Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | mod_csi_simple: convert to use new metric interface for flush reasons | Jonas Schäfer | 2021-05-20 | 1 | -10/+7 |
| | |||||
* | prosody.cfg.lua.dist: Fix indentation to use tabs like the rest of the file | Emmanuel Gil Peyrot | 2021-05-19 | 1 | -6/+6 |
| | |||||
* | prosody: Close the state on exit (ie garbage-collect everything) | Kim Alvefur | 2021-05-18 | 1 | -1/+1 |
| | | | | | | | | | | This ensures __gc is called on everything that may need it, such as database connections. It was reported in the chat by Happy that SQLite3 does not close its state cleanly in WAL mode, leaving the WAL file behind. This is probably rather a bug in mod_storage_sql, but forcing a final GC sweep should also help with such things everywhere. | ||||
* | tools/cfgdump: Serialize individual (table) settings in stable order too | Kim Alvefur | 2021-05-17 | 1 | -2/+9 |
| | |||||
* | tools/cfgdump: Iterate in sort order to give stable output | Kim Alvefur | 2021-05-17 | 1 | -5/+6 |
| | | | | | Should allow using this tool for comparing configs without hash table order messing things up. | ||||
* | mod_http_file_share: Handle out of bounds Range request | Kim Alvefur | 2021-05-17 | 1 | -3/+8 |
| | | | | | | | Turns out you can seek past the end of the file without getting an error. Also rejects empty range instead of sending the whole file. | ||||
* | Merge 0.11->trunk | Kim Alvefur | 2021-05-16 | 2 | -12/+4 |
|\ | |||||
| * | mod_pep: Remove obsolete node restoration code (now done by util.pubsub) | Kim Alvefur | 2021-05-16 | 1 | -12/+0 |
| | | | | | | | | | | | | | | | | | | | | | | | | Originally added in 202b9951b037 but util.pubsub gained a better method in 6c2c2fc4b8dd since then, which mod_pep uses since 9194431b6447 which should have deleted this. All these :create calls would have failed with a 'conflict' error, since the nodes had already been created. This was never noticed because of missing error handling. Also note that this code did not restore node configuration. | ||||
| * | util.pubsub: Fix traceback if node data not initialized | Kim Alvefur | 2021-05-16 | 1 | -0/+4 |
| | | | | | | | | | | This should not be possible, but a traceback indicating node_data being nil here was reported by Ron in the chat. | ||||
* | | mod_http_file_share: Support download resumption via Range requests | Kim Alvefur | 2021-05-16 | 2 | -0/+21 |
| | | | | | | | | | | | | | | | | Only a starting point is supported due to the way response:send_file() sends everything it gets from the provided file handle but does not have any way to specify how much to read. This matches what Conversations appears to be doing. | ||||
* | | prosodyctl: Report OpenSSL version | Kim Alvefur | 2021-05-12 | 1 | -0/+4 |
| | | |||||
* | | util.hashes: Expose OpenSSL version | Kim Alvefur | 2021-05-12 | 1 | -0/+4 |
| | | |||||
* | | util.jwt: Use constant-time comparison with expected signature | Matthew Wild | 2021-05-13 | 1 | -1/+2 |
| | | |||||
* | | Merge 0.11->trunk | Matthew Wild | 2021-05-13 | 19 | -54/+111 |
|\| | |||||
| * | Added tag 0.11.9 for changeset d0e9ffccdef9 | Matthew Wild | 2021-05-12 | 0 | -0/+0 |
| | | |||||
| * | mod_dialback: Remove d-w-d feature0.11.9 | Kim Alvefur | 2021-05-12 | 2 | -23/+1 |
| | | | | | | | | | | | | | | Backs out 1d0862814bfc and 2fdd71b08126 Largely unused, undocumented and did not have enough tests to provide confidence in its correct operation. | ||||
| * | mod_dialback: Use correct host for certificate check (fixes #1381) | Kim Alvefur | 2019-06-23 | 1 | -2/+1 |
| | | |||||
| * | mod_dialback: Use constant-time comparison with hmac | Matthew Wild | 2021-05-12 | 1 | -1/+2 |
| | | |||||
| * | mod_proxy65: Restrict access to local c2s connections by default | Matthew Wild | 2021-05-12 | 1 | -4/+12 |
| | | | | | | | | | | Previously no 'proxy65_acl' option would allow unrestricted access by local or remote JIDs. | ||||
| * | mod_limits: Use default limits if none configured | Matthew Wild | 2021-05-11 | 1 | -1/+10 |
| | | |||||
| * | prosody.cfg.lua.dist: Enable rate limits by default | Matthew Wild | 2021-05-11 | 1 | -1/+12 |
| | | |||||
| * | prosodyctl about: Report libexpat version if known | Matthew Wild | 2021-05-11 | 1 | -1/+5 |
| | | |||||
| * | certmanager: Disable renegotiation by default | Matthew Wild | 2021-05-11 | 1 | -0/+2 |
| | | | | | | | | This requires LuaSec 0.7+ and OpenSSL 1.1.1+ | ||||
| * | mod_limits: Don't emit error when no burst period is configured | Matthew Wild | 2021-05-11 | 1 | -1/+1 |
| | | |||||
| * | core.certmanager: Test for SSL options in absence of LuaSec config | Kim Alvefur | 2021-04-26 | 1 | -5/+9 |
| | | |||||
| * | core.certmanager: Attempt to directly access LuaSec config table | Kim Alvefur | 2021-04-26 | 1 | -1/+1 |
| | | | | | | | | | | Due to a bug this field was not properly exported before See https://github.com/brunoos/luasec/issues/149 | ||||
| * | util.xmppstream: Allow dynamically configuring the stanza size limit for a ↵ | Matthew Wild | 2021-05-10 | 1 | -0/+3 |
| | | | | | | | | | | | | | | stream This may be useful for any plugins that want to experiment with different policies for stanza size limits (e.g. unauthenticated vs authenticated streams). | ||||
| * | util.xmppstream: Mark bytes for stream closure as handled | Matthew Wild | 2021-05-10 | 1 | -0/+3 |
| | | |||||
| * | MUC: Add support for advertising muc#roomconfig_allowinvites in room disco#info | Matthew Wild | 2021-05-10 | 1 | -2/+10 |
| | | | | | | | | | | | | | | | | | | | | | | | | The de-facto interpretation of this (undocumented) option is to indicate to the client whether it is allowed to invite other users to the MUC. This is differs from the existing option in our config form, which only controls the behaviour of sending of invites in a members-only MUC (we always allow invites in open rooms). Conversations is one client known to use this disco#info item to determine whether it may send invites. | ||||
| * | mod_auth_internal_{plain,hashed}: Use constant-time string comparison for ↵ | Matthew Wild | 2021-05-10 | 2 | -3/+5 |
| | | | | | | | | secrets | ||||
| * | util.xmppstream: Reduce default xmppstream limit to 1MB | Matthew Wild | 2021-05-10 | 1 | -1/+1 |
| | | |||||
| * | util.set: Add is_set() to test if an object is a set | Matthew Wild | 2021-05-10 | 1 | -2/+8 |
| | | |||||
| * | util.hashes: Add constant-time string comparison (binding to CRYPTO_memcmp) | Matthew Wild | 2021-05-10 | 1 | -0/+14 |
| | | |||||
| * | mod_c2s, mod_s2s, mod_component, mod_bosh, mod_websockets: Set default ↵ | Matthew Wild | 2021-05-07 | 5 | -5/+7 |
| | | | | | | | | | | | | | | | | | | | | | | | | stanza size limits c2s/bosh/ws streams will default to 256KB, s2s and components to 512KB. These values are aligned with ejabberd's default settings, which should reduce issues related to inconsistent size limits between servers on the XMPP network. The previous default (10MB) is excessive for any production server, and allows significant memory usage by even unauthenticated sessions. | ||||
| * | util.startup: Set more aggressive defaults for GC | Matthew Wild | 2021-05-07 | 1 | -1/+7 |
| | | | | | | | | | | | | | | | | | | Testing has demonstrated that the default GC parameters are not sufficient to prevent runaway memory growth when running under Lua 5.2 and Lua 5.3. Setting the GC speed to 500 was tested on Lua versions 5.1->5.4 and did not display unbounded memory growth. | ||||
| * | prosodyctl: check config: Add 'gc' to list of global options | Matthew Wild | 2021-04-30 | 1 | -1/+1 |
| | | |||||
* | | core.certmanager: Catch error from lfs | Kim Alvefur | 2021-05-07 | 1 | -1/+11 |
| | | | | | | | | | | | | | | lfs.dir() throws a hard error if there's a problem, e.g. no such directory or permission issues. This also gets called early enough that the main loop error protection hasn't been brought up yet, causing a proper crash. | ||||
* | | core.certmanager: Resolve certs path relative to config dir | Kim Alvefur | 2021-05-07 | 1 | -3/+3 |
| | | | | | | | | | | | | | | | | | | Otherwise the default "certs" would be relative to $PWD, which works when testing from a source checkout, but not on installed systems where it usually points to the data directory. Also, the LuaFileSystem dir() iterator throws a hard error, which may cause a crash or other problems. | ||||
* | | core.portmanager: Use existing http_host for https SNI mapping | Kim Alvefur | 2021-05-05 | 1 | -0/+4 |
| | | |||||
* | | core.portmanager: Allow overriding expected SNI name per service | Kim Alvefur | 2021-05-05 | 1 | -2/+3 |
| | | | | | | | | | | | | | | E.g. VirtualHost"example.com" https_name = "xmpp.example.com" | ||||
* | | core.certmanager: Skip directly to guessing of key from cert filename | Kim Alvefur | 2021-05-05 | 1 | -2/+17 |
| | | | | | | | | Cuts down on a ton of debug logs | ||||
* | | core.certmanager: Join paths with OS-aware util.paths function | Kim Alvefur | 2021-05-05 | 1 | -2/+3 |
| | | | | | | | | Right thing to do, rather than hardcoding '/' | ||||
* | | core.certmanager: Build an index over certificates | Kim Alvefur | 2021-04-10 | 1 | -0/+79 |
| | | |||||
* | | core.certmanager: Check for complete filename | Kim Alvefur | 2021-04-10 | 1 | -1/+1 |
| | | | | | | | | Prevents a false positive match on files with fullchain.pem as suffix | ||||
* | | mod_tls: Fix order of debug messages and tls context creation | Kim Alvefur | 2021-05-05 | 1 | -2/+2 |
| | | | | | | | | | | Originally added in 5b048ccd106f Merged wrong in ca01c449357f | ||||
* | | configure: Make ICU the default library for IDNA and JID normalization | Kim Alvefur | 2020-07-12 | 1 | -3/+3 |
| | | | | | | | | See #533 | ||||
* | | net.http.server: Split out method for sending only the header | Kim Alvefur | 2021-04-24 | 1 | -2/+7 |
| | | | | | | | | | | Makes it easier to reuse, e.g. for SSE or websockets or other custom responses. | ||||
* | | s2s et al.: Add counters for connection state transitions | Jonas Schäfer | 2021-04-21 | 3 | -11/+50 |
| | | |||||
* | | mod_s2s: Port to new OpenMetrics API | Jonas Schäfer | 2021-04-18 | 1 | -10/+26 |
| | | |||||
* | | mod_c2s: Port to new OpenMetrics API | Jonas Schäfer | 2021-04-18 | 1 | -10/+16 |
| | |