Commit message (Collapse) | Author | Age | Files | Lines | ||
---|---|---|---|---|---|---|
... | ||||||
| | * | | | | mod_admin_telnet: Show s2s authentication method (probably) used | Kim Alvefur | 2019-11-02 | 1 | -0/+6 | |
| | | | | | | ||||||
| | * | | | | mod_user_account_management: Apply username normalization later | Kim Alvefur | 2019-11-02 | 1 | -1/+2 | |
| | | | | | | | | | | | | | | | | | | | | | | | | Prevents traceback from nodeprep(nil) | |||||
| | * | | | | mod_s2s: Only nameprep stream to/from addresses if they are present | Kim Alvefur | 2019-11-02 | 1 | -1/+3 | |
| | | | | | | | | | | | | | | | | | | | | | | | | Prevents traceback from nameprep(nil) | |||||
| | * | | | | mod_dialback: Fix potential traceback in case of missing addressing | Kim Alvefur | 2019-11-02 | 1 | -0/+1 | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Not tested. Assuming nothing good comes from continuing the program flow after this. The connection should get closed and the event gets aborted by a traceback anyways. | |||||
| | * | | | | mod_c2s: Validate that a 'to' attribute exists at all | Kim Alvefur | 2019-11-02 | 1 | -0/+5 | |
| | | | | | | | | | | | | | | | | | | | | | | | | Prevents traceback from nameprep(nil) | |||||
| | * | | | | core.sessionmanager: Require that client-requested resources pass strict ↵ | Kim Alvefur | 2019-11-02 | 1 | -1/+1 | |
| | | | | | | | | | | | | | | | | | | | | | | | | resourceprep | |||||
| | * | | | | mod_bosh: Abort early if request is missing hostname | Kim Alvefur | 2019-11-02 | 1 | -0/+9 | |
| | | | | | | | | | | | | | | | | | | | | | | | | Prevents traceback from passing nil to nameprep() | |||||
| | * | | | | mod_dialback: Abort early if request is missing addressing attributes | Kim Alvefur | 2019-11-02 | 1 | -0/+5 | |
| | | | | | | | | | | | | | | | | | | | | | | | | Prevents traceback from passing nil to nameprep() | |||||
| | * | | | | core.configmanager: Handle nameprep validation errors | Kim Alvefur | 2019-11-02 | 1 | -2/+10 | |
| | | | | | | ||||||
| | * | | | | core.configmanager: Ensure Hosts are given names | Kim Alvefur | 2019-11-02 | 1 | -0/+6 | |
| | | | | | | | | | | | | | | | | | | | | | | | | Prevents traceback from nameprep(nil) | |||||
| | * | | | | MUC: Make nickname field in registration form required | Kim Alvefur | 2019-11-02 | 2 | -3/+7 | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Prevents traceback from resourceprep(nil) muc#register_roomnick is also required in XEP-0045 | |||||
| | * | | | | core.sessionmanager: Fix traceback from passing nil to resourceprep | Kim Alvefur | 2019-11-02 | 1 | -1/+1 | |
| | | | | | | ||||||
| | * | | | | util.encodings: Don't ignore non-strings passed to stringprep functions | Kim Alvefur | 2019-11-02 | 1 | -11/+1 | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If you manage to pass a table or something weird to these, you deserve to know. | |||||
| | * | | | | net.http.codes: Avoid implicit number -> string coercion | Kim Alvefur | 2019-11-01 | 1 | -1/+1 | |
| | | | | | | ||||||
| | * | | | | prosodyctl: Print friendly version of error messages | Kim Alvefur | 2019-11-01 | 1 | -1/+1 | |
| | | | | | | ||||||
| | * | | | | mod_register_ibr: Enforce strict JID validation | Kim Alvefur | 2019-11-01 | 1 | -1/+1 | |
| | | | | | | ||||||
| | * | | | | util.prosodyctl: Enforce strict JID validation on user creation | Kim Alvefur | 2019-11-01 | 1 | -1/+1 | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is where 64ddcbc9a328 should have started. By preventing creation of users with invalid JIDs, it will slowly become safer to enforce strict validation on everything. | |||||
| | * | | | | MUC: Strictly validate room JID on creation | Kim Alvefur | 2019-11-01 | 1 | -0/+8 | |
| | | | | | | | | | | | | | | | | | | | | | | | | This should prevent any MUCs with invalid JID (according to current normalization routine) | |||||
| | * | | | | util.error: Add well-known field 'code' in error templates | Kim Alvefur | 2019-11-01 | 2 | -0/+3 | |
| | | | | | | | | | | | | | | | | | | | | | | | | Intended to be for HTTP-ish numeric status codes | |||||
| | * | | | | mod_register_limits: Use util.error for managing rejection reasons | Kim Alvefur | 2019-11-01 | 1 | -9/+28 | |
| | | | | | | ||||||
| | * | | | | mod_register_ibr: Allow registartion rejection reason as util.error object | Kim Alvefur | 2019-11-01 | 1 | -2/+9 | |
| | | | | | | ||||||
| | * | | | | Backed out changeset 64ddcbc9a328 as it would prevent communicating with ↵ | Kim Alvefur | 2019-10-30 | 1 | -1/+1 | |
| | | | | | | | | | | | | | | | | | | | | | | | | valid remote JIDs that aren't valid under STRINGPREP / Unicode 3.2 | |||||
| | * | | | | MUC: Enforce strict resourceprep on nicknames (bye bye robot face) | Kim Alvefur | 2019-09-23 | 1 | -0/+16 | |
| | | | | | | ||||||
| | * | | | | core.stanza_router: Do strict jidprep on c2s | Kim Alvefur | 2019-09-09 | 1 | -1/+1 | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Be conservative in what you let your clients send, be liberal in what you let in via s2s. Being strict on s2s leads to interop problems and poor experiences, ie users being ejected from MUCs if something invalid enters. By starting with tightening up input into the network, we may be able to gradually approach a point where no invalid JIDs are allowed. | |||||
| | * | | | | util.encodings: Strictly verify that the 'strict' *prep argument is a boolean | Kim Alvefur | 2019-10-30 | 1 | -4/+10 | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is to prevent mistakes like nodeprep(username:gsub("a","b")) from unintentionally invoking strict mode. | |||||
| | * | | | | util.jid: Add a 'strict' flag for jidprep calls | Kim Alvefur | 2019-09-09 | 1 | -6/+6 | |
| | | | | | | ||||||
| | * | | | | util.encodings: Optional strict flag to stringprep | Kim Alvefur | 2019-04-24 | 1 | -2/+14 | |
| | | | | | | ||||||
| | * | | | | util.pubsub, pubsub.lib and tests: Add text to precondition-not-met error ↵ | Matthew Wild | 2019-10-27 | 4 | -4/+248 | |
| | | | | | | | | | | | | | | | | | | | | | | | | (fixes #1455) | |||||
| | * | | | | MUC: Advertise history related fields as integers via XEP-0122 | Kim Alvefur | 2019-10-20 | 1 | -2/+4 | |
| | | | | | | | | | | | | | | | | | | | | | | | | This takes advantage of data type validation and conversion done in util.dataforms. | |||||
| | * | | | | CHANGES: Add a line for #1335 | Kim Alvefur | 2019-10-20 | 1 | -0/+1 | |
| | | | | | | ||||||
| | * | | | | MUC: Add controls for whose presence is broadcast (closes #1335) | Lance Stout | 2019-10-20 | 3 | -5/+112 | |
| | | | | | | | | | | | | | | | | | | | | | | | | Committed by Zash | |||||
| | * | | | | util.interpolation: Test map syntax | Kim Alvefur | 2019-10-20 | 1 | -0/+7 | |
| | | | | | | ||||||
| | * | | | | util.interpolation: Test array syntax | Kim Alvefur | 2019-10-20 | 1 | -0/+8 | |
| | | | | | | ||||||
| | * | | | | util.interpolation: Test #1452 | Kim Alvefur | 2019-10-20 | 1 | -1/+5 | |
| | | | | | | ||||||
| | * | | | | Merge 0.11->trunk | Kim Alvefur | 2019-10-20 | 1 | -3/+3 | |
| | |\ \ \ \ | ||||||
| | * | | | | | doap: Sort <implements> by XEP number | Kim Alvefur | 2019-10-20 | 1 | -7/+7 | |
| | | | | | | | ||||||
| | * | | | | | doap: mod_csi_simple tries to follow XEP-0286: Mobile Considerations, not ↵ | Kim Alvefur | 2019-10-20 | 1 | -1/+1 | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | XEP-0268 | |||||
| | * | | | | | doap: Trim a trailing '.' from a version/branch name for consistency | Kim Alvefur | 2019-10-20 | 1 | -1/+1 | |
| | | | | | | | ||||||
| | * | | | | | doap: Copy longer description from README | Kim Alvefur | 2019-10-20 | 1 | -1/+1 | |
| | | | | | | | ||||||
| | * | | | | | Merge 0.11->trunk | Kim Alvefur | 2019-10-20 | 1 | -2/+0 | |
| | |\ \ \ \ \ | ||||||
| | * | | | | | | MUC: Validate registration dataform more carefully | Kim Alvefur | 2019-10-20 | 1 | -1/+13 | |
| | | | | | | | | ||||||
| | * | | | | | | mod_saslauth: Demote "no SASL mechanisms" error back to warning | Kim Alvefur | 2019-10-15 | 1 | -4/+4 | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This gets printed before TLS if c2s_require_encryption = false, in which case it is just annoying. | |||||
| | * | | | | | | mod_saslauth: Improve logging of why no SASL mechanisms were offered | Kim Alvefur | 2019-10-15 | 1 | -6/+18 | |
| | | | | | | | | ||||||
| | * | | | | | | mod_saslauth: Use the power of Set Theory to mange sets of SASL mechanisms | Kim Alvefur | 2019-10-15 | 1 | -6/+24 | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This makes sets of excluded mechanisms easily available for use later. | |||||
| | * | | | | | | mod_saslauth: Log (debug) messages about channel binding | Kim Alvefur | 2019-10-15 | 1 | -0/+5 | |
| | | | | | | | | ||||||
| | * | | | | | | doc/doap: Claim support for XEP-0368 by way of legacy_ssl_ports | Kim Alvefur | 2019-10-15 | 1 | -0/+9 | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | > Server support of XEP-0368 means having the ability to accept direct TLS connections. This is what legacy_ssl_ports does. First trace of it seems to be 8458be0941e7 | |||||
| | * | | | | | | doc/doap: Claim support for XEP-0268 via mod_csi_simple | Kim Alvefur | 2019-10-15 | 1 | -0/+7 | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | mod_csi_simple tries to follow the advice in XEP-0268. Notably, since 7d78b24d8449 it also does this: > If the server receives data, the phones radio is already on, therefore > you should flush any pending data as soon as possible after receiving > data from a client | |||||
| | * | | | | | | mod_saslauth: Remove useless debug log line | Kim Alvefur | 2019-10-13 | 1 | -1/+0 | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fairly useless to only log half of SASL messages. Use mod_stanza_debug instead to get the full exchange. | |||||
| | * | | | | | | mod_saslauth: Remove commented-out debug log line | Kim Alvefur | 2019-10-13 | 1 | -1/+0 | |
| | | | | | | | | ||||||
| | * | | | | | | net.server_epoll: Save IP and port from connection creation call | Kim Alvefur | 2019-10-12 | 1 | -0/+4 | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Might come out of :getpeername different later but at least it's something. |