aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Makefile, configure: Add option for disabling generation of example certificatesKim Alvefur2013-11-302-1/+9
|
* Tagging 0.9.2Matthew Wild2013-11-290-0/+0
|
* util.pposix: Verify that file handle is openKim Alvefur2013-11-281-0/+2
|
* Makefile, certs: Generate example certificates on build, remove the old ↵Kim Alvefur2013-11-224-37/+25
| | | | static one
* certmanager: Further cipher string tweaking. Re-enable ciphers required for ↵Matthew Wild2013-11-211-1/+1
| | | | DSA and ECDH certs/keys.
* Back out 1b0ac7950129, as SSLv3 appears to still be in moderate use on the ↵Matthew Wild2013-11-121-1/+1
| | | | network. Also, although obsolete, SSLv3 isn't documented to have any weaknesses that TLS 1.0 (the most common version used today) doesn't also have. Get your act together clients!
* certmanager: Update default cipher string to prefer forward-secrecy over ↵Matthew Wild2013-11-101-1/+1
| | | | cipher strength and to disable triple-DES (weaker and much slower than AES)
* util.set: Remove unused variableMatthew Wild2013-11-101-1/+1
|
* certmanager: Fix order of options, so that the dynamic option is at the end ↵Matthew Wild2013-11-091-1/+1
| | | | of the array
* certmanager: Default to using the server's cipher preference order by ↵Matthew Wild2013-11-091-1/+1
| | | | default, as clients have been shown to commonly select weak and insecure ciphers even when they support stronger ones
* certmanager: Disable SSLv3 by defaultKim Alvefur2013-10-311-1/+1
|
* util.windows: Incorrect output buffer size passed to ↵Waqas Hussain2013-10-101-1/+1
| | | | ReadConsoleOutputAttribute (fixes issue#362, thanks yanjun).
* muc.lib.lua: Fix Spark jabber client not displaying conference room lists, ↵Paul2013-10-051-1/+1
| | | | seemingly due to a missing value tag for the room description if the description has not been set
* util.filters: Fix inserting items so that higher priority filters run firstKim Alvefur2013-09-301-1/+1
|
* Tagging 0.9.1Matthew Wild2013-09-090-0/+0
|
* certmanager: Fix dhparam callback, missing imports (Testing, pfft)Kim Alvefur2013-09-031-3/+5
|
* certmanager: Allow for specifying the dhparam option as a path to a file ↵Kim Alvefur2013-09-031-0/+11
| | | | instead of a callback
* certmanager: Fix for working around a bug with LuaSec 0.4.1 that causes it ↵Matthew Wild2013-09-031-4/+4
| | | | to not honour the 'ciphers' option. This change will apply 0.9's default cipher string for LuaSec 0.4.1 users.
* util.set: Fix :include() and :exclude() methods to iterate the input set ↵Matthew Wild2013-09-021-2/+2
| | | | correctly
* util.pposix: Fix building on non-Linux with glibcKim Alvefur2013-09-021-2/+2
|
* configmanager: Fix checking of absolute paths on WindowsKim Alvefur2013-08-301-1/+1
|
* util.net: Fix s2sout on Windows (return 0.0.0.0 and :: instead of an empty list)Kim Alvefur2013-08-301-1/+10
|
* mod_pep: Update COMPAT comment, it seems Asterisk 1.8 also suffers from this ↵Matthew Wild2013-08-241-1/+1
| | | | issue (thanks Lonnie Abelbeck)
* Added tag 0.9.0 for changeset 6ef79af0c445Matthew Wild2013-08-190-0/+0
|
* util.hashes: Silence compiler warning about pointer signednessKim Alvefur2013-08-091-1/+1
|
* mod_admin_telnet, mod_s2s: Fix reporting of certificate chain validation detailsKim Alvefur2013-08-062-2/+2
|
* util.hashes: Correct argument orderKim Alvefur2013-08-061-1/+1
|
* mod_s2s: Improve policy checkKim Alvefur2013-08-051-1/+1
|
* mod_s2s: Log certificate identity validation resultKim Alvefur2013-08-041-0/+1
|
* adhoc.lib: Don't build error reply from reply stanzaKim Alvefur2013-07-241-5/+5
|
* mod_c2s: Change default of tcp_keepalives to true, and make it individually ↵Kim Alvefur2013-07-241-1/+1
| | | | configurable through c2s_tcp_keepalives
* net.server_event: Pass ondrain handler from listenerKim Alvefur2013-07-221-0/+1
|
* net.http.server: Fix Keep-Alive requests with HTTP 1.0Kim Alvefur2013-07-221-1/+1
|
* util.net: Fix compilation on Windows (outputs an empty list of addresses for ↵Matthew Wild2013-07-151-4/+4
| | | | now) (tested only in my head)
* util.net: Include missing header needed for successful compiltion on FreeBSDMatthew Wild2013-07-151-0/+1
|
* certmanager: Set our own default cipher string, which includes only ciphers ↵Matthew Wild2013-07-131-0/+1
| | | | regarded as 'HIGH' strength (by OpenSSL). In particular this disables RC4.
* mod_storage_sql2: Remove from 0.9Matthew Wild2013-07-111-237/+0
|
* net.dns, net.adns: Make sure errors from net.server are propagated (thanks ↵Kim Alvefur2013-07-102-3/+3
| | | | asterix)
* mod_component: Local imports for some functions, including xpcallMatthew Wild2013-07-081-0/+1
|
* mod_bosh: pcall() core_process_stanza per stanza, to bring in line with ↵Matthew Wild2013-07-081-1/+4
| | | | other listeners. This ensures that stanzas following a traceback-causing stanza in a request will still be processed (as would happen on normal c2s).
* mod_bosh: Only pass stanza to core_process_stanza if it wasn't dropped by ↵Matthew Wild2013-07-081-1/+3
| | | | filters
* mod_component: xpcall() stanza processing, as per other listeners, ↵Matthew Wild2013-07-081-1/+6
| | | | preventing potentially harmful 'top-level errors'
* mod_admin_adhoc: Fix node of the "Get List of Online Users" commandFlorian Zeitz2013-06-291-1/+1
|
* util.pposix: setrlimit(): Add missing return on error when an incorrect ↵Matthew Wild2013-06-281-0/+1
| | | | number of arguments are passed
* mod_http_files: Put the MIME type map in a global shared table instead of ↵Kim Alvefur2013-06-281-2/+2
| | | | per-host
* net.http: Include port number (when non-standard) in the Host header of ↵Matthew Wild2013-06-261-4/+13
| | | | outgoing requests, as per the HTTP RFC
* mod_storage_sql2: Use correct variable (Thanks SkyBlue and Florob)Kim Alvefur2013-06-231-1/+1
|
* mod_s2s/s2sout.lib: Remove unused variables and importsMatthew Wild2013-06-181-6/+2
|
* mod_s2s/s2sout.lib: Remove reference to undefined globalMatthew Wild2013-06-181-1/+0
|
* mod_s2s/s2sout.lib: Use new util.net.local_addresses() to fetch local ↵Matthew Wild2013-06-181-12/+5
| | | | interface addresses