| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\ |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Allowed by XML despite arguably being a control character.
Drops the part of the range meant to rule out octets invalid in UTF-8
(\247 starts a 4-byte sequence), since UTF-8 correctness is validated by
util.encodings.utf8.valid().
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| | |
Since resumption is not supported on s2s currently, there is no point in
allocating resumption tokens. The code that removes entries from
session_registry is only invoked for c2s sessions, thus enabling
resumable smacks on s2s adds an entry that never goes away.
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Fixes #1779.
Due to an oversight in the logic, if the user set 'enabled' to false in an
override, it would disable the item's requested CORS settings, but still apply
Prosody's default CORS policy.
This change ensures that 'enabled = false' will now disable CORS entirely for
the requested item.
Due to the new structure of the code, it was necessary to have a flag to say
whether CORS is to be applied at all. Rather than hard-coding 'true' here, I
chose to add a new option: 'http_default_cors_enabled'. This is a boolean that
allows the operator to disable Prosody's default CORS policy entirely (the one
that is used when a module or config does not override it). This makes it
easier to disable CORS and then selectively enable it only on services you
want it on.
|
| | |
| |
| |
| | |
Similar to #1777
|
| | | |
|
| | |
| |
| |
| |
| | |
Fixes error in mod_authz_internal due to import() being unavailable as
it was only loaded in Prosody proper
|
| | |
| |
| |
| |
| | |
Fixes test case type.json:0:1 covering treatment of 1.0 as an integer
according to the JSON definition
|
| | |
| |
| |
| |
| | |
math.type() is unavailable before Lua 5.3 so this should use the compat
function added at the top
|
| | |
| |
| |
| | |
Also touching on how arrays are indistinguishable from tables in Lua
|
| | |
| |
| |
| | |
Full-URI references are not implemented
|
| | |
| |
| |
| | |
Piped trough `sort -g`
|
| | |
| |
| |
| |
| | |
Due to a change in luassert, a dependency luassert of the Busted test
framework, returning nothing is no longer treated as not falsy.
|
| | |
| |
| |
| |
| | |
Fixes the same kind of issue as in 65563530375b but once and for all,
while improving similarity between incoming and outgoing connections.
|
| | |
| |
| |
| |
| |
| |
| | |
user:roles() does not convey that this is the mutating command, it
should have been called setroles from the start but wasn't due to lack
of foresight. This has to accidentally removing roles when wanting to
show them.
|
| | |
| |
| |
| |
| |
| |
| | |
The ORDER BY and LIMIT clauses are not needed and don't even make much
sense. This part was most likely a leftover from the :find method.
Tested with sqlite and postgres 14
|
| | |
| |
| |
| |
| | |
Passes with memory, internal, sqlite
Fails with postgres as in #1766
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
It is time. Most community modules should have been adjusted to work
with the new (net.http.files) way.
At some point this usage should be prevented.
Related to #1765
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This is happens if the account is new and doesn't have any bookmarks
yet, which is not a problem.
Rarely seen since most clients currently use the older version of
XEP-0084 stored in XEP-0049 rather than in PEP, but at least one
(Converse.js )does.
One scenario in which this would show up often is with Converse.js as a
guest chat using anonymous authentication, where all "accounts" would
always be new and not have any bookmarks. This scenario probably does
not need to have mod_bookmarks at all, but if enabled globally it would
likely become loaded onto the VirtualHost unless explicitly disabled.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
There's no 'prosody.prosodyctl' property other than this one, introduced
in 6216743c188c in 2015.
Guessing that the intent was to skip this when running as a prosodyctl
command. The module.command code does its own version of this
initialization, so this seems likely.
Thanks raja for noticing
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Normally with bidi, any outgoing connection should be the same as the
incoming, hence when closing a bidi connection it should be removed as a
route to the remote server. However it is not guaranteed, a remote bidi-capable server
might have decided to open a new connection for some reason. This can
lead to a situation where there are two bidi connections, and the s2sout
route is a locally initiated s2sout connection. In this case, such a
s2sout connection should be kept.
Noticed in a rare case where bidi has just been enabled on a running
server, and something establishes new connections immediately when a
connection is closed.
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The JSON Schema specification says that schemas are objects or booleans,
and that the 'type' property is optional and can be an array.
This module previously allowed bare type names as schemas and did not
really handle booleans.
It now handles missing 'type' properties and boolean 'true' as a schema.
Objects and arrays are guessed based on the presence of 'properties' or
'items' field.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
MattJ reported a curious issue where validation did not work as
expected. Primarily that the "type" field was expected to be mandatory,
and thus leaving it out would result in no checks being performed.
This was likely caused by misreading during initial development.
Spent some time testing against
https://github.com/json-schema-org/JSON-Schema-Test-Suite.git and
discovered a multitude of issues, far too many to bother splitting into
separate commits.
More than half of them fail. Many because of features not implemented,
which have been marked NYI. For example, some require deep comparisons
e.g. when objects or arrays are present in enums fields.
Some because of quirks with how Lua differs from JavaScript, e.g. no
distinct array or object types. Tests involving fractional floating
point numbers. We're definitely not going to follow references to remote
resources. Or deal with UTF-16 sillyness. One test asserted that 1.0 is
an integer, where Lua 5.3+ will disagree.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
(fixes #1763) (thanks rgd)
add_defaults() is supposed to merge 3 tables, the defaults in
luaunbound, the defaults from prosody and any config from the prosody
config file. In the case where no `unbound={}` has been in the config,
it skips over the merge and returns only the prosody built-in defaults.
This results in libunbound skipping reading resolv.conf and uses its
default behavior of full recursive resolution.
Prior to #1737 there were only two tables, the luaunbound defaults and
the prosody config, where bypassing the merge and returning the former
did the right thing.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Observed problem: When shutting down prosody would immediately exit
after waiting for s2s connections to close, skipping the last cleanup
events and reporting the exit reason and code.
This happens because prosody.main_thread is in a waiting state and
queuing startup.shutdown is dispatched trough the main loop via
nexttick, but since the main loop was no longer running at that point it
proceeded to the end of the prosody script and exited there.
|
| | |
| |
| |
| |
| |
| | |
This ensures that the flag is set even if the pre-drain callback is
called from send(), as would be the case if opportunistic writes are
enabled.
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Sending stanzas with a remote session as origin when the stanzas have a
local JID in the from attribute trips validation in core.stanza_router,
leading to warnings:
> Received a stanza claiming to be from remote.example, over a stream authed for localhost.example
Using module:send() uses the local host as origin, which is fine here.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Fixes #1758
Introduced in 1ea01660c79a
In e62025f949f9 to and from was inverted since it changed from acting on
a reply to acting on the original stanza (or a clone thereof)
Unsure of the purpose of this check, you don't usually send stanzas to
your own full JID. Perhaps guarding against routing loops?
The check was present in the original commit of mod_smacks,
prosody-modules rev 9a7671720dec
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Fixes #1757
These places seem to have been left since e62025f949f9
The logic around expected_h in should_ack() misbehaved, always comparing
with 0 + unacked instead of acked + unacked.
|
| | |
| |
| |
| |
| |
| |
| | |
This is now done in net.unbound itself
Turning it back on in the config may still cause the problem of entries
there masking the DNS values.
|
| | |
| |
| |
| | |
This error is an error, therefore it should be at the error level
|
| | |
| |
| |
| |
| | |
This mirrors the behaviour with net.dns and avoids the initialization
issue in #1737
|
| | |
| |
| |
| |
| |
| | |
Answers my recurring question of
> Using cert "certs/example.com.crt" from index
... for what?
|
| | |
| |
| |
| |
| |
| | |
Due to the dummy statistics provider (see core.statsmanager line 250)
having a metatable that allows infinite indexing where everything is
always the same table, which end up in suf() in the concatenation line.
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| | |
Fixes #1753
Not known to be used anywhere
|
| | |
| |
| |
| | |
Example values from RFC 6901
|
| | |
| |
| |
| | |
Fixes #1752
|
| | |
| |
| |
| |
| |
| |
| | |
The type checks, they do nothing!
Observed: Tasks that were supposed to run weekly or daily were running
each hour.
|
| | |
| |
| |
| |
| | |
Rationale: It seems unlikely that someone who has not configured any
TURN service runs 'prosodyctl check turn' expecting this to be okay.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The 'global' property should reflect whether the module API instance
represents the global context or a VirtualHost or Component context.
However the module:context() method did not override this, leading the
property of the previous module shining trough, leading to bugs in code
relying on the 'global' property.
See also #1736
|
| | |
| |
| |
| |
| |
| | |
The second return value is (not insensibly) assumed to be an error. Instead of
returning a value there in the success case, copy the positional arguments
into the existing opts table.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
convenience
This is the same as the input table (which is mutated during processing), but
if that table was created on the fly, such as by packing `...` it's convenient
if it also gets returned from the parse function.
|
