| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
See previous commit to mod_c2s: a62146353528
|
|
|
|
|
|
|
|
|
| |
The :info() method has been observed to return nothing ... sometimes.
Unclear what causes it. Perhaps the TLS connection was shut down or
hasn't fully settled?
The LuaSec code has code paths that return nothing or nil, error, so it
is best to guard against it.
|
| |
|
|
|
|
|
|
|
|
| |
Since there is now support for SNI with per-host certificates as well as
support in `prosodyctl check dns`.
Previous "support" was just the 'legacy_ssl' option, which didn't have
much other supporting code.
|
|
|
|
| |
^C^V
|
| |
|
|
|
|
|
|
| |
This fixes wrongly reported DNS problems on some distros where the hosts
file contains an entry for the local machine, pointing at a loopback
address such as 127.0.1.1 or similar.
|
| |
|
| |
|
|
|
|
|
| |
This only differs from 'legacy_ssl' in name, at least on the server
side. For clients this is the one that uses SRV records.
|
|
|
|
|
| |
net.dns returns nil for NXDOMAIN, while net.unbound returns a table with
zero items and various status fields.
|
| |
|
|
|
|
|
|
|
|
|
| |
X-Frame-Options was replaced by the Content-Security-Policy
'frame-ancestors' directive, but Internet Explorer does not support that
part of CSP.
Since it's just one line it doesn't hurt to keep until some future
spring cleaning event :)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Fixes "attempt to compare number with nil" because `session.version` has
been cleared by s2smanager.destroy_session.
This can happen with the server_epoll setting opportunistic_writes
enabled, which means that it can notice that the connection failed at
this point, after which it triggers the whole chain of events that leads
to session destruction and "cleaning" most of the session fields.
|
| |
|
|
|
|
|
| |
Some items like HTTP providers would be very verbose, others are tricky
to handle.
|
| |
|
| |
|
|
|
|
|
|
| |
Hosts have a metatable __tostring method that produces a nice
representation such as `VirtualHost "example.com"`, which even includes
the component module for internal components.
|
| |
|
| |
|
|
|
|
|
| |
To show info about loaded modules. Inspired by the desire to know
whether a module was loaded from the core set or 3rd party.
|
|
|
|
| |
Lua 5.1 (thanks sups)
|
| |
|
| |
|
|
|
|
|
| |
This should re-create all contexts the same way as when the service was
activated, which reloads certificates.
|
|
|
|
| |
Thinking I can use this to reload certificates after config reload
|
|
|
|
|
| |
Supported by the other net.server implementations already, but not used
anywhere in Prosody.
|
|
|
|
|
| |
Creates buckets up to the configured size limit or 1TB, whichever is
smaller, e.g. {1K, 4K, 16K, ... 4M, 16M}
|
|
|
|
|
|
|
|
|
| |
"%g" turns 1GB into 1.07374e+09, which is a bit awkward for the bytes
measurements IMO. Turning up the precision, at "%.17g" turns 0.1 into
0.10000000000000001 while "%0.16" gives 0.1, hiding most of those pesky
floating point artefacts. Lua version 5.2 uses "%.14g" ( see
LUA_NUMBER_FMT in luaconf.h.html ) so it seems like a sensible choice
here.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If the underlying TCP connection times out before the write timeout
kicks in, end up here with err="timeout", which the following code
treats as a minor issue.
Then, due to epoll apparently returning the EPOLLOUT (writable) event
too, we go on and try to write to the socket (commonly stream headers).
This fails because the socket is closed, which becomes the error
returned up the stack to the rest of Prosody.
This also trips the 'onconnect' signal, which has effects on various
things, such as the net.connect state machine. Probably undesirable
effects.
With this, we instead return "connection timeout", like server_event,
and destroy the connection handle properly. And then nothing else
happens because the connection has been destroyed.
|
|
|
|
|
|
| |
Quick Fix\u{2122} to stop prevent certmanager from automatically adding
a client certificate for net.http.request, since this normally does not
require such.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Under some circumstances when hosts and modules are loaded in some
certain order, entries end up missing from the SNI map. This manifests
in e.g. `curl https://localhost:5281/` giving an error about
"unrecognized name".
The `service` argument is `nil` when invoked from the "host-activated"
event, leading it to iterating over every service. And then it would not
be fetching e.g. `http_host` from the config, which explains why https
would sometimes not work due to the missing name entry.
Because when `service` is included, this limits the iteration to
matching entries, while also returning the same value as the `name` loop
variable. Because `name == service when service != nil` we can use name
instead in the body of the loop.
|
|
|
|
| |
certificate_s_, plural, is the directory setting
|
| |
|
|\ |
|
| |
| |
| |
| | |
It will do nothing in a VirtualHost section for example.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
| |
| |
| |
| | |
Since there are more than two choices now. Hard to describe this choice
in just one line. Maybe this whole block should go away?
|
| |
| |
| |
| | |
Nicer than the "unsupported stanza type" error we get otherwise.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| |
| | |
This was a leftover from when we (or rather I) thought that the
old (now called "high-level") API would be removed. We deemed it
useful though, so let's remove that "legacy" language and make
the description more friendly.
|
| |
| |
| |
| |
| |
| | |
This allows the user to detect whether the cursor is currently
at the top of the stanza. This will be used by util.xmppstream
to be able to port it over.
|