diff options
| -rw-r--r-- | core/certmanager.lua | 5 | ||||
| -rw-r--r-- | core/stanza_router.lua | 10 | ||||
| -rw-r--r-- | doc/storage.tld | 61 | ||||
| -rw-r--r-- | man/prosodyctl.markdown | 29 | ||||
| -rw-r--r-- | net/server_select.lua | 1 |
5 files changed, 103 insertions, 3 deletions
diff --git a/core/certmanager.lua b/core/certmanager.lua index 3872bd9a..12ae94b1 100644 --- a/core/certmanager.lua +++ b/core/certmanager.lua @@ -184,9 +184,12 @@ local function create_context(host, mode, ...) err = err or "invalid ssl config" local file = err:match("^error loading (.-) %("); if file then + local typ; if file == "private key" then + typ = file; file = user_ssl_config.key or "your private key"; elseif file == "certificate" then + typ = file; file = user_ssl_config.certificate or "your certificate file"; end local reason = err:match("%((.+)%)$") or "some reason"; @@ -196,6 +199,8 @@ local function create_context(host, mode, ...) reason = "Check that the path is correct, and the file exists."; elseif reason == "system lib" then reason = "Previous error (see logs), or other system error."; + elseif reason == "no start line" then + reason = "Check that the file contains a "..(typ or file); elseif reason == "(null)" or not reason then reason = "Check that the file exists and the permissions are correct"; else diff --git a/core/stanza_router.lua b/core/stanza_router.lua index cf098258..af797f08 100644 --- a/core/stanza_router.lua +++ b/core/stanza_router.lua @@ -67,8 +67,14 @@ function core_process_stanza(origin, stanza) return handle_unhandled_stanza(origin.host, origin, stanza); end if name == "iq" then - if not iq_types[st_type] or ((st_type == "set" or st_type == "get") and (#stanza.tags ~= 1)) then - origin.send(st.error_reply(stanza, "modify", "bad-request", "Invalid IQ type or incorrect number of children")); + if not iq_types[st_type] then + origin.send(st.error_reply(stanza, "modify", "bad-request", "Invalid IQ type")); + return; + elseif not stanza.attr.id then + origin.send(st.error_reply(stanza, "modify", "bad-request", "Missing required 'id' attribute")); + return; + elseif (st_type == "set" or st_type == "get") and (#stanza.tags ~= 1) then + origin.send(st.error_reply(stanza, "modify", "bad-request", "Incorrect number of children for IQ stanz")); return; end end diff --git a/doc/storage.tld b/doc/storage.tld new file mode 100644 index 00000000..f1d33e58 --- /dev/null +++ b/doc/storage.tld @@ -0,0 +1,61 @@ +-- Storage Interface API Description +-- +-- This is written as a TypedLua description + +-- Key-Value stores (the default) + +interface keyval_store + get : ( self, string? ) -> (any) | (nil, string) + set : ( self, string?, any ) -> (boolean) | (nil, string) +end + +-- Map stores (key-key-value stores) + +interface map_store + get : ( self, string?, any ) -> (any) | (nil, string) + set : ( self, string?, any, any ) -> (boolean) | (nil, string) + set_keys : ( self, string?, { any : any }) -> (boolean) | (nil, string) + remove : {} +end + +-- Archive stores + +typealias archive_query = { + "start" : number?, -- timestamp + "end" : number?, -- timestamp + "with" : string?, + "after" : string?, -- archive id + "before" : string?, -- archive id + "total" : boolean?, +} + +interface archive_store + -- Optional set of capabilities + caps : { + -- Optional total count of matching items returned as second return value from :find() + "total" : boolean?, + }? + + -- Add to the archive + append : ( self, string?, string?, any, number?, string? ) -> (string) | (nil, string) + + -- Iterate over archive + find : ( self, string?, archive_query? ) -> ( () -> ( string, any, number?, string? ), integer? ) + + -- Removal of items. API like find. Optional? + delete : ( self, string?, archive_query? ) -> (boolean) | (number) | (nil, string) + + -- Array of dates which do have messages (Optional?) + dates : ( self, string? ) -> ({ string }) | (nil, string) +end + +-- This represents moduleapi +interface module + -- If the first string is omitted then the name of the module is used + -- The second string is one of "keyval" (default), "map" or "archive" + open_store : (self, string?, string?) -> (keyval_store) | (map_store) | (archive_store) | (nil, string) + + -- Other module methods omitted +end + +module : module diff --git a/man/prosodyctl.markdown b/man/prosodyctl.markdown index 217dfd3d..e4c355a2 100644 --- a/man/prosodyctl.markdown +++ b/man/prosodyctl.markdown @@ -5,7 +5,7 @@ author: date: '2015-12-23' section: 1 title: PROSODYCTL -... +--- NAME ==== @@ -80,6 +80,30 @@ reload status : Prints the current execution status of the prosody server daemon. +Certificates +------------ + +prosodyctl can create self-signed certificates, certificate requests and +private keys for use with Prosody. Commands are of the form +`prosodyctl cert subcommand`. Commands take a list of hosts to be +included in the certificate. + +request hosts +: Create a certificate request (CSR) file for submission to a + certificate authority. Multiple hosts can be given, sub-domains are + automatically included. + +generate hosts +: Generate a self-signed certificate. + +key host \[size\] +: Generate a private key of 'size' bits (defaults to 2048). Invoked + automatically by 'request' and 'generate' if needed. + +config hosts +: Produce a config file for the list of hosts. Invoked automatically + by 'request' and 'generate' if needed. + Debugging --------- @@ -110,6 +134,9 @@ details of how these commands work you should see ejabberdctl(8). OPTIONS ======= +`--config filename` +: Use the specified config file instead of the default. + `--help` : Display help text for the specified command. diff --git a/net/server_select.lua b/net/server_select.lua index 0776b02e..f051da24 100644 --- a/net/server_select.lua +++ b/net/server_select.lua @@ -416,6 +416,7 @@ wrapconnection = function( server, listeners, socket, ip, serverport, clientport end handler.port = handler.clientport -- COMPAT server_event local write = function( self, data ) + if not handler then return false end bufferlen = bufferlen + #data if bufferlen > maxsendlen then _closelist[ handler ] = "send buffer exceeded" -- cannot close the client at the moment, have to wait to the end of the cycle |