aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--core/certmanager.lua5
-rw-r--r--core/stanza_router.lua10
-rw-r--r--doc/storage.tld61
-rw-r--r--man/prosodyctl.markdown29
-rw-r--r--net/server_select.lua1
5 files changed, 103 insertions, 3 deletions
diff --git a/core/certmanager.lua b/core/certmanager.lua
index 3872bd9a..12ae94b1 100644
--- a/core/certmanager.lua
+++ b/core/certmanager.lua
@@ -184,9 +184,12 @@ local function create_context(host, mode, ...)
err = err or "invalid ssl config"
local file = err:match("^error loading (.-) %(");
if file then
+ local typ;
if file == "private key" then
+ typ = file;
file = user_ssl_config.key or "your private key";
elseif file == "certificate" then
+ typ = file;
file = user_ssl_config.certificate or "your certificate file";
end
local reason = err:match("%((.+)%)$") or "some reason";
@@ -196,6 +199,8 @@ local function create_context(host, mode, ...)
reason = "Check that the path is correct, and the file exists.";
elseif reason == "system lib" then
reason = "Previous error (see logs), or other system error.";
+ elseif reason == "no start line" then
+ reason = "Check that the file contains a "..(typ or file);
elseif reason == "(null)" or not reason then
reason = "Check that the file exists and the permissions are correct";
else
diff --git a/core/stanza_router.lua b/core/stanza_router.lua
index cf098258..af797f08 100644
--- a/core/stanza_router.lua
+++ b/core/stanza_router.lua
@@ -67,8 +67,14 @@ function core_process_stanza(origin, stanza)
return handle_unhandled_stanza(origin.host, origin, stanza);
end
if name == "iq" then
- if not iq_types[st_type] or ((st_type == "set" or st_type == "get") and (#stanza.tags ~= 1)) then
- origin.send(st.error_reply(stanza, "modify", "bad-request", "Invalid IQ type or incorrect number of children"));
+ if not iq_types[st_type] then
+ origin.send(st.error_reply(stanza, "modify", "bad-request", "Invalid IQ type"));
+ return;
+ elseif not stanza.attr.id then
+ origin.send(st.error_reply(stanza, "modify", "bad-request", "Missing required 'id' attribute"));
+ return;
+ elseif (st_type == "set" or st_type == "get") and (#stanza.tags ~= 1) then
+ origin.send(st.error_reply(stanza, "modify", "bad-request", "Incorrect number of children for IQ stanz"));
return;
end
end
diff --git a/doc/storage.tld b/doc/storage.tld
new file mode 100644
index 00000000..f1d33e58
--- /dev/null
+++ b/doc/storage.tld
@@ -0,0 +1,61 @@
+-- Storage Interface API Description
+--
+-- This is written as a TypedLua description
+
+-- Key-Value stores (the default)
+
+interface keyval_store
+ get : ( self, string? ) -> (any) | (nil, string)
+ set : ( self, string?, any ) -> (boolean) | (nil, string)
+end
+
+-- Map stores (key-key-value stores)
+
+interface map_store
+ get : ( self, string?, any ) -> (any) | (nil, string)
+ set : ( self, string?, any, any ) -> (boolean) | (nil, string)
+ set_keys : ( self, string?, { any : any }) -> (boolean) | (nil, string)
+ remove : {}
+end
+
+-- Archive stores
+
+typealias archive_query = {
+ "start" : number?, -- timestamp
+ "end" : number?, -- timestamp
+ "with" : string?,
+ "after" : string?, -- archive id
+ "before" : string?, -- archive id
+ "total" : boolean?,
+}
+
+interface archive_store
+ -- Optional set of capabilities
+ caps : {
+ -- Optional total count of matching items returned as second return value from :find()
+ "total" : boolean?,
+ }?
+
+ -- Add to the archive
+ append : ( self, string?, string?, any, number?, string? ) -> (string) | (nil, string)
+
+ -- Iterate over archive
+ find : ( self, string?, archive_query? ) -> ( () -> ( string, any, number?, string? ), integer? )
+
+ -- Removal of items. API like find. Optional?
+ delete : ( self, string?, archive_query? ) -> (boolean) | (number) | (nil, string)
+
+ -- Array of dates which do have messages (Optional?)
+ dates : ( self, string? ) -> ({ string }) | (nil, string)
+end
+
+-- This represents moduleapi
+interface module
+ -- If the first string is omitted then the name of the module is used
+ -- The second string is one of "keyval" (default), "map" or "archive"
+ open_store : (self, string?, string?) -> (keyval_store) | (map_store) | (archive_store) | (nil, string)
+
+ -- Other module methods omitted
+end
+
+module : module
diff --git a/man/prosodyctl.markdown b/man/prosodyctl.markdown
index 217dfd3d..e4c355a2 100644
--- a/man/prosodyctl.markdown
+++ b/man/prosodyctl.markdown
@@ -5,7 +5,7 @@ author:
date: '2015-12-23'
section: 1
title: PROSODYCTL
-...
+---
NAME
====
@@ -80,6 +80,30 @@ reload
status
: Prints the current execution status of the prosody server daemon.
+Certificates
+------------
+
+prosodyctl can create self-signed certificates, certificate requests and
+private keys for use with Prosody. Commands are of the form
+`prosodyctl cert subcommand`. Commands take a list of hosts to be
+included in the certificate.
+
+request hosts
+: Create a certificate request (CSR) file for submission to a
+ certificate authority. Multiple hosts can be given, sub-domains are
+ automatically included.
+
+generate hosts
+: Generate a self-signed certificate.
+
+key host \[size\]
+: Generate a private key of 'size' bits (defaults to 2048). Invoked
+ automatically by 'request' and 'generate' if needed.
+
+config hosts
+: Produce a config file for the list of hosts. Invoked automatically
+ by 'request' and 'generate' if needed.
+
Debugging
---------
@@ -110,6 +134,9 @@ details of how these commands work you should see ejabberdctl(8).
OPTIONS
=======
+`--config filename`
+: Use the specified config file instead of the default.
+
`--help`
: Display help text for the specified command.
diff --git a/net/server_select.lua b/net/server_select.lua
index 0776b02e..f051da24 100644
--- a/net/server_select.lua
+++ b/net/server_select.lua
@@ -416,6 +416,7 @@ wrapconnection = function( server, listeners, socket, ip, serverport, clientport
end
handler.port = handler.clientport -- COMPAT server_event
local write = function( self, data )
+ if not handler then return false end
bufferlen = bufferlen + #data
if bufferlen > maxsendlen then
_closelist[ handler ] = "send buffer exceeded" -- cannot close the client at the moment, have to wait to the end of the cycle