aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
| | * mod_http: Soften dependency on mod_http_errorsKim Alvefur2019-11-161-1/+3
| | | | | | | | | | | | | | | | | | This allows disabling mod_http_errors by adding it to moduless_disabled and ensures mod_http loads even if the error pages aren't as pretty.
| | * doap: Sort XEPs by numberKim Alvefur2019-11-151-8/+8
| | |
| | * server_event: Remove duplicated code (thanks waqas)Kim Alvefur2019-11-131-4/+0
| | | | | | | | | | | | | | | readcallback() calls onreadtimeout() and runs the exact same code if onreadtimeout() doesn't return true, which it doesn't do.
| | * util.dependencies: Avoid missing bitop false positive on Lua 5.4Kim Alvefur2019-11-091-1/+1
| | |
| | * util.startup: Disable plugin installer path creation for now (see comments)Kim Alvefur2019-11-091-2/+4
| | |
| | * util.startup: Split plugin installer path setup into a separate functionKim Alvefur2019-11-091-4/+11
| | |
| | * mod_s2s: Allow passing bounce reason as an util.error object (see #770)Kim Alvefur2019-11-081-2/+9
| | | | | | | | | | | | This argument is currently unused in s2smanager.
| | * util.paths: Don't treat path as pattern, fix traceback (thanks Menel87)Kim Alvefur2019-11-081-2/+2
| | |
| | * Merge 0.11->trunkKim Alvefur2019-11-082-0/+2
| | |\
| | * | mod_ping: Remove ad-hoc commandKim Alvefur2019-11-071-15/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 17:27:40 <Ge0rG> Zash: the Ping thing is absolutely worthless 17:27:55 <Zash> The command provided by mod_ping? 17:27:59 <pep.> To own server? 17:28:14 <Ge0rG> the Ping command in mod_admin_web, whatever it maps to 17:28:29 <Ge0rG> > Pong > 2019-11-07T16:28:16Z What am I supposed to do with that result? 17:28:29 <Zash> Yeah, mod_ping provides that 17:28:41 <Ge0rG> Is it a ping to my own server? Where's the RTT? 17:28:48 <Zash> Dunno if it's useful for more than verifying that the adhoc command system works 17:29:02 <Ge0rG> (it lags, but there is no indication of how much) 17:29:14 <Zash> It can't really test that itself 17:29:52 <Zash> Anyone opposed to deleting it? 17:30:42 <Zash> Half the module 17:42:47 <MattJ> Zash, I'm fine with removing it
| | * | mod_admin_adhoc: Add some flags to s2s listing commandKim Alvefur2019-11-071-0/+12
| | | | | | | | | | | | | | | | These are present in mod_admin_telnet and relevant to s2s
| | * | util.array: Fix typo in testKim Alvefur2019-11-071-1/+1
| | | |
| | * | net.http.server: Treat promise rejection without value as a HTTP 500 errorKim Alvefur2019-11-051-1/+1
| | | |
| | * | net.http.server: Handle promises from http handlersKim Alvefur2019-11-011-0/+8
| | | |
| | * | net.http.server: Handle util.error objects from http handlersKim Alvefur2019-11-011-0/+3
| | | |
| | * | net.http.server: Tail call because tail call!Kim Alvefur2019-11-011-1/+1
| | | |
| | * | net.http.server: Factor out handling of event response for easier reuseKim Alvefur2019-11-011-31/+34
| | | |
| | * | Merge 0.11->trunkKim Alvefur2019-11-041-2/+9
| | |\ \
| | * | | doap: Add version of XEP-0012Kim Alvefur2019-11-031-0/+1
| | | | |
| | * | | doap: Reorder tags for consistencyKim Alvefur2019-11-031-1/+1
| | | | | | | | | | | | | | | | | | | | It's nice when `grep version.1 -B1` shows XEPs with 1.x versions
| | * | | Merge 0.11->trunkKim Alvefur2019-11-022-2/+14
| | |\ \ \
| | * | | | mod_admin_telnet: Show s2s authentication method (probably) usedKim Alvefur2019-11-021-0/+6
| | | | | |
| | * | | | mod_user_account_management: Apply username normalization laterKim Alvefur2019-11-021-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | Prevents traceback from nodeprep(nil)
| | * | | | mod_s2s: Only nameprep stream to/from addresses if they are presentKim Alvefur2019-11-021-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | Prevents traceback from nameprep(nil)
| | * | | | mod_dialback: Fix potential traceback in case of missing addressingKim Alvefur2019-11-021-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Not tested. Assuming nothing good comes from continuing the program flow after this. The connection should get closed and the event gets aborted by a traceback anyways.
| | * | | | mod_c2s: Validate that a 'to' attribute exists at allKim Alvefur2019-11-021-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | Prevents traceback from nameprep(nil)
| | * | | | core.sessionmanager: Require that client-requested resources pass strict ↵Kim Alvefur2019-11-021-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | resourceprep
| | * | | | mod_bosh: Abort early if request is missing hostnameKim Alvefur2019-11-021-0/+9
| | | | | | | | | | | | | | | | | | | | | | | | Prevents traceback from passing nil to nameprep()
| | * | | | mod_dialback: Abort early if request is missing addressing attributesKim Alvefur2019-11-021-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | Prevents traceback from passing nil to nameprep()
| | * | | | core.configmanager: Handle nameprep validation errorsKim Alvefur2019-11-021-2/+10
| | | | | |
| | * | | | core.configmanager: Ensure Hosts are given namesKim Alvefur2019-11-021-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | Prevents traceback from nameprep(nil)
| | * | | | MUC: Make nickname field in registration form requiredKim Alvefur2019-11-022-3/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Prevents traceback from resourceprep(nil) muc#register_roomnick is also required in XEP-0045
| | * | | | core.sessionmanager: Fix traceback from passing nil to resourceprepKim Alvefur2019-11-021-1/+1
| | | | | |
| | * | | | util.encodings: Don't ignore non-strings passed to stringprep functionsKim Alvefur2019-11-021-11/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If you manage to pass a table or something weird to these, you deserve to know.
| | * | | | net.http.codes: Avoid implicit number -> string coercionKim Alvefur2019-11-011-1/+1
| | | | | |
| | * | | | prosodyctl: Print friendly version of error messagesKim Alvefur2019-11-011-1/+1
| | | | | |
| | * | | | mod_register_ibr: Enforce strict JID validationKim Alvefur2019-11-011-1/+1
| | | | | |
| | * | | | util.prosodyctl: Enforce strict JID validation on user creationKim Alvefur2019-11-011-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is where 64ddcbc9a328 should have started. By preventing creation of users with invalid JIDs, it will slowly become safer to enforce strict validation on everything.
| | * | | | MUC: Strictly validate room JID on creationKim Alvefur2019-11-011-0/+8
| | | | | | | | | | | | | | | | | | | | | | | | This should prevent any MUCs with invalid JID (according to current normalization routine)
| | * | | | util.error: Add well-known field 'code' in error templatesKim Alvefur2019-11-012-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | Intended to be for HTTP-ish numeric status codes
| | * | | | mod_register_limits: Use util.error for managing rejection reasonsKim Alvefur2019-11-011-9/+28
| | | | | |
| | * | | | mod_register_ibr: Allow registartion rejection reason as util.error objectKim Alvefur2019-11-011-2/+9
| | | | | |
| | * | | | Backed out changeset 64ddcbc9a328 as it would prevent communicating with ↵Kim Alvefur2019-10-301-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | valid remote JIDs that aren't valid under STRINGPREP / Unicode 3.2
| | * | | | MUC: Enforce strict resourceprep on nicknames (bye bye robot face)Kim Alvefur2019-09-231-0/+16
| | | | | |
| | * | | | core.stanza_router: Do strict jidprep on c2sKim Alvefur2019-09-091-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Be conservative in what you let your clients send, be liberal in what you let in via s2s. Being strict on s2s leads to interop problems and poor experiences, ie users being ejected from MUCs if something invalid enters. By starting with tightening up input into the network, we may be able to gradually approach a point where no invalid JIDs are allowed.
| | * | | | util.encodings: Strictly verify that the 'strict' *prep argument is a booleanKim Alvefur2019-10-301-4/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is to prevent mistakes like nodeprep(username:gsub("a","b")) from unintentionally invoking strict mode.
| | * | | | util.jid: Add a 'strict' flag for jidprep callsKim Alvefur2019-09-091-6/+6
| | | | | |
| | * | | | util.encodings: Optional strict flag to stringprepKim Alvefur2019-04-241-2/+14
| | | | | |
| | * | | | util.pubsub, pubsub.lib and tests: Add text to precondition-not-met error ↵Matthew Wild2019-10-274-4/+248
| | | | | | | | | | | | | | | | | | | | | | | | (fixes #1455)
| | * | | | MUC: Advertise history related fields as integers via XEP-0122Kim Alvefur2019-10-201-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | This takes advantage of data type validation and conversion done in util.dataforms.