aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* mod_http_file_share: Handle content-type being optionalKim Alvefur2021-01-271-2/+2
|
* mod_http_file_share: Reject invalid file sizesKim Alvefur2021-01-272-0/+17
|
* mod_http_file_share: Fix name of max-file-size tagKim Alvefur2021-01-271-1/+1
|
* mod_http_file_share: Expand registry to fix extra tagKim Alvefur2021-01-271-5/+6
| | | | | Error registry compact format doesn't support extra.tag so needs to be the more verbose format
* mod_http_file_share: Verify final file size on completion of uploadKim Alvefur2021-01-271-0/+5
|
* mod_http_file_share: Add file type filterKim Alvefur2021-01-263-0/+20
| | | | | Unlike mod_http_upload, this can't be bypassed by uploading with a different file extension.
* mod_http_file_share: Add file size limit (default 10M)Kim Alvefur2021-01-263-0/+30
|
* mod_http_file_share: Validate that filename does not contain '/'Kim Alvefur2021-01-262-0/+19
|
* mod_http_file_share: Return proper error if unauthorizedKim Alvefur2021-01-261-1/+5
|
* mod_http_file_share: Add basic access controlKim Alvefur2021-01-261-1/+7
| | | | Partly lifted from mod_external_services
* mod_http_file_share: Add support for external file upload serviceKim Alvefur2021-01-262-3/+9
| | | | | PUT /upload/:slot/:filename Authorization: Bearer JWT{ uploader, filename, filesize, filetype, exp }
* mod_http_file_share: Let's write another XEP-0363 implementationKim Alvefur2021-01-265-0/+229
| | | | | | | | | | This variant is meant to improve upon mod_http_upload in some ways: * Handle files much of arbitrary size efficiently * Allow GET and PUT URLs to be different * Remember Content-Type sent by client * Avoid dependency on mod_http_files * Built-in way to delegate storage to another httpd
* util.interpolation: Add test for #1623Kim Alvefur2021-01-251-0/+5
|
* Merge 0.11->trunkKim Alvefur2021-01-251-2/+2
|\
| * util.interpolation: Fix combination of filters and fallback values #1623Kim Alvefur2021-01-251-2/+2
| |
| * net.adns: Prevent empty packets from being sent on "connect" (fix #1619)Kim Alvefur2021-01-121-0/+5
| | | | | | | | Thanks Ge0rG for testing
| * net.server_epoll: Fix off-by-one in 2c559953ad41Kim Alvefur2021-01-101-1/+1
| | | | | | | | Thanks tmolitor
| * util.timer: Ensure timers can't run more than once per tick (fixes #1620)Kim Alvefur2021-01-081-1/+14
| | | | | | | | See longer explanation in 2c559953ad41
| * net.server_epoll: Ensure timers can't run more than once per tickKim Alvefur2021-01-081-2/+18
| | | | | | | | | | | | | | | | This makes sure that a timer that returns 0 (or less) does not prevent runtimers() from completing, as well as making sure a timer added with zero timeout from within a timer does not run until the next tick. Thanks tmolitor
| * util.stanza: Move misplaced argument to correct placeKim Alvefur2020-12-241-2/+2
| | | | | | | | | | valid_utf8() takes only one argument, so the false was probably meant to be valid_xml_cdata(text, attribute=false)
| * mod_s2s: Fix copypaste mistake in b3ae48362f78Kim Alvefur2020-12-161-1/+1
| | | | | | | | | | Directly sending something over s2s needs to use sends2s() but the code copied from mod_c2s had .send()
| * MUC: Fix logic bug causing unnecessary presence to be sent, fixes #1615 ↵Matthew Wild2020-12-151-2/+2
| | | | | | | | (thanks damencho)
| * mod_s2s: Prevent whitespace keepalives the stream has been openedKim Alvefur2020-12-101-1/+4
| | | | | | | | | | | | | | | | | | This will result in the stream timing out instead, which is probably correct if the stream has not been opened yet. This was already done for c2s in e69df8093387 Thanks Ge0rG
| * mod_saslauth: Only advertise channel binding if a finished message is availableKim Alvefur2020-11-231-1/+1
| | | | | | | | In some cases this method returns nothing, unclear why.
| * mod_saslauth: Disable 'tls-unique' channel binding with TLS 1.3 (closes #1542)Kim Alvefur2020-11-231-1/+4
| | | | | | | | | | | | | | | | The 'tls-unique' channel binding is undefined in TLS 1.3 according to a single sentence in parenthesis in Apendix C of RFC 8446 This may trigger downgrade protection in clients that were expecting channel binding to be available.
| * util.promise: Use xpcall() for promise function to preserve tracebacksMatthew Wild2020-11-231-1/+1
| |
| * util.stanza: Reject ASCII control characters (fixes #1606)Kim Alvefur2020-11-112-1/+10
| |
| * mod_pubsub: Fix notification stanza type setting (fixes #1605)Kim Alvefur2020-11-061-1/+1
| |
| * mod_pubsub: Lower priority of default <body> generatorKim Alvefur2020-11-051-1/+1
| | | | | | | | | | | | | | in order to avoid conflict with a handler at the default (0) priority, making it easier to write your own formatting in plugins. this follows the common pattern of default modules having lower priority
| * util.dbuffer: Optimize :sub() and :byte()Matthew Wild2020-10-281-4/+26
| |
| * util.debug: Fix locals being reported under wrong stack frame in some cases ↵Matthew Wild2020-10-162-1/+94
| | | | | | | | (+tests!!)
| * Back out changeset 2c1583bb0e0fKim Alvefur2020-10-151-0/+4
| | | | | | | | Same reason as 712b2e6a09d9
| * Back out 6dde2c9fa272: Doesn't work on Lua 5.1Kim Alvefur2020-10-151-13/+6
| |
| * util.strbitop: Remove redundant init functionKim Alvefur2020-10-151-4/+0
| | | | | | | | | | When you have 3 almost identical functions, you tend to edit one and then copypaste. Forgot to remove this line from the other two.
| * util.strbitop: Create buffer in the correct size (optimization)Kim Alvefur2020-10-151-6/+13
| | | | | | | | | | This avoids dynamically growing the buffer as Lua does when luaL_addchar is used, thus saving on realloc calls.
| * util.strbitop: Add tests covering basicsKim Alvefur2020-10-151-0/+41
| | | | | | | | Also as docs
| * util.strbitop: Reformat codeKim Alvefur2020-10-151-9/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | astyle \ --indent=tab \ --attach-classes \ --indent-switches \ --break-blocks \ --pad-oper \ --unpad-paren \ --add-braces \ --align-pointer=name \ --lineend=linux \ *.c
| * net.websocket.frames: Add test for empty frame with MASK and key setMatthew Wild2020-10-151-0/+10
| |
| * net.websocket.frames: Use C string XOR implementationKim Alvefur2020-10-142-24/+8
| |
| * util.strbitop: Library for bitwise operations on stringsKim Alvefur2019-09-073-2/+93
| |
| * net.websocket.frames: Add small test covering xor-maskingKim Alvefur2020-10-141-0/+13
| | | | | | | | This is basically a recording of current behavior, to detect changes.
| * net.http.server: Don't send Content-Length on 1xx/204 responses, per RFC ↵Matthew Wild2020-10-131-1/+4
| | | | | | | | (fixes #1596)
| * net.websocket.frames: Read buffer length correctly in Lua 5.1 (fix #1598)Kim Alvefur2020-10-121-3/+3
| | | | | | | | | | | | | | COMPAT: The __len metamethod does not work with tables in Lua 5.1. Both strings and util.dbuffer now expose their length as a :len() method.
| * util.dbuffer: Expose length as :len() method, like stringsKim Alvefur2020-10-122-0/+2
| | | | | | | | Ref #1598
| * MUC: Preserve disco 'node' attribute (or lack thereof) in response (fix ↵Kim Alvefur2020-10-071-2/+2
| | | | | | | | #1595) (thanks lessthan3)
| * util.dependencies: Check for bitop library same way as net.websocket.frames ↵Kim Alvefur2020-10-051-1/+1
| | | | | | | | (fixes #1594)
| * MUC: Correct advertising of subject write access (really fixes #1155)Kim Alvefur2020-10-041-2/+2
| | | | | | | | | | | | | | | | | | | | Thanks pep. and lovetox XEP-0045 §6.4: > any field defined for the muc\#roomconfig FORM_TYPE can be included in > the extended service discovery fields Probably happened because the same mistake is in #1155
| * mod_bosh: Ensure that stream is directed to a VirtualHost (fixes #425)Kim Alvefur2020-10-031-0/+16
| |
| * mod_bosh: Pick out the 'wait' before checking it instead of earlierKim Alvefur2020-10-031-1/+2
| | | | | | | | | | Going to add more host related checks, so to keep the wait variable closer to the related checks
| * Added tag 0.11.7 for changeset ece430d49809Matthew Wild2020-10-010-0/+0
| |