| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
Why was this module loaded? Now you can find out!
|
|
|
|
|
| |
Useful to know why a module was auto-loaded without having to dig trough
all other modules for the one that depends on it.
|
|
|
|
|
|
|
|
| |
Some of the OAuth stuff highlights a small need to retrieve a list of
roles somehow. Handy if you ever need a role selector in adhoc or
something.
Unless there's some O(n) thing we were avoiding?
|
|
|
|
| |
`type(x ~= y)` is always a string, thus truthy
|
|
|
|
|
|
| |
E.g. if you were to just pass "username" without @hostname, the split
will return nil, "username" and the nil gets passed to saslprep() and it
does not like that.
|
| |
|
| |
|
|
|
|
|
| |
This is designed for use by other modules that want to accept tokens issued
by mod_tokenauth, without duplicating all the necessary logic.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This allows tokens to be tied to specific purposes/protocols. For example, we
shouldn't (without specific consideration) allow an OAuth token to be dropped
into a slot expecting a FAST token.
While FAST doesn't currently use mod_tokenauth, it and others may do in the
future. It's better to be explicit about what kind of token code is issuing or
expecting.
|
|
|
|
| |
The token layer supports tokens that are tied to a given resource.
|
| |
|
|
|
|
| |
Enables UI in clients supporting XEP-0050
|
| |
|
|
|
|
| |
First proper UI to enable/disable, allowing it to be tested.
|
|
|
|
|
|
|
|
| |
We decided that at the first stage, accounts that are disabled should
simply be prevented from authenticating, thus they should also be
prevented from having connected sessions. Since this is aimed to be a
moderation action for cases of abuse, they shouldn't be allowed to
continue being connected.
|
|
|
|
| |
Allow modules to act on this state change, e.g. kick accounts etc.
|
|
|
|
| |
Calling into the auth module, where available.
|
| |
|
| |
|
|
|
|
| |
Uses 'disabled' property already introduced in aed38948791f
|
|
|
|
| |
But how and where?
|
|
|
|
|
|
| |
Moving this out will make space for a dynamic check whether a particular
user is disabled or not, which is one possible response to abuse of
account privileges.
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| | |
settings
The cross_domain_* settings were added here prior to http_cors_override
being added back in 17d87fb2312a, so for a time there was no
replacement, but now there is.
|
|\| |
|
| | |
|
|\| |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This event was added in a7c183bb4e64 and is required to make mod_smacks know
that a session was intentionally closed and shouldn't be hibernated (see
fcea4d9e7502).
Because this was missing from mod_websocket's session.close(), mod_smacks
would always attempt to hibernate websocket sessions even if they closed
cleanly.
That mod_websocket has its own copy of session.close() is something to fix
another day (probably not in the stable branch). So for now this commit makes
the minimal change to get things working again.
Thanks to Damian and the Jitsi team for reporting.
|
| | |
|
| | |
|
| |
| |
| |
| | |
Started as part of a documentation project for the MUC API
|
|\| |
|
| | |
|
|\| |
|
| |
| |
| |
| |
| |
| | |
When mod_admin_socket is loaded without mod_admin_shell, attempt to use
`prosodyctl shell` will appear to freeze after any input, since no
response is returned.
|
|\| |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This information is sometimes necessary in the context where we have a
connection that we know (or believe to be) associated with an incoming HTTP
request.
For example, it can be used to retrieve the IP address of a request (which may
differ from the IP address of the connection, due to X-Forwarded-For and co).
Thanks to the Jitsi team for highlighting this gap in the API.
|
| |
| |
| |
| |
| | |
This defines close(), which is only used with epoll, hence we don't need
to include it when building in poll or select mode.
|
|\| |
|
| |
| |
| |
| |
| |
| | |
This ensures that we support responses without a content-length header, and
allow streaming them through the streaming handler interface. An example of
such a response would be Server-Sent Events streams.
|
| | |
|
|\| |
|
| | |
|
| |
| |
| |
| |
| | |
If it reaches this point, then the session will be most definitely be
destroyed, so try to prevent destroy_session() from being called again.
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
On regular disconnects, </stream> is sent, then
sessionmanager.destroy_session() is called, then
sessionmanager.destroy_session() is called again when the TCP connection
is closed, from ondisconnect in mod_c2s.
It is a bit annoying and doesn't really tell you much.
|
| |
| |
| |
| |
| |
| |
| |
| | |
With `gcc-12 -Wstrict-prototypes` the following warning is shown:
crypto.c:43:13: warning: function declaration isn't a prototype [-Wstrict-prototypes]
43 | static BIO* new_memory_BIO() {
| ^~~~~~~~~~~~~~
|
| |
| |
| |
| |
| | |
Expected this to be translated to 'core', but it logs an error instead.
See previous commit.
|
| | |
|
| | |
|