aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* util.paseto: Add support for v3.local tokensMatthew Wild2023-01-132-18/+289
|
* util.paseto: Fix omitted parameterMatthew Wild2023-01-131-1/+1
|
* util.paseto: Stricter base64 decoding, as per specMatthew Wild2023-01-131-0/+11
|
* util.crypto: Add support for AES-256-CTRMatthew Wild2023-01-132-21/+61
| | | | This is required by PASETO v3.local
* util.hashes: Add HKDF-HMAC-SHA256/HKDF-HMAC-SHA384Matthew Wild2023-01-132-0/+97
| | | | These are needed for PASETO v3.local.
* Merge 0.12->trunkKim Alvefur2023-01-101-2/+2
|\
| * mod_invites: Prefer landing page over xmpp URI in shell commandKim Alvefur2023-01-101-2/+2
| | | | | | | | To mirror behavior of prosodyctl invocation
* | net.http.server: Close file handle earlierKim Alvefur2023-01-081-1/+1
| | | | | | | | | | Frees unneeded resources earlier, so they're not held on to while potentially sending the chunk trailer.
* | Merge 0.12->trunkKim Alvefur2023-01-081-1/+1
|\|
| * net.http.server: Fix #1789Kim Alvefur2023-01-081-1/+1
| | | | | | | | | | | | | | | | | | Unregistering the response before sending the trailer of the chunked transfer encoding prevents opportunistic writes from being invoked and running this code again when, which may cause an error when closing the file handle a second time. Normally the file size is known, so no chuck headers are sent.
* | Merge 0.12->trunkKim Alvefur2023-01-061-14/+12
|\|
| * mod_storage_sql: Fix #1639Kim Alvefur2023-01-011-14/+12
| | | | | | | | Patch by Peter Kieser
* | net.server_epoll: Remove delay on last main loop iteration when quittingKim Alvefur2023-01-061-7/+8
| | | | | | | | | | | | | | Main difference is that timers are not checked unconditionally before each poll, only when running out of previous poll results (hidden by util.poll). This removes a final poll at shutdown that usually delays the 'not quitting' condition check by one second.
* | net.server_epoll: Factor out single main loop step into its own functionKim Alvefur2023-01-061-1/+26
| | | | | | | | | | This isn't actually used in Prosody, so no value in complicating the real main loop because of it
* | Merge 0.12->trunkKim Alvefur2022-12-290-0/+0
|\|
| * configure: Fix quoting of $LUA_SUFFIX (thanks shellcheck/Zash)Matthew Wild2022-12-291-1/+1
| | | | | | | | Transplanted 6b43bf85032b from trunk
* | Merge 0.12->trunkKim Alvefur2022-12-291-1/+0
|\|
| * mod_storage_sql: Don't avoid initialization under prosodyctl (fix #1787)Kim Alvefur2022-12-291-1/+0
| | | | | | | | | | | | | | | | | | Fixes `prosodyctl adduser` etc. Prior to d580e6a57cbb the line did nothing. Sometimes storage in the prosodyctl context does cause weirdness, as it is not in a host context, but rather a variant of global.
* | configure: Fix quoting of $LUA_SUFFIX (thanks shellcheck/Zash)Matthew Wild2022-12-291-1/+1
| |
* | sessionmanager: Fire event before retiring old sessionMatthew Wild2022-12-291-3/+4
| | | | | | | | | | This allows for modules to update fields, which is generally better than maintaining this hard-coded list of transferable properties here.
* | sessionmanager: Pluck sasl_handler from old session when resuming (fixes #1785)Matthew Wild2022-12-291-0/+1
| |
* | doap: Fix RDF syntax (thanks Link Mauve)Kim Alvefur2022-12-281-2/+4
| |
* | util.datamapper: Simplify test schemaKim Alvefur2022-12-201-12/+12
| | | | | | | | | | Don't need the function, more compact to just reference the same reference table.
* | util.openmetrics: Update tools.ietf.org URL to datatrackerKim Alvefur2022-12-191-1/+1
| | | | | | | | See bd9e006a7a74 for more context
* | mod_s2s_auth_certs: Validate certificates against secure SRV targetsKim Alvefur2022-12-221-0/+10
| | | | | | | | | | | | | | Secure delegation or "Mini-DANE" As with the existing DANE support, only usable in one direction, client certificate authentication will fail if this is relied on.
* | net.resolvers.basic: Record hostname coming from secure SRV recordsKim Alvefur2022-12-221-0/+2
| | | | | | | | Will be useful even later...
* | net.resolvers.service: Record DNSSEC security status of SRV recordsKim Alvefur2022-12-221-0/+3
| | | | | | | | Will be useful later.
* | net.resolvers.service: Fix reporting of Bogus DNSSEC resultsKim Alvefur2022-12-211-3/+6
| | | | | | | | | | | | | | | | | | The order of checks led to Bogus results being reported with a generic "unable to resolve service". This had no practical effects as such results are simply empty and the process would stop there. Tested by attempting to establish s2s with dnssec-bogus.sg and observing the error reply.
* | Revert unintentionally committed parts of 12bd40b8e105Kim Alvefur2022-12-213-19/+5
| |
* | mod_s2s: Retrieve stanza size limit from peer for bidi connectionsKim Alvefur2022-11-091-0/+7
| | | | | | | | | | | | Having mod_s2s know about the bidi namespace is perhaps a bit awkward but putting this in mod_s2s_bidi would be more awkward as it has nothing to do with limits. Some indirection event could be added in the future.
* | mod_s2s: Advertise stream features on bidi connectionsKim Alvefur2022-10-201-0/+6
| |
* | mod_s2s_bidi: Add provisions for advertising features to bidi peersKim Alvefur2022-10-201-1/+3
| | | | | | | | As introduced in XEP-xxxx: Stream Limits Advertisement
* | mod_c2s,mod_s2s: Adapt to XEP-xxxx: Stream Limits AdvertisementKim Alvefur2022-10-206-9/+29
| | | | | | | | Thanks MattJ
* | mod_s2s: Avoid sending too large stanzasKim Alvefur2021-03-161-0/+5
| | | | | | | | | | | | | | | | Just dropping them isn't great but hopefully something more sensible can be done in the future. Will need work to ensure that this signal is handled correctly in sending modules etc.
* | mod_s2s: Record stanza size limit advertised by other serversKim Alvefur2021-03-161-0/+4
| | | | | | | | For future use, i.e. canceling sending of stanzas that exceed the limit
* | mod_s2s: Advertise stanza size limit to other serversKim Alvefur2021-03-161-0/+5
| | | | | | | | So they can, like, not send big stanzas.
* | mod_c2s: Advertise stanza size limit to clientsKim Alvefur2021-03-161-0/+4
| | | | | | | | | | | | | | Should help clients avoid sending stanzas that will get their stream killed. Custom namespace while ironing out the protocol. My spoon is too big!
* | mod_smacks: Factor out resumption token table key generationKim Alvefur2022-11-131-4/+8
| | | | | | | | So that happens in a single place, where it can be changed easier.
* | Merge 0.12->trunkKim Alvefur2022-12-12181-1973/+6130
|\ \ | |/ |/|
| * mod_smacks: Only track resumable sessionsKim Alvefur2022-11-181-1/+3
| | | | | | | | Required due to track_session() having moved here
| * util.hashring: Support associating arbitrary data with nodesMatthew Wild2022-12-022-9/+30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In this API, a 'node' is always a simple text string. Sometimes the caller may have a more complex structure representing a node, but the hash ring is really only concerned with the node's name. This API change allows :add_nodes() to take a table of `node_name = value` pairs, as well as the simple array of node names previously accepted. The 'value' of the selected node is returned as a new second result from :get_node(). If no value is passed when a node is added, it defaults to `true` (as before, but this was never previously exposed).
| * util.hashring: tests: don't randomize order - they are written in a ↵Matthew Wild2022-12-021-0/+1
| | | | | | | | sequential style
| * Merge 0.12->trunkMatthew Wild2022-11-042-5/+22
| |\
| * \ Merge 0.12->trunkMatthew Wild2022-10-311-4/+11
| |\ \
| * \ \ Merge 0.12->trunkKim Alvefur2022-10-241-1/+5
| |\ \ \
| * | | | util.prosodyctl.cert: Remove Lua 5.1 os.execute() return value compatKim Alvefur2022-10-201-1/+1
| | | | |
| * | | | util.prosodyctl: Remove Lua 5.1 os.execute() return value compatKim Alvefur2022-10-201-2/+1
| | | | |
| * | | | util.openssl: Remove Lua 5.1 os.execute() return value compatKim Alvefur2022-10-201-2/+1
| | | | |
| * | | | util.human.io: Fix handling of os.execute() return values in Lua 5.2+Kim Alvefur2022-10-201-3/+3
| | | | | | | | | | | | | | | | | | | | Wrong part of Lua 5.1 compat removed in 0f4feaf9ca64
| * | | | util.mathcompat: Module to ease reuse of math.type()Kim Alvefur2022-10-207-10/+41
| | | | | | | | | | | | | | | | | | | | | | | | | Mostly to ensure it is available during tests, as util.startup is not invoked there