Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | core.stanza_router: Handle s2s in more direction-agnostic way | Kim Alvefur | 2019-09-07 | 1 | -2/+2 |
| | |||||
* | core.s2smanager: Add map of names authenticate for remote on s2sout for ↵ | Kim Alvefur | 2019-09-07 | 1 | -0/+1 |
| | | | | | | parity with s2sin Making s2sin and -out look more alike in preparation for bidi support | ||||
* | core.s2smanager: Add [direction] boolean flags to s2s connections | Kim Alvefur | 2019-09-07 | 1 | -0/+2 |
| | | | | This will allow representing connections that go both directions | ||||
* | core.certmanager: Lower severity for tls config not having cert | Kim Alvefur | 2019-09-07 | 1 | -2/+4 |
| | | | | | | | This is needed for SNI where certificates are in separate per-hostname contexts, not the main one. If there is a cert, it will still require a corresponding key. | ||||
* | core.certmanager: Remove unused import [luacheck] | Kim Alvefur | 2019-08-25 | 1 | -1/+0 |
| | |||||
* | Remove COMPAT with temporary luasec fork | Kim Alvefur | 2019-08-25 | 1 | -7/+0 |
| | | | | | The changes in the temporary fork were merged into mainline luasec ca 2013 and included in the 0.5 release in 2014. | ||||
* | core.certmanager: Move EECDH ciphers before EDH in default cipherstring | Kim Alvefur | 2019-08-25 | 1 | -1/+1 |
| | | | | | | | | | | | | | | | | | | The original intent of having kEDH before kEECDH was that if a `dhparam` file was specified, this would be interpreted as a preference by the admin for old and well-tested Diffie-Hellman key agreement over newer elliptic curve ones. Otherwise the faster elliptic curve ciphersuites would be preferred. This didn't really work as intended since this affects the ClientHello on outgoing s2s connections, leading to some servers using poorly configured kEDH. With Debian shipping OpenSSL settings that enforce a higher security level, this caused interoperability problems with servers that use DH params smaller than 2048 bits. E.g. jabber.org at the time of this writing has 1024 bit DH params. MattJ says > Curves have won, and OpenSSL is less weird about them now | ||||
* | core.moduleapi: Restructure send_iq method for more atomic cleanup | Kim Alvefur | 2019-08-21 | 1 | -16/+23 |
| | | | | | All cleanup in one spot instead of two, and at the end which fits with cleanup happening afterwards. | ||||
* | core.moduleapi: Uppercase "IQ stanza" for consistency | Kim Alvefur | 2019-08-21 | 1 | -1/+1 |
| | | | | It's written like that elsewhere in the send_iq method | ||||
* | core.portmanager: Remove unused local [luacheck] | Kim Alvefur | 2019-07-30 | 1 | -1/+1 |
| | |||||
* | core.portmanager: Remove tostring call from logging | Kim Alvefur | 2019-07-30 | 1 | -1/+1 |
| | | | | Taken care of by loggingmanager now | ||||
* | core.sessionmanager: Remove tostring call from logging | Kim Alvefur | 2019-07-30 | 1 | -3/+3 |
| | | | | Taken care of by loggingmanager now | ||||
* | core.stanza_router: Remove tostring call from logging | Kim Alvefur | 2019-07-30 | 1 | -1/+1 |
| | | | | Taken care of by loggingmanager now | ||||
* | core.s2smanager: Rewrite log line to use formatting instead of concatenation | Kim Alvefur | 2019-07-30 | 1 | -5/+3 |
| | | | | | Makes it more in line with logging elsewhere. Potentially avoids or at least delays creation of new string. | ||||
* | core.s2smanager: Remove use of tostring in logging | Kim Alvefur | 2019-07-29 | 1 | -2/+2 |
| | | | | This is now performed by loggingmanager | ||||
* | core/sessionmanager: Remove unnecessary fallback in make_authenticated | Maxime “pep” Buquet | 2019-06-01 | 1 | -1/+1 |
| | |||||
* | Merge 0.11->trunk | Kim Alvefur | 2019-04-24 | 1 | -1/+1 |
|\ | |||||
| * | core.portmanager: Log debug message for each kind of TLS context created | Kim Alvefur | 2019-04-23 | 1 | -0/+1 |
| | | |||||
* | | core.s2smanager: Fix previous commit (Thanks Martin) | Kim Alvefur | 2019-03-30 | 1 | -1/+1 |
| | | |||||
* | | core.sessionmanager: Use util.session to create sessions | Kim Alvefur | 2019-03-29 | 1 | -1/+7 |
| | | |||||
* | | core.s2smanager: Use util.session to create sessions | Kim Alvefur | 2019-03-29 | 1 | -17/+15 |
| | | |||||
* | | core.s2smanager: Spread out session tables over multiple lines | Kim Alvefur | 2019-03-29 | 1 | -3/+14 |
| | | | | | | | | Improves readability | ||||
* | | core.s2smanager: Rename variable to be same in two functions | Kim Alvefur | 2019-03-29 | 1 | -4/+4 |
| | | |||||
* | | moduleapi: Log suppressed status priority and message when not overriding | Matthew Wild | 2019-03-26 | 1 | -1/+1 |
| | | |||||
* | | moduleapi: Remove overly-verbose debug logging on module status change | Matthew Wild | 2019-03-26 | 1 | -1/+0 |
| | | |||||
* | | loggingmanager, mod_posix: Move syslog to core, fixes #541 (in a way) | Matthew Wild | 2019-03-26 | 1 | -0/+19 |
| | | |||||
* | | Backed out changeset 3eea63a68e0f | Matthew Wild | 2019-03-26 | 1 | -20/+1 |
| | | | | | | | | Commit included intended changes to loggingmanager | ||||
* | | sessionmanager: Split byte-level sending into separate session.rawsend | Kim Alvefur | 2019-03-24 | 1 | -8/+14 |
| | | |||||
* | | util.queue: Update :items() to consistently use private data directly | Matthew Wild | 2019-03-23 | 1 | -1/+20 |
| | | | | | | | | | | It will perform better this way, and we were accessing private variables already within the iterator. | ||||
* | | configmanager: Pass through warnings from included files | Matthew Wild | 2019-03-20 | 1 | -2/+7 |
| | | |||||
* | | configmanager: Emit warning for duplicated config options | Matthew Wild | 2019-03-20 | 1 | -0/+16 |
| | | |||||
* | | configmanager: Add support for returning warnings | Matthew Wild | 2019-03-20 | 1 | -2/+3 |
| | | |||||
* | | modulemanager: Set module status on successful or failed module load | Matthew Wild | 2019-03-19 | 1 | -0/+5 |
| | | |||||
* | | moduleapi: New API for modules to set a status | Matthew Wild | 2019-03-19 | 1 | -0/+31 |
| | | |||||
* | | core.certmanager: Do not ask for client certificates by default | Kim Alvefur | 2019-03-10 | 1 | -1/+1 |
| | | | | | | | | | | | | Since it's mostly only mod_s2s that needs to request client certificates it makes some sense to have mod_s2s ask for this, instead of having eg mod_http ask to disable it. | ||||
* | | core.portmanager: Collect per-host certificates for SNI | Kim Alvefur | 2018-09-14 | 1 | -0/+41 |
| | | |||||
* | | core.portmanager: Record TLS config for each port | Kim Alvefur | 2018-10-10 | 1 | -2/+4 |
| | | |||||
* | | core.portmanager: Reduce scope of variable | Kim Alvefur | 2018-10-10 | 1 | -2/+2 |
| | | | | | | | | | | Not sure why it was all the way out there, seems like there would have been unexpected behaviour from that | ||||
* | | core.portmanager: Use server.listen API | Kim Alvefur | 2018-09-13 | 1 | -1/+5 |
| | | |||||
* | | core.statsmanager: Do a final collection on shutdown | Kim Alvefur | 2019-01-22 | 1 | -0/+1 |
| | | |||||
* | | core.s2smanager: Add stub reset_stream method to destroyed sessions | Kim Alvefur | 2019-01-16 | 1 | -0/+3 |
| | | | | | | | | Fixes traceback if connection is closed from the 's2s-authenticated' event | ||||
* | | core.moduleapi: Use convenience function for creating error object from stanza | Kim Alvefur | 2018-12-30 | 1 | -3/+1 |
| | | |||||
* | | core.moduleapi: Use util.error for :send_iq errors | Kim Alvefur | 2018-12-30 | 1 | -5/+21 |
| | | |||||
* | | core.moduleapi: Move util imports to top | Kim Alvefur | 2018-12-30 | 1 | -2/+4 |
| | | |||||
* | | core.moduleapi: Add a promise-based API for tracking IQ stanzas (fixes #714) | Kim Alvefur | 2018-12-28 | 1 | -0/+65 |
| | | |||||
* | | core.rostermanager: Cache rosters of offline users for faster access (fixes ↵ | Kim Alvefur | 2018-12-16 | 1 | -0/+22 |
| | | | | | | | | #1233) | ||||
* | | moduleapi: Use pack from util.table | Kim Alvefur | 2018-12-08 | 1 | -1/+1 |
| | | |||||
* | | rostermanager, mod_presence: Store stanza for incoming subscription requests ↵ | Matthew Wild | 2018-12-01 | 1 | -3/+3 |
|/ | | | | (fixes #689) (thanks Zash, Ge0rG) | ||||
* | modulemanager: Fix issues introduced in previous commit acf74ad0b795 [thanks ↵ | Matthew Wild | 2018-10-26 | 1 | -7/+4 |
| | | | | luacheck, scansion] | ||||
* | Many things: switch from hacky multi-arg xpcall implementations to a ↵ | Matthew Wild | 2018-10-26 | 1 | -7/+2 |
| | | | | standard util.xpcall |