Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | util.x509: Only collect commonNames that pass idna | Kim Alvefur | 2019-09-10 | 1 | -1/+1 |
| | | | | | Weeds out "Example Certificate" and the like, which are uninteresting for this function. | ||||
* | util.x509: Nameprep commonName once | Kim Alvefur | 2019-09-10 | 1 | -2/+5 |
| | |||||
* | doap: Add XEP-0288 | Kim Alvefur | 2019-09-09 | 1 | -0/+6 |
| | |||||
* | doap: Add a Description Of A Project file | Kim Alvefur | 2019-08-27 | 1 | -0/+427 |
| | |||||
* | mod_admin_telnet: Identify native bidi sessions | Kim Alvefur | 2019-09-08 | 1 | -1/+3 |
| | |||||
* | CHANGES: Add XEP-0288 | Kim Alvefur | 2019-09-08 | 1 | -0/+1 |
| | |||||
* | mod_s2s_bidi: Enables bi-directional streams via XEP-0288 | Kim Alvefur | 2019-09-08 | 2 | -1/+39 |
| | |||||
* | mod_s2s: Remove warning about hostname mismatch | Kim Alvefur | 2019-09-07 | 1 | -5/+0 |
| | | | | | | It triggers on bidi-related routing where this to/from is flipped. Removing since I don't think we have ever seen this potential bug. | ||||
* | mod_s2s: Insert s2sin into outgoing routing table when bidirectional | Kim Alvefur | 2019-09-07 | 1 | -0/+4 |
| | |||||
* | mod_s2s: Add function to send replies on s2sout connections that support ↵ | Kim Alvefur | 2019-09-07 | 1 | -0/+7 |
| | | | | incoming traffic | ||||
* | mod_s2s: Handle authentication of s2sin and s2sout the same way | Kim Alvefur | 2019-09-07 | 1 | -7/+5 |
| | |||||
* | core.stanza_router: Handle s2s in more direction-agnostic way | Kim Alvefur | 2019-09-07 | 1 | -2/+2 |
| | |||||
* | core.s2smanager: Add map of names authenticate for remote on s2sout for ↵ | Kim Alvefur | 2019-09-07 | 1 | -0/+1 |
| | | | | | | parity with s2sin Making s2sin and -out look more alike in preparation for bidi support | ||||
* | core.s2smanager: Add [direction] boolean flags to s2s connections | Kim Alvefur | 2019-09-07 | 1 | -0/+2 |
| | | | | This will allow representing connections that go both directions | ||||
* | mod_offline: Add some debug logging to reduce confusion | Kim Alvefur | 2019-09-08 | 1 | -1/+5 |
| | | | | Where did these messages come from??? | ||||
* | util.bitops: Library to find appropriate bitwise library (closes #1395) | Kim Alvefur | 2019-07-22 | 3 | -2/+40 |
| | |||||
* | mod_s2s: Remove obsolete cleanup code | Kim Alvefur | 2019-09-07 | 1 | -7/+0 |
| | | | | These were added by s2sout.lib | ||||
* | mod_admin_telnet: Identify bidi-capable s2sout sessions (fixes #1403) | Kim Alvefur | 2019-09-07 | 1 | -1/+1 |
| | |||||
* | tests: Disable TLS in scansion tests | Kim Alvefur | 2019-09-07 | 1 | -1/+1 |
| | | | | | | They were not using TLS before. With a36af4570b39 TLS context creation will succeed even without a certificate, so TLS will be offered, but since there is no certificate it does not work. | ||||
* | core.certmanager: Lower severity for tls config not having cert | Kim Alvefur | 2019-09-07 | 1 | -2/+4 |
| | | | | | | | This is needed for SNI where certificates are in separate per-hostname contexts, not the main one. If there is a cert, it will still require a corresponding key. | ||||
* | net.http: Pass server name along for SNI (fixes #1408) | Kim Alvefur | 2019-09-01 | 1 | -1/+1 |
| | | | | net.resolver.basic passes this 'extra' field along to server.addclient | ||||
* | net.server: Handle server name (SNI) as extra argument | Kim Alvefur | 2019-09-01 | 3 | -0/+10 |
| | | | | | | Code added in 75d2874502c3, 9a905888b96c and adc0672b700e uses this field. See #409 and #1408 | ||||
* | net.server: Accept and save an 'extra' field for client connections | Kim Alvefur | 2019-09-01 | 3 | -15/+19 |
| | | | | | This lets code attach some extra data to be attached to client connections. | ||||
* | Merge 0.11->trunk | Kim Alvefur | 2019-08-31 | 1 | -2/+2 |
|\ | |||||
| * | MUC: Fix delay@from to be room JID (fixes #1416)0.11.3 | Kim Alvefur | 2019-08-31 | 1 | -2/+2 |
| | | |||||
* | | MUC: Fix delay tag @from in test to be the room JID (#1054 came back) | Kim Alvefur | 2019-08-31 | 1 | -2/+2 |
| | | |||||
* | | MUC: Add a test covering basic room creation, messages and destruction | Kim Alvefur | 2019-08-31 | 1 | -0/+242 |
| | | |||||
* | | net.server_epoll: Add support for opportunistic writes | Kim Alvefur | 2019-08-28 | 1 | -0/+8 |
| | | | | | | | | | | | | | | | | This tries to flush data to the underlying sockets when receiving writes. This should lead to fewer timer objects being around. On the other hand, this leads to more and smaller writes which may translate to more TCP/IP packets being sent, depending on how the kernel handles this. This trades throughput for lower latency. | ||||
* | | core.certmanager: Remove unused import [luacheck] | Kim Alvefur | 2019-08-25 | 1 | -1/+0 |
| | | |||||
* | | Remove COMPAT with temporary luasec fork | Kim Alvefur | 2019-08-25 | 4 | -14/+0 |
| | | | | | | | | | | The changes in the temporary fork were merged into mainline luasec ca 2013 and included in the 0.5 release in 2014. | ||||
* | | MUC: Simplify nickname refresh loop | Kim Alvefur | 2019-08-25 | 1 | -2/+1 |
| | | | | | | | | Affiliation data is passed as a loop variable so no need to retrieve it | ||||
* | | core.certmanager: Move EECDH ciphers before EDH in default cipherstring | Kim Alvefur | 2019-08-25 | 1 | -1/+1 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The original intent of having kEDH before kEECDH was that if a `dhparam` file was specified, this would be interpreted as a preference by the admin for old and well-tested Diffie-Hellman key agreement over newer elliptic curve ones. Otherwise the faster elliptic curve ciphersuites would be preferred. This didn't really work as intended since this affects the ClientHello on outgoing s2s connections, leading to some servers using poorly configured kEDH. With Debian shipping OpenSSL settings that enforce a higher security level, this caused interoperability problems with servers that use DH params smaller than 2048 bits. E.g. jabber.org at the time of this writing has 1024 bit DH params. MattJ says > Curves have won, and OpenSSL is less weird about them now | ||||
* | | mod_storage_internal: Include last text message | Kim Alvefur | 2019-08-23 | 1 | -1/+4 |
| | | | | | | | | | | | | A protocol built on this API now allows showing a list of unread conversations with a counter, ordered by either oldest or newest message, along with the text body itself. | ||||
* | | mod_storage_*: Also include timestmap of first message in :summary API | Kim Alvefur | 2019-08-23 | 3 | -3/+15 |
| | | | | | | | | | | For completeness along with most recent timestamp. Might be nice to be able to order by oldest unread message. | ||||
* | | mod_storage_*: Include timestamp of latest message in :summary API | Kim Alvefur | 2019-08-23 | 3 | -3/+12 |
| | | | | | | | | | | | | | | Clients may want to show a list of conversations ordered by how timestamp of most recent message. The counts allow a badge with unread message counter. | ||||
* | | mod_storage_*: Tweak :summary API to allow future expansion with more fields | Kim Alvefur | 2019-08-23 | 3 | -9/+15 |
| | | | | | | | | Eg might want to include last message, timestamp, chat state or other info. | ||||
* | | mod_auth_internal_hashed: Precompute SCRAM authentication profile name ↵ | Kim Alvefur | 2019-08-22 | 1 | -1/+2 |
| | | | | | | | | (thanks MattJ) | ||||
* | | mod_auth_internal_hashed: Add support for optionally using SCRAM-SHA-256 ↵ | Kim Alvefur | 2019-01-13 | 2 | -6/+8 |
| | | | | | | | | | | | | | | instead of SHA-1 This will currently require a hard reset of all passwords back to plain. This will be least painful on new deployments. | ||||
* | | util.sasl.scram: Add support for SCRAM-SHA-256 | Kim Alvefur | 2019-01-13 | 1 | -0/+1 |
| | | |||||
* | | util.sasl.scram: Factor out SHA-1 specific getAuthenticationDatabaseSHA1 | Kim Alvefur | 2019-01-13 | 1 | -20/+25 |
| | | | | | | | | This makes the code more generic, allowing SHA-1 to be replaced | ||||
* | | mod_vcard_legacy: Use PEP nickname if vcard4 data is unavailable | Kim Alvefur | 2019-08-22 | 1 | -0/+8 |
| | | | | | | | | | | | | | | Last remaining nice feature from mod_profile. Allows setting eg nickname and avatar as completely public while restricting private details in vcard4 to only contacts. | ||||
* | | core.moduleapi: Restructure send_iq method for more atomic cleanup | Kim Alvefur | 2019-08-21 | 1 | -16/+23 |
| | | | | | | | | | | All cleanup in one spot instead of two, and at the end which fits with cleanup happening afterwards. | ||||
* | | core.moduleapi: Uppercase "IQ stanza" for consistency | Kim Alvefur | 2019-08-21 | 1 | -1/+1 |
| | | | | | | | | It's written like that elsewhere in the send_iq method | ||||
* | | Merge 0.11->trunk | Kim Alvefur | 2019-08-21 | 1 | -0/+1 |
|\| | |||||
| * | MUC: Advertise XEP-0410 support | Kim Alvefur | 2019-07-30 | 1 | -0/+1 |
| | | | | | | | | Unsure if the feature was in the XEP at the time of 7c1cdf5f9f83 | ||||
* | | Merge mod-installer (2019 GSoC by João Duarte) | Matthew Wild | 2019-08-19 | 7 | -4/+138 |
|\ \ | |||||
| * | | util/prosodyctl: call_luarocks now sets a directory variable itself | João Duarte | 2019-08-16 | 1 | -1/+2 |
| | | | |||||
| * | | util/prosodyctl: Removed the check_flags and execute_command function | João Duarte | 2019-08-16 | 1 | -25/+0 |
| | | | |||||
| * | | prosodyctl: Install, remove and list commands now use the call_luarocks function | João Duarte | 2019-08-16 | 1 | -7/+4 |
| | | | |||||
| * | | core.configmanager: Removed code related to complement_lua_path | João Duarte | 2019-08-16 | 1 | -2/+0 |
| | | |