aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Merge 0.11->0.120.12.2Kim Alvefur2022-12-121-1/+5
|\
| * Tag 0.11.14origin/0.110.11Kim Alvefur2022-12-120-0/+0
| |
| * util.stanza: Allow U+7F0.11.14Kim Alvefur2022-11-221-1/+5
| | | | | | | | | | | | | | | | Allowed by XML despite arguably being a control character. Drops the part of the range meant to rule out octets invalid in UTF-8 (\247 starts a 4-byte sequence), since UTF-8 correctness is validated by util.encodings.utf8.valid().
| * Added tag 0.11.13 for changeset ebeb4d959fb3Matthew Wild2022-01-240-0/+0
| |
* | mod_smacks: Disable resumption behavior on s2sKim Alvefur2022-11-131-1/+2
| | | | | | | | | | | | | | Since resumption is not supported on s2s currently, there is no point in allocating resumption tokens. The code that removes entries from session_registry is only invoked for c2s sessions, thus enabling resumable smacks on s2s adds an entry that never goes away.
* | util.json: Accept empty arrays with whitespace (fixes #1782)Matthew Wild2022-11-042-5/+22
| |
* | mod_http: Allow disabling CORS in the http_cors_override option and by defaultMatthew Wild2022-10-311-4/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes #1779. Due to an oversight in the logic, if the user set 'enabled' to false in an override, it would disable the item's requested CORS settings, but still apply Prosody's default CORS policy. This change ensures that 'enabled = false' will now disable CORS entirely for the requested item. Due to the new structure of the code, it was necessary to have a flag to say whether CORS is to be applied at all. Rather than hard-coding 'true' here, I chose to add a new option: 'http_default_cors_enabled'. This is a boolean that allows the operator to disable Prosody's default CORS policy entirely (the one that is used when a module or config does not override it). This makes it easier to disable CORS and then selectively enable it only on services you want it on.
* | mod_admin_shell: Ensure available connection for column 'secure'Kim Alvefur2022-10-231-1/+1
| | | | | | | | Similar to #1777
* | mod_admin_shell: Ensure connection exists to get port from (fixes #1777)Kim Alvefur2022-10-231-1/+5
| |
* | util.startup: Ensure import() is available in prosodyctl (thanks keyzer)Kim Alvefur2022-10-201-1/+1
| | | | | | | | | | Fixes error in mod_authz_internal due to import() being unavailable as it was only loaded in Prosody proper
* | util.jsonschema: Use same integer/float logic on Lua 5.2 and 5.3Kim Alvefur2022-10-091-2/+2
| | | | | | | | | | Fixes test case type.json:0:1 covering treatment of 1.0 as an integer according to the JSON definition
* | util.jsonschema: Fix Lua 5.2 integer compatKim Alvefur2022-10-091-1/+1
| | | | | | | | | | math.type() is unavailable before Lua 5.3 so this should use the compat function added at the top
* | util.jsonschema: Ignore test case for JavaScript specific detailKim Alvefur2022-10-091-0/+1
| | | | | | | | Also touching on how arrays are indistinguishable from tables in Lua
* | util.jsonschema: Ignore some further test cases for URI referencesKim Alvefur2022-10-091-0/+5
| | | | | | | | Full-URI references are not implemented
* | util.jsonschema: Sort test cases to skipKim Alvefur2022-10-091-7/+7
| | | | | | | | Piped trough `sort -g`
* | util.stanza: Return nil instead of nothing (fix test with luassert >=1.9)Kim Alvefur2022-09-151-0/+5
| | | | | | | | | | Due to a change in luassert, a dependency luassert of the Busted test framework, returning nothing is no longer treated as not falsy.
* | mod_s2s: Fix firing buffer drain eventsKim Alvefur2022-08-261-2/+2
| | | | | | | | | | Fixes the same kind of issue as in 65563530375b but once and for all, while improving similarity between incoming and outgoing connections.
* | mod_admin_shell: Switch names for user role management commandsKim Alvefur2022-08-151-4/+8
| | | | | | | | | | | | | | user:roles() does not convey that this is the mutating command, it should have been called setroles from the start but wasn't due to lack of foresight. This has to accidentally removing roles when wanting to show them.
* | mod_storage_sql: Fix summary API with Postgres (fixes #1766)Kim Alvefur2022-07-221-4/+2
| | | | | | | | | | | | | | The ORDER BY and LIMIT clauses are not needed and don't even make much sense. This part was most likely a leftover from the :find method. Tested with sqlite and postgres 14
* | storage tests: Add test for the archive:summary APIKim Alvefur2022-07-221-0/+17
| | | | | | | | | | Passes with memory, internal, sqlite Fails with postgres as in #1766
* | mod_http_files: Log warning about legacy modules using mod_http_filesKim Alvefur2022-07-171-2/+1
| | | | | | | | | | | | | | | | | | It is time. Most community modules should have been adjusted to work with the new (net.http.files) way. At some point this usage should be prevented. Related to #1765
* | mod_bookmarks: Reduce error about not having bookmarks to debug (thanks tom)Kim Alvefur2022-07-262-1/+32
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is happens if the account is new and doesn't have any bookmarks yet, which is not a problem. Rarely seen since most clients currently use the older version of XEP-0084 stored in XEP-0049 rather than in PEP, but at least one (Converse.js )does. One scenario in which this would show up often is with Converse.js as a guest chat using anonymous authentication, where all "accounts" would always be new and not have any bookmarks. This scenario probably does not need to have mod_bookmarks at all, but if enabled globally it would likely become loaded onto the VirtualHost unless explicitly disabled.
* | mod_storage_sql: Fix bypass of load procedure under prosodyctlKim Alvefur2022-07-261-1/+1
| | | | | | | | | | | | | | | | | | | | | | There's no 'prosody.prosodyctl' property other than this one, introduced in 6216743c188c in 2015. Guessing that the intent was to skip this when running as a prosodyctl command. The module.command code does its own version of this initialization, so this seems likely. Thanks raja for noticing
* | core.s2smanager: Don't remove unrelated session on close of bidi sessionKim Alvefur2022-06-271-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Normally with bidi, any outgoing connection should be the same as the incoming, hence when closing a bidi connection it should be removed as a route to the remote server. However it is not guaranteed, a remote bidi-capable server might have decided to open a new connection for some reason. This can lead to a situation where there are two bidi connections, and the s2sout route is a locally initiated s2sout connection. In this case, such a s2sout connection should be kept. Noticed in a rare case where bidi has just been enabled on a running server, and something establishes new connections immediately when a connection is closed.
* | luacheck: Shut up (backports 3caff1f93520, ignores module deleted in trunk)Kim Alvefur2022-05-302-2/+4
| |
* | Backport 875f73ead4e8 8e4033213c62 to deal with luacheck 0.26Kim Alvefur2022-07-081-1/+1
| |
* | util.datamapper: Improve handling of schemas with non-obvious "type"Kim Alvefur2022-07-083-25/+63
| | | | | | | | | | | | | | | | | | | | | | | | The JSON Schema specification says that schemas are objects or booleans, and that the 'type' property is optional and can be an array. This module previously allowed bare type names as schemas and did not really handle booleans. It now handles missing 'type' properties and boolean 'true' as a schema. Objects and arrays are guessed based on the presence of 'properties' or 'items' field.
* | util.jsonschema: Fix validation to not assume presence of "type" fieldKim Alvefur2022-07-083-282/+395
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | MattJ reported a curious issue where validation did not work as expected. Primarily that the "type" field was expected to be mandatory, and thus leaving it out would result in no checks being performed. This was likely caused by misreading during initial development. Spent some time testing against https://github.com/json-schema-org/JSON-Schema-Test-Suite.git and discovered a multitude of issues, far too many to bother splitting into separate commits. More than half of them fail. Many because of features not implemented, which have been marked NYI. For example, some require deep comparisons e.g. when objects or arrays are present in enums fields. Some because of quirks with how Lua differs from JavaScript, e.g. no distinct array or object types. Tests involving fractional floating point numbers. We're definitely not going to follow references to remote resources. Or deal with UTF-16 sillyness. One test asserted that 1.0 is an integer, where Lua 5.3+ will disagree.
* | net.unbound: Merge luaunbound and prosody defaults in absence of user config ↵Kim Alvefur2022-06-191-11/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (fixes #1763) (thanks rgd) add_defaults() is supposed to merge 3 tables, the defaults in luaunbound, the defaults from prosody and any config from the prosody config file. In the case where no `unbound={}` has been in the config, it skips over the merge and returns only the prosody built-in defaults. This results in libunbound skipping reading resolv.conf and uses its default behavior of full recursive resolution. Prior to #1737 there were only two tables, the luaunbound defaults and the prosody config, where bypassing the merge and returning the former did the right thing.
* | util.startup: Fix async waiting for last shutdown stepsKim Alvefur2022-06-142-2/+6
| | | | | | | | | | | | | | | | | | | | | | Observed problem: When shutting down prosody would immediately exit after waiting for s2s connections to close, skipping the last cleanup events and reporting the exit reason and code. This happens because prosody.main_thread is in a waiting state and queuing startup.shutdown is dispatched trough the main loop via nexttick, but since the main loop was no longer running at that point it proceeded to the end of the prosody script and exited there.
* | mod_smacks: Fix #1761 by setting a flag earlierKim Alvefur2022-06-121-1/+1
| | | | | | | | | | | | This ensures that the flag is set even if the pre-drain callback is called from send(), as would be the case if opportunistic writes are enabled.
* | Added tag 0.12.1 for changeset 252ed01896ddMatthew Wild2022-06-090-0/+0
| |
* | mod_smacks: Bounce unhandled stanzas from local origin (fix #1759)0.12.1Kim Alvefur2022-05-271-2/+1
| | | | | | | | | | | | | | | | | | Sending stanzas with a remote session as origin when the stanzas have a local JID in the from attribute trips validation in core.stanza_router, leading to warnings: > Received a stanza claiming to be from remote.example, over a stream authed for localhost.example Using module:send() uses the local host as origin, which is fine here.
* | mod_smacks: Fix bounce of stanzas directed to full JID on unclean disconnectKim Alvefur2022-05-271-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes #1758 Introduced in 1ea01660c79a In e62025f949f9 to and from was inverted since it changed from acting on a reply to acting on the original stanza (or a clone thereof) Unsure of the purpose of this check, you don't usually send stanzas to your own full JID. Perhaps guarding against routing loops? The check was present in the original commit of mod_smacks, prosody-modules rev 9a7671720dec
* | mod_smacks: Fix to use current method of counting acked stanzasKim Alvefur2022-05-261-3/+2
| | | | | | | | | | | | | | | | | | Fixes #1757 These places seem to have been left since e62025f949f9 The logic around expected_h in should_ack() misbehaved, always comparing with 0 + unacked instead of acked + unacked.
* | util.prosodyctl.check: Remove now redundant unbound config tweakKim Alvefur2022-05-261-4/+0
| | | | | | | | | | | | | | This is now done in net.unbound itself Turning it back on in the config may still cause the problem of entries there masking the DNS values.
* | net.unbound: Adjust log level of error to error to errorKim Alvefur2022-05-161-1/+1
| | | | | | | | This error is an error, therefore it should be at the error level
* | net.unbound: Disable use of hosts file by default (fixes #1737)Kim Alvefur2022-05-161-0/+9
| | | | | | | | | | This mirrors the behaviour with net.dns and avoids the initialization issue in #1737
* | core.certmanager: Expand debug messages about cert lookups in indexKim Alvefur2022-05-161-2/+2
| | | | | | | | | | | | Answers my recurring question of > Using cert "certs/example.com.crt" from index ... for what?
* | mod_admin_shell: Tighten up type checks to fix #1754 (thanks clouded)Kim Alvefur2022-05-151-2/+2
| | | | | | | | | | | | Due to the dummy statistics provider (see core.statsmanager line 250) having a metatable that allows infinite indexing where everything is always the same table, which end up in suf() in the concatenation line.
* | util.jsonschema: Lua <5.3 compat here tooKim Alvefur2022-05-091-1/+4
| |
* | util.jsonpointer: Fix Lua <5.3 compatKim Alvefur2022-05-091-1/+5
| |
* | util.jsonpointer: Fix off-by-one in array resolutionKim Alvefur2022-05-082-2/+2
| | | | | | | | | | | | Fixes #1753 Not known to be used anywhere
* | util.jsonpointer: Add basic testsKim Alvefur2022-05-081-0/+38
| | | | | | | | Example values from RFC 6901
* | mod_invites_adhoc: Fall back to generic allow_user_invites for role-less usersMatthew Wild2022-05-061-1/+5
| | | | | | | | Fixes #1752
* | mod_cron: Fix recording last task run time #1751Kim Alvefur2022-05-052-0/+2
| | | | | | | | | | | | | | The type checks, they do nothing! Observed: Tasks that were supposed to run weekly or daily were running each hour.
* | util.prosodyctl.check: turn: Report lack of TURN services as a problem #1749Kim Alvefur2022-05-031-0/+1
| | | | | | | | | | Rationale: It seems unlikely that someone who has not configured any TURN service runs 'prosodyctl check turn' expecting this to be okay.
* | core.moduleapi: Fix 'global' property via :context() - #1748Kim Alvefur2022-04-271-1/+1
| | | | | | | | | | | | | | | | | | | | The 'global' property should reflect whether the module API instance represents the global context or a VirtualHost or Component context. However the module:context() method did not override this, leading the property of the previous module shining trough, leading to bugs in code relying on the 'global' property. See also #1736
* | util.argparse: Revise 553c6204fe5b with a different approachMatthew Wild2022-04-252-3/+6
| | | | | | | | | | | | The second return value is (not insensibly) assumed to be an error. Instead of returning a value there in the success case, copy the positional arguments into the existing opts table.
* | util.argparse: Return final 'arg' table with positional arguments for ↵Matthew Wild2022-04-251-2/+2
| | | | | | | | | | | | | | | | convenience This is the same as the input table (which is mutated during processing), but if that table was created on the fly, such as by packing `...` it's convenient if it also gets returned from the parse function.