connections", "amount"); local sessions = module:shared("sessions"); local core_process_stanza = prosody.core_process_stanza; @@ -38,7 +38,7 @@ local stream_callbacks = { default_ns = "jabber:client" }; local listener = {}; local runner_callbacks = {}; -do +module:hook("stats-update", function () -- Connection counter resets to 0 on load and reload -- Bump it up to current value local count = 0; @@ -46,7 +46,7 @@ do count = count + 1; end measure_connections(count); -end +end); --- Stream events handlers local stream_xmlns_attr = {xmlns='urn:ietf:params:xml:ns:xmpp-streams'}; @@ -218,7 +218,6 @@ end --- Port listener function listener.onconnect(conn) - measure_connections(1); local session = sm_new_session(conn); sessions[conn] = session; @@ -291,7 +290,6 @@ function listener.onincoming(conn, data) end function listener.ondisconnect(conn, err) - measure_connections(-1); local session = sessions[conn]; if session then (session.log or log)("info", "Client disconnected: %s", err or "connection closed"); diff --git a/plugins/mod_component.lua b/plugins/mod_component.lua index 340faec0..2ef2533b 100644 --- a/plugins/mod_component.lua +++ b/plugins/mod_component.lua @@ -314,7 +314,9 @@ function listener.ondisconnect(conn, err) local session = sessions[conn]; if session then (session.log or log)("info", "component disconnected: %s (%s)", tostring(session.host), tostring(err)); - module:fire_event("component-disconnected", { session = session, reason = err }); + if session.host then + module:context(session.host):fire_event("component-disconnected", { session = session, reason = err }); + end if session.on_destroy then session:on_destroy(err); end sessions[conn] = nil; for k in pairs(session) do diff --git a/plugins/mod_s2s/mod_s2s.lua b/plugins/mod_s2s/mod_s2s.lua index a6fdd254..c9b6b137 100644 --- a/plugins/mod_s2s/mod_s2s.lua +++ b/plugins/mod_s2s/mod_s2s.lua @@ -38,7 +38,7 @@ local secure_domains, insecure_domains = module:get_option_set("s2s_secure_domains", {})._items, module:get_option_set("s2s_insecure_domains", {})._items; local require_encryption = module:get_option_boolean("s2s_require_encryption", false); -local measure_connections = module:measure("connections", "counter"); +local measure_connections = module:measure("connections", "amount"); local sessions = module:shared("sessions"); @@ -46,7 +46,7 @@ local runner_callbacks = {}; local log = module._log; -do +module:hook("stats-update", function () -- Connection counter resets to 0 on load and reload -- Bump it up to current value local count = 0; @@ -54,7 +54,7 @@ do count = count + 1; end measure_connections(count); -end +end); --- Handle stanzas to remote domains @@ -619,7 +619,6 @@ function runner_callbacks:error(err) end function listener.onconnect(conn) - measure_connections(1); conn:setoption("keepalive", opt_keepalives); local session = sessions[conn]; if not session then -- New incoming connection @@ -650,13 +649,7 @@ function listener.onstatus(conn, status) end end -function listener.ontimeout(conn) - -- Called instead of onconnect when the connection times out - measure_connections(1); -end - function listener.ondisconnect(conn, err) - measure_connections(-1); local session = sessions[conn]; if session then sessions[conn] = nil; |