| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
| |
Allows creating listening sockets and accepting client connections
before Prosody starts.
This is unlike normal Prosody dynamic resource management, where ports
may added and removed at any time, and the ports defined by the config.
Weird things happen if these are closed (e.g. due to reload) so here we
prevent closing and ensure sockets are reused when opened again.
|
|
|
|
|
|
|
| |
Allows e.g. restricting your vcard4 to only family or similar.
Notes: This does not include roster groups in the configuration form,
so the client will have to get them from the actual roster.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This lets Prosody report its lifecycle status to systemd, so it knows
when Prosody has completed its startup, when it's reloading and shutting
down.
Both Type=notify and Type=notify-reload is supported
Example systemd .service configuration snippet:
[Service]
Type=notify
|
|
|
|
|
|
|
|
| |
It was mainly used to determine whether to try IPv6 or IPv4 first,
following the rules for this in the RFC.
Now we always try IPv6 and IPv4 at roughly the same time, thus there no
need to carry these rules.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This merges the mod_s2s_smacks_timeout behavior from prosody-modules
This event is fired by mod_smacks when the connection has not responded
to an ack-request for a period of time defaulting to 30 seconds,
indicating that the connection has become stuck or non-responsive.
Closing it prevents routing further messages via this connection and
frees resources. A stuck connection may otherwise remain until for a
time determined by the OS TCP subsystem, which can be quite long.
|
|
|
|
|
| |
Complements the DANE support for outgoing connections included in
net.connect
|
|
|
|
| |
Requested feature for many modules, notably MAM and file sharing.
|
| |
|
|
|
|
|
|
|
|
|
| |
Behavior change: It becomes up to the authorization module whether to
allow requests. The default, mod_authz_internal, will allow users on the
*parent* host only, breaking use by some components.
Remaining question is whether to deprecate the `http_file_share_access`
setting or leave as a way to complement/bypass access control?
|
|
|
|
|
|
|
| |
Many options in Prosody that are treated as numbers don't make sense as
floats, e.g. sizes and limits measured in bytes.
Simplified implementation based on an earlier attempt dating back to 2020
|
|
|
|
|
| |
E.g. for use in mod_mam and others that take an amount of time before
some (usually cleanup) action is taken.
|
| |
|
|
|
|
| |
For when a setting has a few fixed values it can take
|
| |
|
|
|
|
|
|
| |
Specifically the index and more efficient delete.
These are however still in need of testing.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Supporting both methods at the same time may open to spoofing attacks,
whereby a client sends a Forwarded header that is not stripped by a
reverse proxy, leading Prosody to use that instead of the X-Forwarded-*
headers actually sent by the proxy.
By only supporting one at a time, it can be configured to match what the
proxy uses.
Disabled by default since implementations are sparse and X-Forwarded-*
are everywhere.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Prefer over X-Forwarded-* since it has an actual specification.
Main practical difference is that Forwarded may carry more properties
than only the IP address since it is a structured header.
Since we parse it into an array, it is easier to do the logical thing
and iterate backwards trough proxies until an untrusted one is
encountered. Compare the handling of X-Forwarded-For.
The 'secure' field now accounts for the full chain of proxies, which
must be secure all the way to be considered secure.
|
| |
|
| |
|
| |
|
|
|
|
|
| |
Easier than going trough muc:room():each_affiliation() since you have to
do fiddly things to reach the print() function.
|
|
|
|
|
| |
Easier than going trough muc:room():each_occupant() since you have to do
fiddly things to reach the print() function.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
from mod_privacy
Tiny performance improvement for new users by skipping this check. Most
servers should have gone trough the migration for all active users long
ago.
As a suitable first step of phasing out this code, we make it possible
to disable it first. Later it can be disabled by default, before finally
the code is deleted.
|
| |
|
| |
|
|
|
|
| |
Deprecated even before Prosody even started, obsolete for over a decade.
|
|
|
|
|
|
| |
Lua since 5.3 raises a fuss when time functions are handed a number with
a fractional part and the underlying C functions are all based on
integer seconds without support for more precision.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Brings back SCRAM-SHA-*-PLUS from its hiatus brought on by the earlier
channel binding method being undefined for TLS 1.3, and the increasing
deployment of TLS 1.3.
See 1bfd238e05ad and #1542
Requires future version of LuaSec, once support for this key material
export method is merged.
See https://github.com/brunoos/luasec/pull/187
|
| |
|
|
|
|
|
| |
This is useful when there's more than one channel binding in
circulation, since perhaps there will be varying support for them.
|
|
|
|
|
|
|
|
|
|
| |
This is a Linux(?) socket option that delays the accept signal until
there is data available to read. E.g. with HTTP this might mean that a
whole request can be handled without going back trough another turn of
the main loop, and an initial client <stream> can be responded to.
This may have effects on latency and resource use, as the server does
not need to allocate resources until really needed.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Requires a patch to LuaSocket adding this socket option,
https://github.com/lunarmodules/luasocket/pull/378
sysctl tweaks
net.ipv4.tcp_fastopen=3
net.ipv4.tcp_fastopen_blackhole_timeout_sec = 0
net.ipv4.tcp_fastopen_key=$(</proc/sys/kernel/random/uuid)
Disabled by default since it an advanced performance tweak unlikely to
be needed by most servers.
|
| |
|
| |
|
| |
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
specified
The default config was updated in this way long ago, but if no option was
present in the config, Prosody would load internal_plain.
This change can result in changes (for the better) for people using very old
configuration files lacking an 'authentication' setting.
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
These options have been specified (and enabled) in the default config file for
a long time. However if unspecified in the config, they were not enabled. Now
they are.
This may result in a change of behaviour for people using very old config
files that lack the require_encryption options. But that's what we want.
|
|/
|
|
| |
Might be better than select(), more portable than epoll.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Makes it faster by cutting out the roundtrips involved in <starttls/>,
at the cost of making an additional SRV lookup.
Since we already ignore a missing <starttls/> offer and try anyway there
is not much difference in security. The fact that XMPP is used and the
hostnames involved might still be visible until the future Encrypted
ClientHello extension allows hiding those too.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since accessing this port directly over the wider Internet is unlikely
to intentional anymore. Most uses will likely be by reverse proxies, by
mistake or because of trouble configuring HTTPS.
Blocking mistaken uses is just a good thing, letting users send
potentially private things unencrypted tends to be Strongly Discouraged
these days.
Many reverse proxy setups operate over loopback, so listening there
instead of all interfaces is a net improvement.
Improved automatic certificate location and SNI support has mostly
eliminated the need for manual certificate configuration so HTTPS should
Just Work once certificates have been provided.
For local testing during development, connecting over loopback is likely
fine as well. When really needed, `http_interfaces` can still be set.
Suggested by Link Mauve
|
| |
|
| |
|
| |
|
| |
|