aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* util.sasl.digest-md5: Remove, obsolete since 2011Kim Alvefur2020-04-144-254/+1
| | | | | | | RFC 6331 lists several problems with this outdated authentication mechanism. The code here was also completely ignored by lint checks and has probably not been used for a long time, as it is incompatible with SCRAM-hashed password storage.
* Merge 0.11->trunkKim Alvefur2020-04-130-0/+0
|\
| * core.certmanager: Move EECDH ciphers before EDH in default cipherstring ↵Kim Alvefur2019-08-251-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (fixes #1513) Backport of 94e341dee51c The original intent of having kEDH before kEECDH was that if a `dhparam` file was specified, this would be interpreted as a preference by the admin for old and well-tested Diffie-Hellman key agreement over newer elliptic curve ones. Otherwise the faster elliptic curve ciphersuites would be preferred. This didn't really work as intended since this affects the ClientHello on outgoing s2s connections, leading to some servers using poorly configured kEDH. With Debian shipping OpenSSL settings that enforce a higher security level, this caused interoperability problems with servers that use DH params smaller than 2048 bits. E.g. jabber.org at the time of this writing has 1024 bit DH params. MattJ says > Curves have won, and OpenSSL is less weird about them now
| * util.prosodyctl: Tell prosody do daemonize via command line flag (fixes #1514)Kim Alvefur2020-01-261-2/+2
| | | | | | | | Backport of 88be11e9f9b9
* | net.http.server: Use error code from util.error (fixes #1502)Kim Alvefur2020-04-121-0/+1
| | | | | | | | Oversight in 955e54e451dc when this was added.
* | mod_scansion_record: Indent stanzas in recordingsKim Alvefur2020-04-121-2/+1
| | | | | | | | Improves readability, easier to see structure.
* | util.stanza: Add method returning stanza with added indentationKim Alvefur2020-04-122-0/+38
| | | | | | | | | | Adds indentation and line breaks to stanzas, to make stanzas easier to read for humans.
* | mod_component: Specify an error source for Component unavailable errorsKim Alvefur2020-04-111-1/+1
| | | | | | | | | | | | | | | | It is somewhat ambiguous where an error really comes from in the case of an external component. Setting by to the bare host at least distinguishes it from JIDs with a node- or resourcepart.
* | spec: Include a hacky moduleapi stub to allow test to proceedKim Alvefur2020-04-111-5/+17
| |
* | MUC: Switch hats to new presence APIsMatthew Wild2020-04-111-3/+4
| |
* | MUC: Add API for adding 'filtered namespaces' to be stripped from inbound ↵Matthew Wild2020-04-111-7/+11
| | | | | | | | presence
* | MUC: Add new event 'muc-build-occupant-presence' for plugins to extend ↵Matthew Wild2020-04-111-0/+2
| | | | | | | | occupant presence
* | spec: Add test cases for util.http.contains_tokenEmmanuel Gil Peyrot2020-04-101-0/+19
| |
* | Merge 0.11->trunkKim Alvefur2020-04-101-6/+8
|\|
| * core.certmanager: Look for privkey.pem to go with fullchain.pem (fix #1526)Kim Alvefur2020-04-101-6/+8
| | | | | | | | | | | | | | This makes `prosodyctl cert import example.com /path/to/example.com/fullchain.pem` work. This was never intended to, yet users commonly tried this and got problems.
* | Merge 0.11->trunkKim Alvefur2020-04-031-2/+2
|\|
| * mod_vcard4: Report correct error condition (fixes #1521)Kim Alvefur2020-04-031-2/+2
| | | | | | | | On error, the second return value is the error condition, not the third.
* | moduleapi: Rename argument to silence luacheckKim Alvefur2020-04-011-2/+2
| |
* | moduleapi: Fix handling of replies to :send_iq from internal modulesKim Alvefur2020-03-221-1/+10
| | | | | | | | | | Unclear exactly why, but replies to some queries to local modules would be discarded by stanza_router. This appears to fix it.
* | Merge 0.11->trunkKim Alvefur2020-03-290-0/+0
|\|
| * mod_register_ibr: Add FORM_TYPE as required by XEP-0077 (fixes #1511)Emmanuel Gil Peyrot2019-09-291-0/+2
| | | | | | | | Backport of f90abf142d53 from trunk
* | doap: Add UTR-39 (mod_mimicking)Kim Alvefur2020-03-291-0/+1
| | | | | | | | | | | | | | Supported in ICU, with a binding in util.encodings. mod_mimicking uses this to prevent similarity looking JIDs from being registered. Planned to be used in MUC as well.
* | Merge 0.11->trunkKim Alvefur2020-03-222-5/+9
|\|
| * mod_storage_sql: Add index covering sort_id to improve performance (fixes #1505)Kim Alvefur2020-03-221-0/+1
| |
| * mod_admin_telnet: Handle unavailable cipher info (fixes #1510)Kim Alvefur2020-03-221-5/+8
| | | | | | | | | | | | | | | | The LuaSec :info() method gathers info using the OpenSSL function SSL_get_current_cipher(). Documentation for this function states that it may return NULL if no session has been established (yet). If so, the LuaSec functions wrapping this return nil, triggering a nil-indexing error in mod_admin_telnet.
* | MUC: Add ad-hoc command setting affiliation in a room (fixes #1174)Kim Alvefur2020-03-211-0/+43
| | | | | | | | | | | | | | | | | | | | This gives service admins a way to set an arbitrary affiliation in any room. Enables various administrative use cases such as room ownership reassignment or recovery. Reduces the need for the admins-as-owners feature, as this can be used by admins to make themselves owner in any room when needed, instead of being owners all the time.
* | MUC: Add test for destroying a room by ad-hoc commandKim Alvefur2020-03-201-0/+67
| | | | | | | | | | Testing ad-hoc commands was not easily doable before 49312378ba1d relaxed the need for state and an extra roundtrip to execute commands
* | doap: Add XEP-0317: HatsKim Alvefur2020-03-191-0/+9
| | | | | | | | See 76bb806cdd4b
* | usermanager: Fix traceback when checking admin status of host-only JIDs ↵Matthew Wild2020-03-191-1/+1
| | | | | | | | (fixes #1508)
* | mod_presence: Advertise support for Subscription Pre-ApprovalKim Alvefur2020-03-191-0/+8
| | | | | | | | | | | | | | | | RFC 6121 §3.4 says: > If a server supports subscription pre-approvals, then it MUST > advertise the following stream feature during stream negotiation. The feature itself (#686) was added in f0e9e5bda415
* | MUC: Add initial hats support (broadcast only)Matthew Wild2020-03-182-0/+24
| | | | | | | | | | | | | | | | Based on the currently-deferred XEP-0317. The protocol differs a little (because XEP-0317 is incomplete), therefore currently we use a custom namespace. The plan is to update and finish XEP-0317.
* | README: Update link to web chatKim Alvefur2020-03-151-1/+1
| | | | | | | | At some point the web chat moved to /chat and then to this subdomain
* | Merge 0.11->trunkMatthew Wild2020-03-120-0/+0
|\|
| * MUC: Persist affiliation_data in new MUC format!Matthew Wild2020-03-121-0/+1
| |
* | MUC: Persist affiliation_data in new MUC format!Matthew Wild2020-03-121-0/+1
| |
* | MUC: Switch to new storage format by defaultMatthew Wild2020-03-121-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | Changing the default setting of `new_muc_storage_format` from false to true. The code supports reading both formats since 0.11, but servers with MUCs stored using the new format will not be able to downgrade to 0.10 or earlier. The new format is clearer (less nesting for the most commonly-accessed data), and combined with the new map-store methods, allows for some operations to become more efficient (such as finding out which MUCs on a service a given user is affiliated with).
* | MUC: Support for broadcasting unavailable presence for affiliated offline usersMatthew Wild2020-03-123-3/+568
| | | | | | | | Activated when muc#roomconfig_presencebroadcast includes the "none" role.
* | MUC: Pass previous role to :publicise_occupant_status() when destroying a MUCMatthew Wild2020-03-121-3/+4
| |
* | MUC: Don't unconditionally broadcast presence with role="none"Matthew Wild2020-03-121-4/+0
| | | | | | | | | | | | Detailed explanation in de607875d4bd. A presence with role="none" (which is always type="unavailable") should only be broadcast if available presence was previously broadcast for that occupant.
* | MUC: Pass previous role to :publicise_occupant_status() whenever possibleMatthew Wild2020-03-121-4/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently there is what amounts to a hack in presence_broadcast.lib.lua to make it always broadcast presence with roles of "none". This is to ensure that if you previously saw available presence for someone, you will also see the unavailable presence (which always has role="none"). The correct approach is to take into account what the previous role was ( i.e. answer the question: "Was the available presence for this occupant a role for which presence broadcast is enabled?). The logic is already in place to do this correctly, but most call sites do not provide the previous role (prev_role argument) of the occupant, which causes it to not be used. In its place the hack to always broadcast presence of role="none" has allowed things to continue to work. The intention is that a subsequent commit will remove the unconditional broadcast of role="none".
* | Merge 0.11->trunkKim Alvefur2020-03-112-2/+10
|\|
| * mod_mam,mod_muc_mam: Allow other work to be performed during archive cleanup ↵Kim Alvefur2020-03-112-2/+10
| | | | | | | | | | | | | | | | | | | | | | (fixes #1504) This lets Prosody handle socket related work between each step in the cleanup in order to prevent the server from being completely blocked during this. An async storage backend would not need this but those are currently rare.
| * net.server_epoll: Fix indentationKim Alvefur2020-03-111-3/+3
| | | | | | | | | | | | Some lines seem to have gotten the wrong indentation, possibly caused by Meld which often ignores lines with only whitespace changes and leaves their previous indentation.
* | storagemanager, mod_storage_sql: Rename methods to :get_all() and :delete_all()Matthew Wild2020-03-113-20/+20
| |
* | storagemanager: Add support for :find_key() and :delete_key() to map store shimMatthew Wild2020-03-112-7/+37
| |
* | storagemanager: Fix unused variable in tests [luacheck]Matthew Wild2020-03-111-1/+2
| |
* | mod_storage_sql: Add map_store:find_key() and map_store:delete_key() (+ tests)Matthew Wild2020-03-112-2/+116
| |
* | storagemanager: Add tests for map storesMatthew Wild2020-03-111-0/+38
| |
* | mod_tokenauth: Track creation time of tokensMatthew Wild2020-02-281-0/+1
| |
* | mod_tokenauth: Handle tokens issued to bare hosts (eg components)Kim Alvefur2020-02-281-1/+1
| |