aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* mod_http_files: Santize the path relative to our base URL before translating ↵Matthew Wild2016-01-071-1/+33
| | | | it to a filesystem path, fixes a relative path traversal vulnerability
* util.uuid: Use /dev/urandomKim Alvefur2016-01-061-27/+16
|
* net.dns: Allow a zone id in resolv.conf (eg like %eth0)Kim Alvefur2016-01-041-1/+1
|
* util.ip: Support zone id syntax in IPv6 addressesKim Alvefur2016-01-041-1/+5
|
* net.dns: Support IPv6 addresses in resolv.conf [Backported from 0.10]Florian Zeitz2013-06-181-6/+13
|
* util.ip: Fix protocol detection of IPv6 addresses beginning with : ↵Matthew Wild2013-05-181-2/+4
| | | | [Backported from 0.10]
* util.ip: Automatically determine protocol of IP address if none specified. ↵Matthew Wild2013-05-171-1/+9
| | | | Return error if invalid. [Backported from 0.10]
* tests/test.lua: Fix fake module() function to prevent _M from being _G ↵Matthew Wild2016-01-061-1/+4
| | | | (test.lua's environment), which caused modules to break the sandbox when they set _M.*
* certs/Makefile: Run key generation with a stricter umask (fixes a race ↵Kim Alvefur2015-12-231-2/+2
| | | | condition)
* mod_admin_telnet: Backport 06696882d972 from 0.10 (this command greatly ↵Matthew Wild2015-12-221-0/+27
| | | | helps with debugging HTTP issues)
* MUC: Fix incorrect nesting of status codes when room config changes (fixes #579)Matthew Wild2015-12-161-1/+2
|
* util.uuid: Remove unused importKim Alvefur2015-12-081-1/+0
|
* muc.lib: Fix pattern so that it doesn't match hashes containing null bytes, ↵Matthew Wild2015-11-171-1/+1
| | | | causing dropped stanzas (thanks Jitsi folk!)
* cert/openssl.cnf: Split CSR and self-signed extensions into separate ↵Kim Alvefur2015-11-091-4/+10
| | | | sections (see d2d7ad2563f9)
* Makefile: Use more specific globbing for core directory in Makefile (Thanks ↵Kim Alvefur2015-10-141-1/+1
| | | | Robert Scheck) (fixes #532)
* util.openssl: Separate extension sections into one for self-signed certs and ↵Kim Alvefur2015-10-111-3/+7
| | | | one for requests
* mod_http_files: Translate forward slashes to local directory separatorsKim Alvefur2015-09-261-1/+1
|
* mod_http_files: Strip trailing directory separator regardless of ↵Kim Alvefur2015-09-261-1/+1
| | | | directionality of the slash (fixes #545)
* xep227toprosody: Pass parser to callbacks (needed since addition of stanza ↵Kim Alvefur2015-09-181-3/+3
| | | | size limits)
* mod_pep: Don't store contacts' subscriptions to a user's nodes when that ↵Matthew Wild2015-09-251-0/+12
| | | | user is offline
* mod_pep: Document data structures, so I don't have to spend time remembering ↵Matthew Wild2015-09-041-0/+4
| | | | every time I work on this module
* net.dns: Unconditionally cache records found in answersMatthew Wild2015-05-251-3/+1
|
* ejabberd2prosody: Support password stored as SCRAM hashesKim Alvefur2015-08-201-1/+16
|
* mod_component: Fire an event on successful component authentication (For Goffi)Kim Alvefur2015-08-101-0/+1
|
* MUC: Prevent admins from being given affiliatons other than ownerKim Alvefur2015-06-251-1/+1
|
* Backed out changeset bea3862b6bde in favor of a different approachKim Alvefur2015-06-251-0/+5
|
* MUC: Remove half of monkeypatch that was supposed to make admins always be ↵Kim Alvefur2015-06-161-5/+0
| | | | room owners, fixes #458
* s2smanager: Make sure destroyed sessions have a sends2s methodKim Alvefur2015-05-141-0/+1
|
* mod_s2s: Mark stream as opened directly after opening stream, prevents ↵Kim Alvefur2015-05-131-1/+1
| | | | session.close opening it again
* mod_s2s: Don't cache session.sends2s (or do it later), prevents sending data ↵Kim Alvefur2015-05-131-4/+3
| | | | after session was closed
* mod_s2s/s2sout: Use the local address assigned to UDP sockets instead of ↵Kim Alvefur2015-05-131-22/+24
| | | | util.net to enumerate possible source addresses
* util.datamanager: Fix traceback from trying to purge when storage is empty ↵Kim Alvefur2015-05-131-1/+5
| | | | or otherwise unaccessible (fixes #496)
* mod_s2s/s2sout: Remove now unused config option dns_max_depthKim Alvefur2015-05-131-1/+0
|
* net.dns: Make sure argument to math.randomseed does not overflow a 32 bit ↵Kim Alvefur2015-04-261-1/+1
| | | | *signed* int (blame Lua). Closes #439
* util.datamanager: Fix traceback due to %s in log messageKim Alvefur2015-04-031-1/+1
|
* net.dns, mod_s2s: Add chasing of CNAMEs to net.dns and remove it from mod_s2sKim Alvefur2015-04-242-15/+8
|
* Tagging 0.9.8Matthew Wild2015-03-240-0/+0
|
* mod_s2s: to/from attributes are required on s2s stream headers. Set them to ↵Matthew Wild2015-03-241-1/+1
| | | | '' when not available. Fixes #468.
* sessionmanager: Return 'not-allowed' error instead of the non-existent ↵Matthew Wild2015-03-241-1/+1
| | | | 'already-bound' error when client tries to bind a resource twice on the same stream (thanks Flow) fixes issue #484.
* mod_http: Return a static string from module:http_url() when no ports are ↵Kim Alvefur2015-03-231-0/+2
| | | | enabled and log a warning
* mod_http: Log a debug message when adding new http apps and warn if no http ↵Kim Alvefur2015-03-231-0/+6
| | | | ports are enabled
* Backout 7726b627c3eaKim Alvefur2015-03-231-1/+0
|
* utf8_sequences.txt: OopsMatthew Wild2015-03-231-1/+1
|
* tests: Add UTF-8 validity testsMatthew Wild2015-03-233-0/+72
|
* Merge with ZashMatthew Wild2015-03-232-1/+2
|\
| * mod_http: Log event name when adding a HTTP app's hooksMatthew Wild2015-03-141-0/+1
| |
| * net.http.server: Log event name when firing a request eventMatthew Wild2015-03-141-1/+1
| |
* | util.encodings: Expose UTF-8 validation and length checking functionsKim Alvefur2015-03-231-0/+28
| |
* | util.encodings: Perform validation of UTF-8 strings before passing to libidn ↵Kim Alvefur2015-03-231-3/+67
|/ | | | (Based on code from the utf8 library in Lua 5.3)
* configure: Fix for commit cd0088c73daf - update LIBDIR if --prefix is set ↵Matthew Wild2015-02-241-0/+6
| | | | and --libdir isn't (thanks Medics)