| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
| | |
| | |
| | |
| | |
| | | |
It would be nice if authzid was passed down into the stack and could be
used by plugins for things.
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Don't worry, this function is not used by anything yet, this isn't a
security issue. It'll be used by Prosody to pick the correct certificate
for itself in the future.
The `names` multitable is a collection of (name, service) pairs but it
put them in the wrong order here.
|
| | | |
|
| | |
| | |
| | |
| | | |
Timer API of passing wallclock time remains
|
| | |
| | |
| | |
| | |
| | | |
Relative to current time instead of absolute time, in preparation for
switching to monotonic time.
|
| | |
| | |
| | |
| | | |
This won't make sense if we switch to monotonic time
|
| | |
| | |
| | |
| | |
| | | |
Using util.time will make it easier to move away from LuaSocket if we
ever wanted to do that.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Better than the previous string concatenation of SASL failure condition
and optional text sent by the remote server.
Would be nice to have a text per condition, other than the probably most
common 'not-authorized'.
|
| | |
| | |
| | |
| | |
| | | |
Will be easier than that concatenated string to extract info out of for
use elsewhere.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
In :onreadable, if there is still buffered incoming data after reading
from the socket (as indicated by the :dirty method, usually because
LuaSocket has an 8k buffer that's full but it read a smaller amount),
another attempt to read is scheduled via this :pausefor method. This is
also called from some other places where it would be pointless to read
because there shouldn't be any data.
In the delayed read case, this should report that the socket is "dirty".
If it reports that the socket is "clean" then the question is where
the buffer contents went?
If this doesn't get logged after the scheduled time (0.000001s by
default) then this would suggests a problem with timer or scheduling.
|
| | |
| | |
| | |
| | |
| | | |
Default Address Selection algorithm is not applied, resulting in a
strong bias towards IPv4.
|
| | |
| | |
| | |
| | | |
And mention issue numbers: #1246, #1428 and #1429
|
| | | |
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Mistakenly iterates over the set of all supported mechanisms instead of
the one without insecure mechanisms if the connection is insecure.
Not a problem if c2s_require_encryption is true
Introduced in 56a0f68b7797
|
| | | |
|
| | | |
|
| | |
| | |
| | |
| | | |
This reduces the binary size from 22704?B to 18592?B.
|
| | |
| | |
| | |
| | |
| | |
| | | |
Deduplicates the 3 log calls that log the same thing but subtly
differently. The first one would say "Disconnecting localhost" and the
last one didn't log the IP.
|
| | | |
|
| | |
| | |
| | |
| | |
| | | |
This was something I added during development and set to info level for
visibility.
|
| | |
| | |
| | |
| | | |
For consistency. None of the other implementations do this.
|
| | |
| | |
| | |
| | |
| | |
| | | |
This should make it clearer that it's about the TLS handshake. Otherwise
it's something like "unsupported protocol" or "no shared ciphers" that
might not be that obvious.
|
| | |
| | |
| | |
| | | |
Helps locating all messages related to a specific session
|
| | |
| | |
| | |
| | | |
This new wording generator is nice.
|
| | |
| | |
| | |
| | |
| | |
| | | |
Groups by domain in DNS hierarchy order or something.
Why not split on '.' you ask? Well becasue that's not what I typed here. Also "[^.]" is longer than "%P".
|
| | |
| | |
| | |
| | |
| | |
| | | |
If there are no other sessions which also enabled carbons then the
carbons wrapper is not used and the potentially expensive clone
operation was a waste of cycles.
|
| | | |
|
| | |
| | |
| | |
| | | |
These are all c2s tests, no need to have s2s enabled.
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Potentially a bit more efficient since it can jump to the selected
protocol on connect instead of waiting for some data to look at.
Adds a 'protocol' field to net providers for this purpose.
|
| | |
| | |
| | |
| | |
| | |
| | | |
Shouldn't hurt. Revert if it turns out it does.
Supported in LuaSec 0.8. Should be ignored otherwise.
|
| | |
| | |
| | |
| | | |
support)
|
| | |
| | |
| | |
| | | |
Don't think this works and it's apparently acceptable to require SNI these days.
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | | |
These are similar to the "activated service" messages from portmanager
and similarily useful for the service admin to know even if they're not
debugging anything.
|
| | |
| | |
| | |
| | |
| | |
| | | |
features on aborted connections
I have no idea why I wrote return false in e5945fb5b71f
|
| | |
| | |
| | |
| | | |
Prevents some weirdness in cases where no authentication is done
|
| | |
| | |
| | |
| | |
| | | |
This ensures the closure reason is accurate and not reported as an
authentication or other problem
|
| | |
| | |
| | |
| | | |
Rationale in comment.
|
| | | |
|
| | | |
|
| | |
| | |
| | |
| | |
| | | |
We want to figure out what situations the double ondisconnect happens in, and
aim to fix the root cause in the future.
|
| | | |
|
| | | |
|
| | |
| | |
| | |
| | | |
A room that doesn't exist can't return an error, can it?
|