Merge 0.9->trunk

author: Matthew Wild <mwild1@gmail.com> 2013-04-05 10:05:18 +0100
committer: Matthew Wild <mwild1@gmail.com> 2013-04-05 10:05:18 +0100
commit: fc2ce67b3159f5d5b35b8109f5c2c11fc8b37c99 (patch)
tree: 60c4be5a40bd2c13dcfb8435083d1b23619523a4
parent: 1213909d149d2ae2d697d6694ee1a30ef41c47f4 (diff)
parent: c84e9926d2d60a8587c1e57daa37baad489585b5 (diff)
download: prosody-fc2ce67b3159f5d5b35b8109f5c2c11fc8b37c99.tar.gz
prosody-fc2ce67b3159f5d5b35b8109f5c2c11fc8b37c99.zip
8 files changed, 101 insertions, 9 deletions
diff --git a/configure b/configure
index 5c6439fc..ecf77a86 100755
--- a/configure
+++ b/configure
@@ -41,15 +41,17 @@ Configure Prosody prior to building.
                             Default is "$LUA_SUFFIX" (lua$LUA_SUFFIX...)
 --with-lua=PREFIX           Use Lua from given prefix.
                             Default is $LUA_DIR
+--runwith=BINARY            What Lua binary to set as runtime environment.
+                            Default is $RUNWITH
 --with-lua-include=DIR      You can also specify Lua's includes dir.
                             Default is \$LUA_DIR/include
 --with-lua-lib=DIR          You can also specify Lua's libraries dir.
                             Default is \$LUA_DIR/lib
 --with-idn=LIB              The name of the IDN library to link with.
                             Default is $IDN_LIB
---idn-library=(idn|icu)		 Select library to use for IDNA functionality.
-									 idn: use GNU libidn (default)
-									 icu: use ICU from IBM
+--idn-library=(idn|icu)     Select library to use for IDNA functionality.
+                            idn: use GNU libidn (default)
+                            icu: use ICU from IBM
 --with-ssl=LIB              The name of the SSL to link with.
                             Default is $OPENSSL_LIB
 --cflags=FLAGS              Flags to pass to the compiler
diff --git a/core/portmanager.lua b/core/portmanager.lua
index 68c7617a..1b3740cf 100644
--- a/core/portmanager.lua
+++ b/core/portmanager.lua
@@ -70,6 +70,16 @@ prosody.events.add_handler("item-removed/net-provider", function (event)
 	unregister_service(item.name, item);
 end);
 
+local function duplicate_ssl_config(ssl_config)
+	local ssl_config = type(ssl_config) == "table" and ssl_config or {};
+
+	local _config = {};
+	for k, v in pairs(ssl_config) do
+		_config[k] = v;
+	end
+	return _config;
+end
+
 --- Public API
 
 function activate(service_name)
@@ -114,9 +124,24 @@ function activate(service_name)
 				local err;
 				-- Create SSL context for this service/port
 				if service_info.encryption == "ssl" then
-					local ssl_config = config.get("*", config_prefix.."ssl");
-					ssl, err = certmanager.create_context(service_info.name.." port "..port, "server", ssl_config and (ssl_config[port_number]
-						or (ssl_config.certificate and ssl_config)));
+					local ssl_config = duplicate_ssl_config((config.get("*", config_prefix.."ssl") and config.get("*", config_prefix.."ssl")[interface])
+								or (config.get("*", config_prefix.."ssl") and config.get("*", config_prefix.."ssl")[port])
+								or config.get("*", config_prefix.."ssl")
+								or (config.get("*", "ssl") and config.get("*", "ssl")[interface])
+								or (config.get("*", "ssl") and config.get("*", "ssl")[port])
+								or config.get("*", "ssl"));
+					-- add default entries for, or override ssl configuration
+					if ssl_config and service_info.ssl_config then
+						for key, value in pairs(service_info.ssl_config) do
+							if not service_info.ssl_config_override and not ssl_config[key] then
+								ssl_config[key] = value;
+							elseif service_info.ssl_config_override then
+								ssl_config[key] = value;
+							end
+						end
+					end
+
+					ssl, err = certmanager.create_context(service_info.name.." port "..port, "server", ssl_config);
 					if not ssl then
 						log("error", "Error binding encrypted port for %s: %s", service_info.name, error_to_friendly_message(service_name, port_number, err) or "unknown error");
 					end
diff --git a/core/rostermanager.lua b/core/rostermanager.lua
index f14bb435..5e06e3f7 100644
--- a/core/rostermanager.lua
+++ b/core/rostermanager.lua
@@ -18,6 +18,7 @@ local hosts = hosts;
 local bare_sessions = bare_sessions;
 
 local datamanager = require "util.datamanager"
+local um_user_exists = require "core.usermanager".user_exists;
 local st = require "util.stanza";
 
 module "rostermanager"
@@ -105,6 +106,11 @@ function load_roster(username, host)
 end
 
 function save_roster(username, host, roster)
+	if not um_user_exists(username, host) then
+		log("debug", "not saving roster for %s@%s: the user doesn't exist", username, host);
+		return nil;
+	end
+
 	log("debug", "save_roster: saving roster for %s@%s", username, host);
 	if not roster then
 		roster = hosts[host] and hosts[host].sessions[username] and hosts[host].sessions[username].roster;
diff --git a/plugins/mod_http.lua b/plugins/mod_http.lua
index 2fa87421..0689634e 100644
--- a/plugins/mod_http.lua
+++ b/plugins/mod_http.lua
@@ -139,6 +139,7 @@ module:provides("net", {
 	listener = server.listener;
 	default_port = 5281;
 	encryption = "ssl";
+	ssl_config = { verify = "none" };
 	multiplex = {
 		pattern = "^[A-Z]";
 	};
diff --git a/plugins/mod_s2s/mod_s2s.lua b/plugins/mod_s2s/mod_s2s.lua
index 639f464b..1547345d 100644
--- a/plugins/mod_s2s/mod_s2s.lua
+++ b/plugins/mod_s2s/mod_s2s.lua
@@ -15,6 +15,7 @@ local core_process_stanza = prosody.core_process_stanza;
 local tostring, type = tostring, type;
 local t_insert = table.insert;
 local xpcall, traceback = xpcall, debug.traceback;
+local NULL = {};
 
 local add_task = require "util.timer".add_task;
 local st = require "util.stanza";
@@ -226,11 +227,19 @@ local function check_cert_status(session)
 	end
 
 	if cert then
-		local chain_valid, errors = conn:getpeerverification()
+		local chain_valid, errors;
+		if conn.getpeerverification then
+			chain_valid, errors = conn:getpeerverification();
+		elseif conn.getpeerchainvalid then -- COMPAT mw/luasec-hg
+			chain_valid, errors = conn:getpeerchainvalid();
+			errors = (not chain_valid) and { { errors } } or nil;
+		else
+			chain_valid, errors = false, { { "Chain verification not supported by this version of LuaSec" } };
+		end
 		-- Is there any interest in printing out all/the number of errors here?
 		if not chain_valid then
 			(session.log or log)("debug", "certificate chain validation result: invalid");
-			for depth, t in ipairs(errors) do
+			for depth, t in ipairs(errors or NULL) do
 				(session.log or log)("debug", "certificate error(s) at depth %d: %s", depth-1, table.concat(t, ", "))
 			end
 			session.cert_chain_status = "invalid";
diff --git a/plugins/mod_storage_none.lua b/plugins/mod_storage_none.lua
new file mode 100644
index 00000000..8f2d2f56
--- /dev/null
+++ b/plugins/mod_storage_none.lua
@@ -0,0 +1,23 @@
+local driver = {};
+local driver_mt = { __index = driver };
+
+function driver:open(store)
+	return setmetatable({ store = store }, driver_mt);
+end
+function driver:get(user)
+	return {};
+end
+
+function driver:set(user, data)
+	return nil, "Storage disabled";
+end
+
+function driver:stores(username)
+	return { "roster" };
+end
+
+function driver:purge(user)
+	return true;
+end
+
+module:provides("storage", driver);
diff --git a/prosody b/prosody
index 875140de..9a88eac0 100755
--- a/prosody
+++ b/prosody
@@ -290,12 +290,12 @@ function load_secondary_libraries()
 	--- Load and initialise core modules
 	require "util.import"
 	require "util.xmppstream"
-	require "core.rostermanager"
 	require "core.stanza_router"
 	require "core.hostmanager"
 	require "core.portmanager"
 	require "core.modulemanager"
 	require "core.usermanager"
+	require "core.rostermanager"
 	require "core.sessionmanager"
 	package.loaded['core.componentmanager'] = setmetatable({},{__index=function()
 		log("warn", "componentmanager is deprecated: %s", debug.traceback():match("\n[^\n]*\n[ \t]*([^\n]*)"));
diff --git a/util/stanza.lua b/util/stanza.lua
index 213ed506..59c88c4e 100644
--- a/util/stanza.lua
+++ b/util/stanza.lua
@@ -18,6 +18,7 @@ local pairs         =         pairs;
 local ipairs        =        ipairs;
 local type          =          type;
 local s_gsub        =   string.gsub;
+local s_sub         =    string.sub;
 local s_find        =   string.find;
 local os            =            os;
 
@@ -174,6 +175,31 @@ function stanza_mt:maptags(callback)
 	return self;
 end
 
+function stanza_mt:find(path)
+	local pos = 1;
+	local len = #path + 1;
+
+	repeat
+		local xmlns, name, text;
+		local char = s_sub(path, pos, pos);
+		if char == "@" then
+			return self.attr[s_sub(path, pos + 1)];
+		elseif char == "{" then
+			xmlns, pos = s_match(path, "^([^}]+)}()", pos + 1);
+		end
+		name, text, pos = s_match(path, "^([^@/#]*)([/#]?)()", pos);
+		name = name ~= "" and name or nil;
+		if pos == len then
+			if text == "#" then
+				return self:get_child_text(name, xmlns);
+			end
+			return self:get_child(name, xmlns);
+		end
+		self = self:get_child(name, xmlns);
+	until not self
+end
+
+
 local xml_escape
 do
 	local escape_table = { ["'"] = "&apos;", ["\""] = "&quot;", ["<"] = "&lt;", [">"] = "&gt;", ["&"] = "&amp;" };
author	Matthew Wild <mwild1@gmail.com>	2013-04-05 10:05:18 +0100
committer	Matthew Wild <mwild1@gmail.com>	2013-04-05 10:05:18 +0100
commit	fc2ce67b3159f5d5b35b8109f5c2c11fc8b37c99 (patch)
tree	60c4be5a40bd2c13dcfb8435083d1b23619523a4
parent	1213909d149d2ae2d697d6694ee1a30ef41c47f4 (diff)
parent	c84e9926d2d60a8587c1e57daa37baad489585b5 (diff)
download	prosody-fc2ce67b3159f5d5b35b8109f5c2c11fc8b37c99.tar.gz prosody-fc2ce67b3159f5d5b35b8109f5c2c11fc8b37c99.zip