Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | doap: Add some XEP versions | Kim Alvefur | 2019-09-28 | 1 | -0/+6 |
| | |||||
* | MUC: Fix XML syntax error in test | Kim Alvefur | 2019-09-21 | 1 | -0/+1 |
| | | | | How did this even happen? | ||||
* | MUC: Update test for vcard-temp changes | Kim Alvefur | 2019-09-21 | 1 | -4/+11 |
| | | | | | | Should this XEP-0398 behavior even be covered here? The original lines came from a recording. | ||||
* | Merge 0.11->trunk | Kim Alvefur | 2019-09-21 | 2 | -15/+25 |
|\ | |||||
| * | mod_vcard_legacy: Don't owerwrite empty photo elements (fixes #1432) | Kim Alvefur | 2019-09-21 | 1 | -3/+9 |
| | | |||||
| * | mod_vcard_legacy: Advertise lack of avatar correctly (fixes #1431) (thanks ↵ | Kim Alvefur | 2019-09-21 | 1 | -2/+2 |
| | | | | | | | | lovetox) | ||||
| * | prosodyctl: Fix traceback on incorrect proxy65_address type | Matthew Wild | 2019-09-11 | 1 | -11/+15 |
| | | |||||
| * | Added tag 0.11.3 for changeset dd7e924c74ef | Matthew Wild | 2019-09-05 | 0 | -0/+0 |
| | | |||||
* | | doap: Remove stray '(' | Kim Alvefur | 2019-09-19 | 1 | -1/+1 |
| | | |||||
* | | doap: Add details about most recent XEPs numbered over 300 | Kim Alvefur | 2019-09-19 | 1 | -1/+11 |
| | | |||||
* | | doap: Add details to XEPs numbered under 100 | Kim Alvefur | 2019-09-19 | 1 | -0/+24 |
| | | |||||
* | | doap: Fix namespace of <until> | Kim Alvefur | 2019-09-19 | 1 | -3/+3 |
| | | |||||
* | | doap: Update to newer format | Kim Alvefur | 2019-09-19 | 1 | -379/+375 |
| | | |||||
* | | util.encodings: Spell out all IDNA 2008 options ICU has | Kim Alvefur | 2019-09-11 | 1 | -1/+24 |
| | | |||||
* | | util.encodings: Switch ICU binding to IDNA2008 (fixes #533, #1301) | Kim Alvefur | 2019-09-11 | 1 | -4/+9 |
| | | |||||
* | | Prepare required data folder for integration tests | Maxime ?pep? Buquet | 2019-09-12 | 1 | -0/+1 |
| | | |||||
* | | util.x509: Return sets of services per identity | Kim Alvefur | 2019-09-10 | 1 | -7/+34 |
| | | |||||
* | | mod_http: Add support for configuring CORS Access-Control-Allow-Credentials | Matthew Wild | 2019-09-11 | 1 | -2/+6 |
| | | |||||
* | | util.x509: Only collect commonNames that pass idna | Kim Alvefur | 2019-09-10 | 1 | -1/+1 |
| | | | | | | | | | | Weeds out "Example Certificate" and the like, which are uninteresting for this function. | ||||
* | | util.x509: Nameprep commonName once | Kim Alvefur | 2019-09-10 | 1 | -2/+5 |
| | | |||||
* | | doap: Add XEP-0288 | Kim Alvefur | 2019-09-09 | 1 | -0/+6 |
| | | |||||
* | | doap: Add a Description Of A Project file | Kim Alvefur | 2019-08-27 | 1 | -0/+427 |
| | | |||||
* | | mod_admin_telnet: Identify native bidi sessions | Kim Alvefur | 2019-09-08 | 1 | -1/+3 |
| | | |||||
* | | CHANGES: Add XEP-0288 | Kim Alvefur | 2019-09-08 | 1 | -0/+1 |
| | | |||||
* | | mod_s2s_bidi: Enables bi-directional streams via XEP-0288 | Kim Alvefur | 2019-09-08 | 2 | -1/+39 |
| | | |||||
* | | mod_s2s: Remove warning about hostname mismatch | Kim Alvefur | 2019-09-07 | 1 | -5/+0 |
| | | | | | | | | | | | | It triggers on bidi-related routing where this to/from is flipped. Removing since I don't think we have ever seen this potential bug. | ||||
* | | mod_s2s: Insert s2sin into outgoing routing table when bidirectional | Kim Alvefur | 2019-09-07 | 1 | -0/+4 |
| | | |||||
* | | mod_s2s: Add function to send replies on s2sout connections that support ↵ | Kim Alvefur | 2019-09-07 | 1 | -0/+7 |
| | | | | | | | | incoming traffic | ||||
* | | mod_s2s: Handle authentication of s2sin and s2sout the same way | Kim Alvefur | 2019-09-07 | 1 | -7/+5 |
| | | |||||
* | | core.stanza_router: Handle s2s in more direction-agnostic way | Kim Alvefur | 2019-09-07 | 1 | -2/+2 |
| | | |||||
* | | core.s2smanager: Add map of names authenticate for remote on s2sout for ↵ | Kim Alvefur | 2019-09-07 | 1 | -0/+1 |
| | | | | | | | | | | | | parity with s2sin Making s2sin and -out look more alike in preparation for bidi support | ||||
* | | core.s2smanager: Add [direction] boolean flags to s2s connections | Kim Alvefur | 2019-09-07 | 1 | -0/+2 |
| | | | | | | | | This will allow representing connections that go both directions | ||||
* | | mod_offline: Add some debug logging to reduce confusion | Kim Alvefur | 2019-09-08 | 1 | -1/+5 |
| | | | | | | | | Where did these messages come from??? | ||||
* | | util.bitops: Library to find appropriate bitwise library (closes #1395) | Kim Alvefur | 2019-07-22 | 3 | -2/+40 |
| | | |||||
* | | mod_s2s: Remove obsolete cleanup code | Kim Alvefur | 2019-09-07 | 1 | -7/+0 |
| | | | | | | | | These were added by s2sout.lib | ||||
* | | mod_admin_telnet: Identify bidi-capable s2sout sessions (fixes #1403) | Kim Alvefur | 2019-09-07 | 1 | -1/+1 |
| | | |||||
* | | tests: Disable TLS in scansion tests | Kim Alvefur | 2019-09-07 | 1 | -1/+1 |
| | | | | | | | | | | | | They were not using TLS before. With a36af4570b39 TLS context creation will succeed even without a certificate, so TLS will be offered, but since there is no certificate it does not work. | ||||
* | | core.certmanager: Lower severity for tls config not having cert | Kim Alvefur | 2019-09-07 | 1 | -2/+4 |
| | | | | | | | | | | | | | | This is needed for SNI where certificates are in separate per-hostname contexts, not the main one. If there is a cert, it will still require a corresponding key. | ||||
* | | net.http: Pass server name along for SNI (fixes #1408) | Kim Alvefur | 2019-09-01 | 1 | -1/+1 |
| | | | | | | | | net.resolver.basic passes this 'extra' field along to server.addclient | ||||
* | | net.server: Handle server name (SNI) as extra argument | Kim Alvefur | 2019-09-01 | 3 | -0/+10 |
| | | | | | | | | | | | | Code added in 75d2874502c3, 9a905888b96c and adc0672b700e uses this field. See #409 and #1408 | ||||
* | | net.server: Accept and save an 'extra' field for client connections | Kim Alvefur | 2019-09-01 | 3 | -15/+19 |
| | | | | | | | | | | This lets code attach some extra data to be attached to client connections. | ||||
* | | Merge 0.11->trunk | Kim Alvefur | 2019-08-31 | 1 | -2/+2 |
|\| | |||||
| * | MUC: Fix delay@from to be room JID (fixes #1416) | Kim Alvefur | 2019-08-31 | 1 | -2/+2 |
| | | |||||
* | | MUC: Fix delay tag @from in test to be the room JID (#1054 came back) | Kim Alvefur | 2019-08-31 | 1 | -2/+2 |
| | | |||||
* | | MUC: Add a test covering basic room creation, messages and destruction | Kim Alvefur | 2019-08-31 | 1 | -0/+242 |
| | | |||||
* | | net.server_epoll: Add support for opportunistic writes | Kim Alvefur | 2019-08-28 | 1 | -0/+8 |
| | | | | | | | | | | | | | | | | This tries to flush data to the underlying sockets when receiving writes. This should lead to fewer timer objects being around. On the other hand, this leads to more and smaller writes which may translate to more TCP/IP packets being sent, depending on how the kernel handles this. This trades throughput for lower latency. | ||||
* | | core.certmanager: Remove unused import [luacheck] | Kim Alvefur | 2019-08-25 | 1 | -1/+0 |
| | | |||||
* | | Remove COMPAT with temporary luasec fork | Kim Alvefur | 2019-08-25 | 4 | -14/+0 |
| | | | | | | | | | | The changes in the temporary fork were merged into mainline luasec ca 2013 and included in the 0.5 release in 2014. | ||||
* | | MUC: Simplify nickname refresh loop | Kim Alvefur | 2019-08-25 | 1 | -2/+1 |
| | | | | | | | | Affiliation data is passed as a loop variable so no need to retrieve it | ||||
* | | core.certmanager: Move EECDH ciphers before EDH in default cipherstring | Kim Alvefur | 2019-08-25 | 1 | -1/+1 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The original intent of having kEDH before kEECDH was that if a `dhparam` file was specified, this would be interpreted as a preference by the admin for old and well-tested Diffie-Hellman key agreement over newer elliptic curve ones. Otherwise the faster elliptic curve ciphersuites would be preferred. This didn't really work as intended since this affects the ClientHello on outgoing s2s connections, leading to some servers using poorly configured kEDH. With Debian shipping OpenSSL settings that enforce a higher security level, this caused interoperability problems with servers that use DH params smaller than 2048 bits. E.g. jabber.org at the time of this writing has 1024 bit DH params. MattJ says > Curves have won, and OpenSSL is less weird about them now |