aboutsummaryrefslogtreecommitdiffstats
path: root/core
Commit message (Collapse)AuthorAgeFilesLines
* core.stanza_router: Handle s2s in more direction-agnostic wayKim Alvefur2019-09-071-2/+2
|
* core.s2smanager: Add map of names authenticate for remote on s2sout for ↵Kim Alvefur2019-09-071-0/+1
| | | | | | parity with s2sin Making s2sin and -out look more alike in preparation for bidi support
* core.s2smanager: Add [direction] boolean flags to s2s connectionsKim Alvefur2019-09-071-0/+2
| | | | This will allow representing connections that go both directions
* core.certmanager: Lower severity for tls config not having certKim Alvefur2019-09-071-2/+4
| | | | | | | This is needed for SNI where certificates are in separate per-hostname contexts, not the main one. If there is a cert, it will still require a corresponding key.
* core.certmanager: Remove unused import [luacheck]Kim Alvefur2019-08-251-1/+0
|
* Remove COMPAT with temporary luasec forkKim Alvefur2019-08-251-7/+0
| | | | | The changes in the temporary fork were merged into mainline luasec ca 2013 and included in the 0.5 release in 2014.
* core.certmanager: Move EECDH ciphers before EDH in default cipherstringKim Alvefur2019-08-251-1/+1
| | | | | | | | | | | | | | | | | | The original intent of having kEDH before kEECDH was that if a `dhparam` file was specified, this would be interpreted as a preference by the admin for old and well-tested Diffie-Hellman key agreement over newer elliptic curve ones. Otherwise the faster elliptic curve ciphersuites would be preferred. This didn't really work as intended since this affects the ClientHello on outgoing s2s connections, leading to some servers using poorly configured kEDH. With Debian shipping OpenSSL settings that enforce a higher security level, this caused interoperability problems with servers that use DH params smaller than 2048 bits. E.g. jabber.org at the time of this writing has 1024 bit DH params. MattJ says > Curves have won, and OpenSSL is less weird about them now
* core.moduleapi: Restructure send_iq method for more atomic cleanupKim Alvefur2019-08-211-16/+23
| | | | | All cleanup in one spot instead of two, and at the end which fits with cleanup happening afterwards.
* core.moduleapi: Uppercase "IQ stanza" for consistencyKim Alvefur2019-08-211-1/+1
| | | | It's written like that elsewhere in the send_iq method
* core.portmanager: Remove unused local [luacheck]Kim Alvefur2019-07-301-1/+1
|
* core.portmanager: Remove tostring call from loggingKim Alvefur2019-07-301-1/+1
| | | | Taken care of by loggingmanager now
* core.sessionmanager: Remove tostring call from loggingKim Alvefur2019-07-301-3/+3
| | | | Taken care of by loggingmanager now
* core.stanza_router: Remove tostring call from loggingKim Alvefur2019-07-301-1/+1
| | | | Taken care of by loggingmanager now
* core.s2smanager: Rewrite log line to use formatting instead of concatenationKim Alvefur2019-07-301-5/+3
| | | | | Makes it more in line with logging elsewhere. Potentially avoids or at least delays creation of new string.
* core.s2smanager: Remove use of tostring in loggingKim Alvefur2019-07-291-2/+2
| | | | This is now performed by loggingmanager
* core/sessionmanager: Remove unnecessary fallback in make_authenticatedMaxime “pep” Buquet2019-06-011-1/+1
|
* Merge 0.11->trunkKim Alvefur2019-04-241-1/+1
|\
| * core.portmanager: Log debug message for each kind of TLS context createdKim Alvefur2019-04-231-0/+1
| |
* | core.s2smanager: Fix previous commit (Thanks Martin)Kim Alvefur2019-03-301-1/+1
| |
* | core.sessionmanager: Use util.session to create sessionsKim Alvefur2019-03-291-1/+7
| |
* | core.s2smanager: Use util.session to create sessionsKim Alvefur2019-03-291-17/+15
| |
* | core.s2smanager: Spread out session tables over multiple linesKim Alvefur2019-03-291-3/+14
| | | | | | | | Improves readability
* | core.s2smanager: Rename variable to be same in two functionsKim Alvefur2019-03-291-4/+4
| |
* | moduleapi: Log suppressed status priority and message when not overridingMatthew Wild2019-03-261-1/+1
| |
* | moduleapi: Remove overly-verbose debug logging on module status changeMatthew Wild2019-03-261-1/+0
| |
* | loggingmanager, mod_posix: Move syslog to core, fixes #541 (in a way)Matthew Wild2019-03-261-0/+19
| |
* | Backed out changeset 3eea63a68e0fMatthew Wild2019-03-261-20/+1
| | | | | | | | Commit included intended changes to loggingmanager
* | sessionmanager: Split byte-level sending into separate session.rawsendKim Alvefur2019-03-241-8/+14
| |
* | util.queue: Update :items() to consistently use private data directlyMatthew Wild2019-03-231-1/+20
| | | | | | | | | | It will perform better this way, and we were accessing private variables already within the iterator.
* | configmanager: Pass through warnings from included filesMatthew Wild2019-03-201-2/+7
| |
* | configmanager: Emit warning for duplicated config optionsMatthew Wild2019-03-201-0/+16
| |
* | configmanager: Add support for returning warningsMatthew Wild2019-03-201-2/+3
| |
* | modulemanager: Set module status on successful or failed module loadMatthew Wild2019-03-191-0/+5
| |
* | moduleapi: New API for modules to set a statusMatthew Wild2019-03-191-0/+31
| |
* | core.certmanager: Do not ask for client certificates by defaultKim Alvefur2019-03-101-1/+1
| | | | | | | | | | | | Since it's mostly only mod_s2s that needs to request client certificates it makes some sense to have mod_s2s ask for this, instead of having eg mod_http ask to disable it.
* | core.portmanager: Collect per-host certificates for SNIKim Alvefur2018-09-141-0/+41
| |
* | core.portmanager: Record TLS config for each portKim Alvefur2018-10-101-2/+4
| |
* | core.portmanager: Reduce scope of variableKim Alvefur2018-10-101-2/+2
| | | | | | | | | | Not sure why it was all the way out there, seems like there would have been unexpected behaviour from that
* | core.portmanager: Use server.listen APIKim Alvefur2018-09-131-1/+5
| |
* | core.statsmanager: Do a final collection on shutdownKim Alvefur2019-01-221-0/+1
| |
* | core.s2smanager: Add stub reset_stream method to destroyed sessionsKim Alvefur2019-01-161-0/+3
| | | | | | | | Fixes traceback if connection is closed from the 's2s-authenticated' event
* | core.moduleapi: Use convenience function for creating error object from stanzaKim Alvefur2018-12-301-3/+1
| |
* | core.moduleapi: Use util.error for :send_iq errorsKim Alvefur2018-12-301-5/+21
| |
* | core.moduleapi: Move util imports to topKim Alvefur2018-12-301-2/+4
| |
* | core.moduleapi: Add a promise-based API for tracking IQ stanzas (fixes #714)Kim Alvefur2018-12-281-0/+65
| |
* | core.rostermanager: Cache rosters of offline users for faster access (fixes ↵Kim Alvefur2018-12-161-0/+22
| | | | | | | | #1233)
* | moduleapi: Use pack from util.tableKim Alvefur2018-12-081-1/+1
| |
* | rostermanager, mod_presence: Store stanza for incoming subscription requests ↵Matthew Wild2018-12-011-3/+3
|/ | | | (fixes #689) (thanks Zash, Ge0rG)
* modulemanager: Fix issues introduced in previous commit acf74ad0b795 [thanks ↵Matthew Wild2018-10-261-7/+4
| | | | luacheck, scansion]
* Many things: switch from hacky multi-arg xpcall implementations to a ↵Matthew Wild2018-10-261-7/+2
| | | | standard util.xpcall