| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
| |
| |
| |
| |
| |
| | |
See https://www.ietf.org/blog/finalizing-ietf-tools-transition/
Already done in various other places.
|
| |
| |
| |
| | |
This 'config' argument was removed without explanation in d8dbf569766c
|
| |
| |
| |
| |
| |
| |
| | |
This field can be viewed using s2s:show(nil, "... starttls") even
without any special support in mod_admin_shell, which can be added later
to make it nicer. One can then assume that a TLS connection with an
empty / nil starttls field means Direct TLS.
|
| |
| |
| |
| |
| |
| |
| | |
This makes explicit which lookups can accept an unsigned response.
Insecure (unsigned, as before DNSSEC) A and AAAA records can be used as
security would come from TLS, but an insecure TLSA record is worthless.
|
|\| |
|
| |
| |
| |
| |
| |
| |
| | |
The ORDER BY and LIMIT clauses are not needed and don't even make much
sense. This part was most likely a leftover from the :find method.
Tested with sqlite and postgres 14
|
| |
| |
| |
| |
| | |
Passes with memory, internal, sqlite
Fails with postgres as in #1766
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
It is time. Most community modules should have been adjusted to work
with the new (net.http.files) way.
At some point this usage should be prevented.
Related to #1765
|
| |
| |
| |
| |
| | |
The last missing piece of #1760, otherwise SCRAM-SHA-*-PLUS is not
actually advertised.
|
|\| |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This is happens if the account is new and doesn't have any bookmarks
yet, which is not a problem.
Rarely seen since most clients currently use the older version of
XEP-0084 stored in XEP-0049 rather than in PEP, but at least one
(Converse.js )does.
One scenario in which this would show up often is with Converse.js as a
guest chat using anonymous authentication, where all "accounts" would
always be new and not have any bookmarks. This scenario probably does
not need to have mod_bookmarks at all, but if enabled globally it would
likely become loaded onto the VirtualHost unless explicitly disabled.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
There's no 'prosody.prosodyctl' property other than this one, introduced
in 6216743c188c in 2015.
Guessing that the intent was to skip this when running as a prosodyctl
command. The module.command code does its own version of this
initialization, so this seems likely.
Thanks raja for noticing
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Brings back SCRAM-SHA-*-PLUS from its hiatus brought on by the earlier
channel binding method being undefined for TLS 1.3, and the increasing
deployment of TLS 1.3.
See 1bfd238e05ad and #1542
Requires future version of LuaSec, once support for this key material
export method is merged.
See https://github.com/brunoos/luasec/pull/187
|
| |
| |
| |
| |
| |
| |
| | |
Probably a duplicate of the comment next to Lmove, recorded by mistake
Lpack can probably be removed at some point in the near future once we
are confident it is not used anywhere.
|
| |
| |
| |
| |
| | |
Added in d278a770eddc avoid having to deal with its absence in Lua 5.1.
No longer needed when Lua 5.1 support is dropped.
|
| | |
|
|\| |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Normally with bidi, any outgoing connection should be the same as the
incoming, hence when closing a bidi connection it should be removed as a
route to the remote server. However it is not guaranteed, a remote bidi-capable server
might have decided to open a new connection for some reason. This can
lead to a situation where there are two bidi connections, and the s2sout
route is a locally initiated s2sout connection. In this case, such a
s2sout connection should be kept.
Noticed in a rare case where bidi has just been enabled on a running
server, and something establishes new connections immediately when a
connection is closed.
|
| |
| |
| |
| | |
Requires luacheck 0.25.0
|
|\| |
|
| | |
|
|\| |
|
| | |
|
|\| |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The JSON Schema specification says that schemas are objects or booleans,
and that the 'type' property is optional and can be an array.
This module previously allowed bare type names as schemas and did not
really handle booleans.
It now handles missing 'type' properties and boolean 'true' as a schema.
Objects and arrays are guessed based on the presence of 'properties' or
'items' field.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
MattJ reported a curious issue where validation did not work as
expected. Primarily that the "type" field was expected to be mandatory,
and thus leaving it out would result in no checks being performed.
This was likely caused by misreading during initial development.
Spent some time testing against
https://github.com/json-schema-org/JSON-Schema-Test-Suite.git and
discovered a multitude of issues, far too many to bother splitting into
separate commits.
More than half of them fail. Many because of features not implemented,
which have been marked NYI. For example, some require deep comparisons
e.g. when objects or arrays are present in enums fields.
Some because of quirks with how Lua differs from JavaScript, e.g. no
distinct array or object types. Tests involving fractional floating
point numbers. We're definitely not going to follow references to remote
resources. Or deal with UTF-16 sillyness. One test asserted that 1.0 is
an integer, where Lua 5.3+ will disagree.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Prevents attempting to load libraries that may no longer be found and
crashing with a traceback.
Platforms like Debian where multiple Lua versions can be installed at
the same time and 'lua' pointing to one of the installed interpreters
via symlinks, there's the possibility that prosody/prosodyctl may be
invoked with Lua 5.1, which will no longer have any of the rest of
Prosody libraries available to be require(), and thus would immediately
fail with an unfriendly traceback.
Checking and aborting early with a friendlier message and reference to
more information is better.
Part of #1600
|
| | |
|
| |
| |
| |
| |
| |
| | |
Part of #1600
Is this module even needed anymore?
|
| |
| |
| |
| | |
Part of #1600
|
| |
| |
| |
| | |
Part of #1600
|
| |
| |
| |
| | |
Part of #1600
|
| | |
|
| |
| |
| |
| | |
Part of #1600
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Reverts some of 1e41dd0f8353
Seems HMAC() isn't deprecated after all? Must have been at some point
according to #1589
Twice as fast for some reason.
|
| | |
|
| |
| |
| |
| | |
Unused since 9f1c5ae8d70b
|
| |
| |
| |
| | |
With luck, might contain more details than just "failed"
|
| | |
|
| | |
|
| | |
|
| |
| |
| |
| | |
For completeness and consistency with set of plain hash functions
|
| |
| |
| |
| |
| |
| |
| | |
HMAC() is deprecated
As with the regular hash functions, macros like this make it awkward to
apply static analysis and code formatting.
|
| |
| |
| |
| |
| |
| |
| | |
MD5() is deprecated, but EVP_md5() is not.
Functions in macros like this make it awkward to apply static analysis
and code formatting.
|
|\| |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
(fixes #1763) (thanks rgd)
add_defaults() is supposed to merge 3 tables, the defaults in
luaunbound, the defaults from prosody and any config from the prosody
config file. In the case where no `unbound={}` has been in the config,
it skips over the merge and returns only the prosody built-in defaults.
This results in libunbound skipping reading resolv.conf and uses its
default behavior of full recursive resolution.
Prior to #1737 there were only two tables, the luaunbound defaults and
the prosody config, where bypassing the merge and returning the former
did the right thing.
|
| | |
|
| |
| |
| |
| |
| | |
This was slightly inaccurate since 6e1af07921d1 because the conditions
are more complicated now.
|