aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* usermanager, mod_saslauth: Default to internal_hashed if no auth module ↵Matthew Wild2022-02-103-2/+3
| | | | | | | | | | specified The default config was updated in this way long ago, but if no option was present in the config, Prosody would load internal_plain. This change can result in changes (for the better) for people using very old configuration files lacking an 'authentication' setting.
* prosody.cfg.lua.dist: Remove require_encryption optionsMatthew Wild2022-02-141-10/+0
| | | | | | | | | Reasons: - These now default to enabled when not specified since 38b5b05407be - Practically all servers require encryption these days for c2s/s2s. - Disabling encryption can be considered a special case that doesn't need to be in the default config file.
* core.certmanager: Turn soft dependency on LuaSec into a hardKim Alvefur2022-02-102-14/+4
| | | | | | The default network backend server_epoll already requires LuaSec so Prosody won't even start without it, so we can get rid of these lines here too.
* various: Require encryption by default for realKim Alvefur2021-12-256-6/+7
| | | | | | | | | These options have been specified (and enabled) in the default config file for a long time. However if unspecified in the config, they were not enabled. Now they are. This may result in a change of behaviour for people using very old config files that lack the require_encryption options. But that's what we want.
* mod_invites_register: Default to require encryptionMatthew Wild2022-02-101-1/+1
| | | | In line with the Prosody-wide default change for 0.12.
* mod_legacyauth: Default to require encryptionMatthew Wild2022-02-101-1/+1
|
* prosody.cfg.lua.dist: Remove mod_http_filesKim Alvefur2022-02-101-1/+0
| | | | | | | Serving web pages outside of specialized modules seems like a rare use case that doesn't warrant a spot in the default config file. Many users seem to have it confused with mod_http_upload, so removing it should help with that.
* prosody.cfg.lua.dist: Move Dialback downKim Alvefur2022-02-101-1/+1
| | | | Mostly a source of security issues lately
* prosody.cfg.lua.dist: Remove https_certificate, this should Just Work nowKim Alvefur2022-02-051-3/+0
|
* prosody.cfg.lua.dist: Remove mention of deprecated daemonize optionKim Alvefur2022-02-051-1/+1
| | | | Just run ./prosody like me!
* prosody.cfg.lua.dist: Remove installer_plugin_pathKim Alvefur2022-02-051-4/+0
| | | | | Most users shouldn't need to add this, and it works out of the box. Not important enough to justify having it in the default config.
* prosody.cfg.lua.dist: Add new modulesKim Alvefur2022-02-101-0/+14
| | | | | | | | | | | | | | mod_admin_shell enabled by default because it's awesome! mod_smacks and mod_bookmarks under recommended since they're recommended by the compliance suite XEP-0459 Invites under nice to have and enabled by default to enable a somewhat nice out of the box experience Other new modules mostly under Other mod_external_services left out since it's an advanced thing
* prosody.cfg.lua.dist: Add note about 'localhost'Kim Alvefur2021-02-041-0/+3
|
* mod_admin_shell: Use a table to show help sectionsKim Alvefur2022-02-201-17/+19
| | | | Because tables make everything better and more readable!
* CHANGES: Mention graceful shutdownKim Alvefur2022-02-181-0/+3
|
* mod_c2s: Ignore unused event payload [luacheck]Kim Alvefur2022-02-181-1/+1
|
* mod_c2s,mod_s2s: Wait for sessions to close before proceeding with shutdown ↵Kim Alvefur2022-02-172-2/+32
| | | | | | | | | | steps Ensures unavailable presence and other outgoing stanzas are sent. Waiting for c2s sessions to close first before proceeding to disable and close s2s ensures that unavailable presence can go out, even if it requires dialback to complete first.
* mod_c2s: Close ports in a separate, earlier event from closing sessionsKim Alvefur2022-02-181-0/+2
| | | | | Lets other things step in and do things while c2s ports are closed, e.g. mod_smacks, or other modules with port handlers that forward to c2s.
* mod_s2s: Disable creation of new outgoing connections during shutdownKim Alvefur2022-02-111-0/+7
|
* mod_c2s,mod_s2s: Disable and close port listeners before closing sessionsKim Alvefur2022-02-113-0/+15
| | | | This ensures no new clients can start connecting during shutdown
* mod_posix: Run signal handlers in the startup threadKim Alvefur2021-10-061-7/+13
|
* prosody: Expose main thread on the 'prosody' globalKim Alvefur2021-10-062-0/+5
| | | | To allow running things in it.
* prosody: Run shutdown procedure in async threadKim Alvefur2019-01-011-1/+1
|
* prosody: Move last cleanup and shutdown code into util.startupKim Alvefur2019-01-012-13/+17
|
* mod_admin_shell: Squeeze some characters out of the Certificate columnKim Alvefur2022-02-171-2/+2
| | | | The more compact these are, the better
* prosodyctl: Restore 'list --outdated'Kim Alvefur2022-02-171-0/+4
| | | | | Parsing --flags puts it into 'opts', so --outdated wasn't passed to luarocks, breaking that functionality
* mod_admin_shell: Fix description of muc:room() (thanks Link Mauve)Kim Alvefur2022-02-151-1/+1
| | | | | But then this is the internal API which is weird and unfriendly to expose externally. Lots of methods to wrap tho ... one day.
* mod_turn_external: Fix type of config option (thanks mirux)Kim Alvefur2022-02-151-1/+1
| | | | | | There was a separate boolean option to enable TLS before, but it was merged with the port number option and it seems the typed API interface got confused.
* util.dns: Remove compat for pre-0.11 lack of inet_ntop bindingKim Alvefur2022-02-151-32/+3
| | | | The inet_ntop binding was added in 8b612ec00e4a and included in 0.11.0
* util.dns: Replace base16 implementation with util.hexKim Alvefur2022-02-151-10/+1
| | | | Less code!
* core.certmanager: Relax certificate filename check #1713Kim Alvefur2022-02-141-8/+2
| | | | | After a survey of ACME clients it seems *.crt and *fullchain* should work for the majority. The rest get to manually copy their files.
* util.dependencies: Refer to 'apt' instead of 'apt-get'Kim Alvefur2022-02-132-7/+7
| | | | | The more modern and user friendly frontend, should be in every supported version of Debian and Ubuntu by now
* mod_invites_register: Load mod_register_ibr in invite only modeKim Alvefur2022-02-101-0/+4
| | | | | This ensures that registration actually works even if allow_registration is not enabled.
* mod_invites_register: Replace COMPAT hackKim Alvefur2022-02-101-1/+1
| | | | | This hack is not needed since a9c975a0f113 so can be removed when included with Prosody.
* mod_turn_external: Add option to enable TURN over TLSKim Alvefur2022-02-101-2/+6
| | | | | | Usually on port 443 to avoid restrictive firewalls. Thanks to Holger for discussion
* mod_turn_external: Simplify configurationKim Alvefur2022-02-101-2/+9
| | | | | Much harder to get boolean options wrong than accidentally adding something unrecognised to a Set.
* mod_admin_shell: Track connected events instead of createdKim Alvefur2022-02-061-3/+3
| | | | | | | | The connection events are more appropriate here, where the s2s-created events happens a bit later or earlier in a sessions lifetime depending on its direction and for outgoing connections isn't actually the creation time (which happens immediately after pressing enter, so not very interesting), but rather closer to the connection time.
* mod_s2s: Add new early s2s-connected eventsKim Alvefur2022-02-061-0/+3
| | | | | Allows doing things based on connections rather than sessions, which may have been created before or after.
* doap: Reference some JSON RFCsKim Alvefur2022-02-051-0/+2
| | | | | RFC 4627 JSON - util.json RFC 6901 JSON Pointer - util.jsonpointer
* doap: Reference RFC 6331 which deprecated SASL DIGEST-MD5Kim Alvefur2022-02-051-0/+1
|
* prosody.cfg.lua.dist: Link to website (thanks eta)Kim Alvefur2021-07-171-0/+2
|
* prosody.cfg.lua.dist: Warn about adding settings at the end of the fileKim Alvefur2021-07-171-0/+9
| | | | It is very often a confusing mistake that leads to support questions
* core.modulemanager: Save module metadata for potential later useKim Alvefur2022-02-051-1/+2
| | | | Makes it reachable from the shell if nothing else
* util.startup: Enable DANE in http client library with use_daneKim Alvefur2022-02-051-0/+1
|
* net.http: Allow using DANE via options or per request settingsKim Alvefur2022-02-051-1/+5
| | | | Dare to enable by default?
* mod_smacks: Tweak resumption age buckets towards multiples of 60Kim Alvefur2022-02-041-1/+1
| | | | | This seems like the thing to do for time, which is usually divided into divisors divisible by 60, or multiplied by multiples of 60
* tools: Allow processing instructions in some XML parsing toolsKim Alvefur2022-02-042-2/+2
| | | | IANA registry files have XSLT references, which are harmless to ignore.
* util.xml: Add an option to allow <?processing instructions?>Kim Alvefur2022-02-042-1/+11
| | | | | These should generally be safe to just ignore, which should be the default behavior of Expat and LuaExpat
* mod_http: Use interface name as default default global hostnameKim Alvefur2022-02-041-1/+1
| | | | | | | http://[::]:5280/ is as sensible as http://*:5280/ so why not This might be a bit weird when listening no multiple interfaces but not sure we can really do anything sensible then anyway.
* mod_http: Use http_default_host for URLs generated in global contextKim Alvefur2022-02-041-1/+2
| | | | | This might make the global routes less confusing sometimes, or at least valid URLs instead of http://*:5280/ which doesn't make much sense.