aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* | mod_s2s: Improve robustness of outgoing s2s certificate verificationMatthew Wild2022-04-251-0/+11
| | | | | | | | | | | | | | | | | | This change ensures we have positively verified the certificates of the server we are connecting to before marking the session as authenticated. It protects against situations where the verify-or-close stage of the connection was interrupted (e.g. due to an uncaught error). Thanks to Zash for discovery and testing.
* | util.prosodyctl: check turn: ensure a result is always returned from a check ↵Matthew Wild2022-04-131-2/+2
| | | | | | | | (thanks eTaurus)
* | mod_storage_xep0227: Fix mapping of nodes without explicit configurationKim Alvefur2022-04-081-3/+1
| | | | | | | | | | | | | | Turns out this table was wrong, it's missing some fields which are required and it's 'name', not 'node'. Setting it to the boolean true invokes compatibility behavior in mod_pep which results in the correct default structure.
* | mod_storage_xep0227: Fix conversion of SCRAM into internal format (fix #1741)Kim Alvefur2022-04-081-1/+1
| | | | | | | | | | Looks like this function was a copy of hex_to_base64 without modifying it to do its inverse.
* | mod_storage_xep0227: Support basic listing of PEP nodes in absence of ↵Kim Alvefur2022-03-311-2/+11
| | | | | | | | | | | | pubsub#admin data Allows migrating PEP nodes with default settings
* | mod_storage_xep0227: Improve loggingKim Alvefur2022-03-291-1/+1
| | | | | | | | What were we looking at?
* | mod_storage_xep0227: Handle missing {pubsub#owner}pubsub element (fixes #1740)Matthew Wild2022-04-071-0/+3
| |
* | prosodyctl: Pass server when listing (outdated) plugins (fix #1738)Kim Alvefur2022-04-051-1/+7
| | | | | | | | | | Needed since it checks the manifest of the repository and most likely defaults to luarocks.org unless specified
* | core.modulemanager: Fix global flag on per-host instances of shared modules ↵Kim Alvefur2022-04-041-0/+1
| | | | | | | | | | | | | | | | | | (fix #1736) This flag is something of a shortcut for `module.host == "*"` and should always be equal to that. Its absence on the proxy object made the property of the global module instance visible, causing problems such as with URL reporting in mod_http
* | configmanager: Clearer errors when providing unexpected values after ↵Matthew Wild2022-04-031-0/+5
| | | | | | | | VirtualHost (fixes #1735, thanks arawaks)
* | util.random: Test whether util.crand works before using it (fix #1734)Kim Alvefur2022-04-021-1/+1
| | | | | | | | | | | | | | | | | | | | util.crand can be configured at compile time to use the Linux getrandom() system call, available from Linux 3.17, but it is still possible to load it with an older kernel lacking that system call, where attempting to use it throws an ENOSYS error. By testing for this on load we can fall back to /dev/urandom in this case.
* | mod_http (and dependent modules): Make CORS opt-in by default (fixes #1731)Matthew Wild2022-03-284-1/+8
| | | | | | | | | | | | | | | | | | The same-origin policy enforced by browsers is a security measure that should only be turned off when it is safe to do so. It is safe to do so in Prosody's default modules, but people may load third-party modules that are unsafe. Therefore we have flipped the default, so that modules must explicitly opt in to having CORS headers added on their requests.
* | mod_http: Reintroduce support for disabling or limiting CORS (fixes #1730)Matthew Wild2022-03-281-13/+31
| | | | | | | | | | This is far better than pre-0.12, because we now have a universal way to configure and enable/disable CORS on a per-module basis.
* | prosodyctl: check config: Report paths of loaded configuration files (fixed ↵Matthew Wild2022-03-281-0/+7
| | | | | | | | #1729)
* | configmanager: Add method to report loaded config files (part of #1729 fix)Matthew Wild2022-03-281-0/+7
| |
* | mod_tombstones: Add caching to improve performance on busy servers (fixes #1728)Matthew Wild2022-03-281-11/+42
| |
* | mod_turn_external: Update status and friendlier handling of missing secret ↵Matthew Wild2022-03-281-1/+4
| | | | | | | | option (fixes #1727)
* | prosodyctl about: Report version of lua-readlineKim Alvefur2022-03-271-2/+8
| | | | | | | | Good to know since it affects how well the shell works
* | MUC: Allow kicking users with the same affiliation as the kicker (fixes #1724)Matthew Wild2022-03-231-4/+5
| | | | | | | | | | | | | | | | | | | | This is allowed by XEP-0045, which states: "A moderator SHOULD NOT be allowed to revoke moderation privileges from someone with a higher affiliation than themselves (i.e., an unaffiliated moderator SHOULD NOT be allowed to revoke moderation privileges from an admin or an owner, and an admin SHOULD NOT be allowed to revoke moderation privileges from an owner)."
* | mod_external_services: Move error message to correct place (fix #1725)Kim Alvefur2022-03-231-2/+2
| | | | | | | | | | This message was misplaced in c4599a7c534c when the @type and @host check was introduced.
* | mod_pubsub: Don't attempt to use server actor as publisher (fixes #1723)Matthew Wild2022-03-211-1/+1
| |
* | util.startup: Show error for unrecognized arguments passed to 'prosody' ↵Matthew Wild2022-03-211-6/+13
| | | | | | | | (fixes #1722)
* | CHANGES: Update to reflect 0.12.0 releaseMatthew Wild2022-03-191-2/+4
| |
* | mod_admin_socket: Improve error reporting when socket can't be created ↵Matthew Wild2022-03-191-2/+10
| | | | | | | | (fixes #1719)
* | prosodyctl: check turn: Fail with error if our own address is supplied for ↵Matthew Wild2022-03-191-0/+6
| | | | | | | | the ping test
* | prosodyctl: check config: Skip bare JID components in orphan checkMatthew Wild2022-03-191-1/+1
| |
* | mod_admin_socket: Comment on LuaSocket UNIX compat codeKim Alvefur2022-03-162-0/+12
| | | | | | | | Ref #1717
* | mod_admin_socket: Compat for luasocket prior to unix datagram supportKim Alvefur2022-03-152-0/+6
| | | | | | | | | | | | | | | | | | | | The "socket.unix" module exported only a function before https://github.com/lunarmodules/luasocket/commit/aa1b8cc9bc35e56de15eeb153c899e4c51de82a8 when datagram support was added. Fixes #1717 Thanks rsc and lucas for reporting and testing
* | mod_invites_register: Push invitee contact entry to inviterKim Alvefur2022-03-151-0/+1
| | | | | | | | | | | | | | | | | | Invitee would not show up in the roster of the invite creator unless they fetch their roster afterwards. Fixes #1715 Thanks gerald
* | prosodyctl: check turn: warn about external port mismatches behind NATMatthew Wild2022-03-111-5/+11
| | | | | | | | | | | | | | Some NATs don't preserve port numbers, which can cause the TURN server's reported relay address to be incorrect (the TURN server has no way to predict what the external port is, so it can't be corrected in config like an IP mismatch can).
* | Added tag 0.12.0 for changeset 50fcd3879482Matthew Wild2022-03-080-0/+0
| |
* | spelling: non-existing mistakes (thanks timeless)0.12.0Kim Alvefur2022-03-072-3/+3
| |
* | Spelling: Fix various spelling mistakes (thanks timeless)Kim Alvefur2022-03-0718-31/+31
| | | | | | | | | | | | Words, sometimes I wonder how they even work Maybe I missed something.
* | net.websocket.frames: Replace bit fiddling code with util.structKim Alvefur2022-03-061-48/+13
| | | | | | | | | | | | Fallback code for not having either the string.pack and string.unpack functions available in Lua 5.4 or the struct lib is no longer needed since the struct lib was imported as util.struct in 3ce3633527af
* | prosodyctl: check turn: compare correct addresses for relay mismatch ↵Matthew Wild2022-03-051-2/+5
| | | | | | | | detection (thanks Zash)
* | prosodyctl: check turn: Add check for private IP returned from STUN.Matthew Wild2022-03-051-0/+4
| |
* | prosodyctl: check turn: improve warning text to suggest issuesMatthew Wild2022-03-051-1/+5
| |
* | prosodyctl: check turn: fix traceback when server does not provide realm/nonceMatthew Wild2022-03-051-4/+12
| | | | | | | | As coturn when installed out of the box on Debian (because auth isn't enabled?)
* | prosodyctl: check turn: fix formatting of multiple warningsMatthew Wild2022-03-051-2/+3
| |
* | prosodyctl: check turn: always show debug info even if test failsMatthew Wild2022-03-051-11/+15
| |
* | prosodyctl: check turn: Clearer error when unable to resolve external ↵Matthew Wild2022-03-051-1/+1
| | | | | | | | service host
* | CHANGES: Mention STUN/TURN support in 'prosodyctl check'Matthew Wild2022-03-051-0/+1
| |
* | prosodyctl: check: include TURN checks by defaultMatthew Wild2022-03-051-2/+2
| |
* | prosodyctl: check: Slightly improved argument handlingMatthew Wild2022-03-051-1/+11
| |
* | prosodyctl: check turn: show relayed address(es) in verbose modeMatthew Wild2022-03-051-0/+7
| |
* | net.stun: Support for xor-relayed-address attributeMatthew Wild2022-03-051-2/+20
| |
* | prosodyctl: check turn: Allow specifying port for the ping serviceMatthew Wild2022-03-051-2/+9
| |
* | prosodyctl: check turn: Add support for testing data relay with an external ↵Matthew Wild2022-03-051-4/+88
| | | | | | | | STUN server via --ping
* | net.stun: Add xor-peer-address helperMatthew Wild2022-03-051-0/+16
| |
* | net.stun: Factor out address unpack, an operation common to multiple attributesMatthew Wild2022-03-051-11/+12
| |
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-18 11:23:22 +0000