| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
Points out the beginning and end of a request.
|
| |
|
|
|
|
|
| |
Goal is improve tracking of individual HTTP requests throughout its
life-cycle. Having a single ID to use in logging should help here.
|
|
|
|
|
|
| |
If a grant does not have a role, we should not go and make one up.
While not very useful for XMPP if you can't even login, it may be useful
for OAuth2/OIDC.
|
|
|
|
|
| |
Such a session triggers errors in module:may or other places since it is
generally expected that a session must have a role.
|
|
|
|
|
|
|
|
|
| |
Since throwing a pile of 'access denied', even at debug level, seems
akin to calling wolf :)
Cutting down on debug noise is also good.
Passing a flag instead of using module:could seemed easier here.
|
|
|
|
| |
Caused by roles changing from table|nil to always table in c2616274bef7
|
|
|
|
|
|
|
|
|
|
| |
Closing the session invokes ondisconnect and session close logic,
including mod_smacks hibernation and the timer that destroys the session
after a timeout.
By closing the connection after it has been detached from the sessions
table it will no longer invoke the ondetach handler, which should
prevent the above problem.
|
| |
|
|
|
|
|
|
|
| |
The (still not published) XEP-xxxx: Stream Limits Advertisement uses the
element <max-bytes/> to advertise the maximum octet size of top level
stream elements. "size" was probably a leftover of an even earlier
version of the (Proto)XEP.
|
|\ |
|
| |
| |
| |
| | |
This timer shouldn't kick in in the middle of active mode.
|
| |
| |
| |
| |
| |
| | |
It should not be there afterwards. Noticed that it seems to fire some
time after resumption claiming that the queue size is nil, implying
that it may hold a reference to an expired session somehow.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Removes some dead code and hopefully simplifies a bit.
There's a tree of possibilities with the two tri-state status
properties, something like
chain:
* nil -- cert validation disabled?
* invalid -- something wrong with the chain (including ee cert)
* valid -- chain ok
cert:
* nil -- incomplete validation??
* invalid -- mismatched names or such
* valid -- all good!
|
| | |
|
| | |
|
| | |
|
| |
| |
| |
| |
| | |
Like 'pattern' but uses Lua patterns instead of Regular Expressions,
since only a subset of regex are also valid Lua patterns.
|
| |
| |
| |
| |
| |
| |
| |
| | |
'patternProperties'
Previous version of this patch used 'patternProperties' but that would
only work with simpler ECMA-262 regular expressions are also valid Lua
patterns.
|
| |
| |
| |
| |
| |
| | |
This doesn't fail because of additionalProperties, looks more like some
issue with recursive definitions and util.jsonpointer that I don't want
feel like investigating now.
|
| | |
|
| |
| |
| |
| | |
It's defined as an object mapping regex to schema, not a single schema
|
| |
| |
| |
| | |
Checks that it doesn't fail on a stanza without <error> tag
|
|\| |
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Error stanzas should have an <error> element, but if you pass a
stanza without one to util.error.from_stanza() it triggers an attempt to
index a nil value, which this patch avoids.
In the conditional, it should be safe to assume error_tag is non-nil
since condition can't have those values then.
|
| |
| |
| |
| |
| | |
Looks like autocomplete unhelpfully capitalized this word, but it's
lowercase where it is set in mod_s2s_auth_certs
|
| |
| |
| |
| |
| |
| | |
It is the other end who should request client certificates for these
connections, we only need to send ours. Hopefully this was treated as a
noop, so probably no harm in keeping it. But hey, spring cleaning? :)
|
| |
| |
| |
| |
| |
| | |
Was previously supposed to be conditionally advertised based on
availability of a module handling the actual optimizations, which was
removed in be9ac41f1619
|
| |
| |
| |
| |
| |
| | |
Fixes parsing of tokens that happen to have a `;` in their secret part,
otherwise it splits there and the later bit goes into the username and
hitting the "Invalid token in storage" condition.
|
| |
| |
| |
| |
| |
| |
| |
| | |
Some tokens, e.g. OAuth2 refresh tokens, might not have their lifetime
explicitly bounded here, but rather be bounded by the lifetime of
something else, like the OAuth2 client.
Open question: Would it be better to enforce a lifetime on all tokens?
|
| |
| |
| |
| | |
Consistency is nice.
|
| |
| |
| |
| | |
Applying this for s2s:close[all]() would also be nice.
|
| |
| |
| |
| |
| |
| |
| | |
This was meant to warn in case you had only mod_csi without a logic
handling module like mod_csi_simple by checking if anything hooked this
event, however mod_smacks also hooks this event and so this isn't really
a useful way of detecting this condition.
|
| |
| |
| |
| |
| |
| |
| |
| | |
a863e4237b91 unintentionally changed the format of HTTP CORS headers,
which were apparently relying on the output of tostring(), which it
shouldn't have.
Explicitly serializing it this time.
|
| |
| |
| |
| |
| |
| | |
Fixes that the more fixed width columns there are, the narrower the
resulting table becomes. A right-aligned variable-width column at the
last position should always be flush to the right side of the terminal.
|
| |
| |
| |
| |
| | |
Can happen if you resize the terminal too narrow that the space left for
variable width columns end up negative.
|
| | |
|
| |
| |
| |
| | |
This assumes you have community modules in ../modules as I do
|
| | |
|
| |
| |
| |
| | |
Dependencies--; \o/
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We had config:get() but not this.
> <MattJ> Yeah, why did we never implement that?
Handy if you want to quickly try out settings without reloading the
whole config.
|
| |
| |
| |
| |
| | |
E.g. if you want to show connections to/from a domain, including its
subdomains, this is handy.
|
| |
| |
| |
| |
| | |
Thanks timeless, your mere existence inspires us to improve our
spelling, tho this was more syntax.
|
|\| |
|
| |
| |
| |
| | |
This broke if the error message contained a format specified such as '%s'.
|
| |
| |
| |
| | |
A review of existing code suggests nothing will break. So, here we go...
|
| |
| |
| |
| |
| |
| | |
Updated by Zash, the original patch by Jonas had put the duration
parsing function in util.datetime but MattJ later did the same thing but
differently in f4d7fe919969
|
| |
| |
| |
| |
| |
| | |
Updated by Zash, the original patch by Jonas had put the duration
parsing function in util.datetime but MattJ later did the same thing but
differently in f4d7fe919969
|
| |
| |
| |
| |
| | |
Similar logic occurs throughout various modules in the codebase. We might even
want a module:get_option_duration()??
|
| |
| |
| |
| |
| |
| |
| |
| | |
Since prosodyctl shell with additional arguments assumes the first two
are a section:command() and any following arguments are strings, passing
a bare 'nil' is not possible. In order to avoid delving into this rabbit
hole, instead produce a token that alone is not really a legal JID for
use as wildcard.
|