aboutsummaryrefslogtreecommitdiffstats
path: root/core
Commit message (Collapse)AuthorAgeFilesLines
* Merge 0.12->trunkKim Alvefur2023-10-271-1/+4
|\
| * core.certmanager: Validate that 'tls_profile' is one of the valid valuesKim Alvefur2023-10-271-1/+4
| | | | | | | | A typo should not result in ending up with "legacy"
* | portmanager: Expose API to get at SSL/TLS config for a given interface/portMatthew Wild2022-09-071-0/+8
| |
* | core.storagemanager: Remove 0.10 era sql2 driver COMPATKim Alvefur2023-09-041-18/+2
| | | | | | | | | | | | | | | | Unlikely that anyone has had sql2 in their configs for a long time, so this serves little purpose. Leaving the indirection function in case some similar compat code is needed in the future.
* | core.portmanager: Join strings broken into multiple linesKim Alvefur2023-07-291-6/+3
| | | | | | | | | | | | | | Improves readability. Reduces line count. What's not to like? The code style and luacheck rules allows longer lines, and these strings aren't long enough to need breaking into multiple lines like this.
* | core.portmanager: Hint at HTTP servers for conflicts over port 443Kim Alvefur2023-07-291-1/+1
| | | | | | | | | | | | Since 443 is just as much a web port as port 80 these days, if not more. What's with port 81 here?
* | core.moduleapi: Parse period min/max argumentsKim Alvefur2023-07-221-0/+6
| | | | | | | | | | Allows specifying them the same way as the default and in the config, for consistency
* | core.moduleapi: Fix min/maxinteger fallback for Lua 5.2Kim Alvefur2023-07-171-1/+1
| | | | | | | | Maybe these should live in util.mathcompat?
* | core.moduleapi: Add min/max range support to :get_option_periodKim Alvefur2023-07-171-11/+27
| | | | | | | | | | | | To match :get_option_number etc, specifying the allowed interval. Default is essentially (0, inf].
* | moduleapi: Add :get_option_integer()Kim Alvefur2023-07-172-0/+15
| | | | | | | | | | | | | | Many options in Prosody that are treated as numbers don't make sense as floats, e.g. sizes and limits measured in bytes. Simplified implementation based on an earlier attempt dating back to 2020
* | core.moduleapi: Accept boolean false to disable period settingKim Alvefur2023-07-161-1/+1
| |
* | core.moduleapi: Log error for unexpected types (booleans?) set as periodsKim Alvefur2023-07-161-0/+2
| |
* | core.moduleapi: Turn negative periods or "never" into infinityKim Alvefur2023-07-161-0/+7
| | | | | | | | | | As a way to signal that the periodic thing should be disabled, matching existing mod_mam usage
* | core.moduleapi: Improve handling of different types in :get_option_periodKim Alvefur2023-07-161-8/+8
| | | | | | | | | | Pass positive numbers trough unharmed, parse strings as periods, discard anything else.
* | core.moduleapi: Add :get_option_period for parsing time intervalsKim Alvefur2023-07-162-0/+16
| | | | | | | | | | E.g. for use in mod_mam and others that take an amount of time before some (usually cleanup) action is taken.
* | core.moduleapi: Allow specifying an acceptable range for number optionsKim Alvefur2021-10-052-2/+15
| |
* | moduleapi: Add enum config option methodKim Alvefur2021-01-162-0/+12
| | | | | | | | For when a setting has a few fixed values it can take
* | Merge 0.12->trunkKim Alvefur2023-07-101-1/+2
|\|
| * core.certmanager: Update Mozilla TLS config to version 5.7Kim Alvefur2023-07-091-1/+2
| | | | | | | | Ref https://github.com/mozilla/server-side-tls/issues/285
* | core, plugins: Split prosody:user role into prosody:{guest,registered,member}Matthew Wild2023-06-291-0/+3
| | | | | | | | | | | | | | This gives us more granular control over different types of user account. Accounts registered by IBR get assigned prosody:registered by default, while accounts provisioned by an admin (e.g. via prosodyctl shell) will receive prosody:member by default.
* | usermanager: Add create_user_with_role() method to atomically set initial roleMatthew Wild2023-06-291-0/+26
| |
* | net.tls_luasec: Expose method for loading a certificateKim Alvefur2023-05-271-2/+1
| | | | | | | | | | Further isolates LuaSec from Prosody core, with the ultimate goal of allowing LuaSec to be replaced more easily.
* | net.certmanager: Move LuaSec feature detection to net.tls_luasecKim Alvefur2023-05-271-35/+12
| | | | | | | | | | Further isolates LuaSec from Prosody core, with the ultimate goal of allowing LuaSec to be replaced more easily.
* | Merge 0.12->trunkKim Alvefur2023-05-241-0/+2
|\|
| * mod_s2s: Add event where resolver for s2sout can be tweakedKim Alvefur2022-08-181-0/+2
| | | | | | | | | | | | | | | | Could be used to implement custom connection methods (c.f. mod_onions) without needing to duplicate the rest of route_to_new_session(). Adds a feature to enable detection since it can be difficult to detect support for an event otherwise.
* | core.sessionmanager: Delay closing a replaced connection after replacementKim Alvefur2023-05-071-2/+1
| | | | | | | | | | | | | | | | | | | | Closing the session invokes ondisconnect and session close logic, including mod_smacks hibernation and the timer that destroys the session after a timeout. By closing the connection after it has been detached from the sessions table it will no longer invoke the ondetach handler, which should prevent the above problem.
* | moduleapi: Add luacheck annotation to suppress warning about unused selfMatthew Wild2023-04-011-1/+1
| | | | | | | | | | This is a convenience function, and there is currently no module-specific code required to implement it. Not using 'self' is to be expected.
* | moduleapi: Add module:once() to execute a function after module load/startupMatthew Wild2023-04-011-0/+5
| | | | | | | | | | | | | | | | | | | | It is a common pattern for modules to do something like check for prosody.start_time, and execute code immediately if it is present, or wait for the server-started event if it isn't yet. For example, this allows you to run code after all other modules/hosts have been loaded, that are going to be loaded. Such code can now be replaced with a simple call to this method.
* | sessionmanager: Preserve 'since' property of original session after resumptionMatthew Wild2023-03-291-0/+1
| |
* | moduleapi: Add 'peek' to :may() and new :could() helper to suppress loggingMatthew Wild2023-03-261-7/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | The current method logs scary "access denied" messages on failure - this is generally very useful when debugging access control stuff, but in some cases the call is simply a check to see if someone *could* perform an action, even if they haven't requested it yet. One example is determining whether to show the user as an admin in disco. The 'peek' parameter, if true, will suppress such logging. The :could() method is just a simple helper that can make the calling code a bit more readable (suggested by Zash).
* | moduleapi: may: Fail early if a local session has no role assignedMatthew Wild2023-03-251-3/+8
| | | | | | | | | | | | | | We expect every session to explicitly have a role assigned. Falling back to any kind of "default" role (even the user's default role) in the absence of an explicit role could open up the possibility of accidental privilege escalation.
* | core.usermanager: Correct formatting of not implemented errorKim Alvefur2023-03-261-4/+4
| | | | | | | | Spaces, no hyphen, apparently.
* | core: Prefix module imports with prosody namespaceKim Alvefur2023-03-1715-103/+103
| |
* | features: Add "keyval+"Matthew Wild2023-03-211-0/+2
| |
* | storagemanager: Add keyval+ (combined keyval + map) store typeMatthew Wild2022-09-271-0/+73
| | | | | | | | | | | | | | | | This combines the two most common store types, which modules often end up opening with both interfaces separately anyway. As well as combining them, I've taken the opportunity to improve some of the method names to make them clearer.
* | core.features: Add feature for prosody.loaderKim Alvefur2023-03-181-0/+2
| | | | | | | | Allows modules explicit dependencies upon its availability
* | core.moduleapi: Record reverse dependenciesKim Alvefur2023-03-051-0/+4
| | | | | | | | | | Useful to know why a module was auto-loaded without having to dig trough all other modules for the one that depends on it.
* | authz: Add method for retrieving all rolesKim Alvefur2023-03-041-0/+7
| | | | | | | | | | | | | | | | Some of the OAuth stuff highlights a small need to retrieve a list of roles somehow. Handy if you ever need a role selector in adhoc or something. Unless there's some O(n) thing we were avoiding?
* | core.usermanager: Fire events when enabling and disabling usersKim Alvefur2023-02-231-2/+10
| | | | | | | | Allow modules to act on this state change, e.g. kick accounts etc.
* | core.usermanager: Add methods for enabling and disabling usersKim Alvefur2023-02-231-0/+32
| | | | | | | | Calling into the auth module, where available.
* | Merge 0.12->trunkMatthew Wild2023-02-091-4/+11
|\|
| * sessionmanager: Improve logging around session destructionMatthew Wild2023-02-091-3/+10
| |
| * core.sessionmanager: Mark session as destroyed to prevent reentryKim Alvefur2023-01-191-0/+1
| | | | | | | | | | If it reaches this point, then the session will be most definitely be destroyed, so try to prevent destroy_session() from being called again.
| * core.sessionmanager: Skip log when (not) destroying destroyed sessionsKim Alvefur2023-01-191-2/+1
| | | | | | | | | | | | | | | | | | On regular disconnects, </stream> is sent, then sessionmanager.destroy_session() is called, then sessionmanager.destroy_session() is called again when the TCP connection is closed, from ondisconnect in mod_c2s. It is a bit annoying and doesn't really tell you much.
* | core.moduleapi: Fix passing variable to loggingKim Alvefur2023-01-311-1/+1
| |
* | sessionmanager: Fire event before retiring old sessionMatthew Wild2022-12-291-3/+4
| | | | | | | | | | This allows for modules to update fields, which is generally better than maintaining this hard-coded list of transferable properties here.
* | sessionmanager: Pluck sasl_handler from old session when resuming (fixes #1785)Matthew Wild2022-12-291-0/+1
| |
* | core.moduleapi: Check for local role-aware sessions before e.g. s2sKim Alvefur2022-08-291-9/+9
| | | | | | | | | | The condition checked for s2sin but not s2sout, so would have ignored bidi-enabled s2sout sessions. Components as well.
* | core.usermanager: Link to docs for new role API to make warning more actionableKim Alvefur2022-08-271-0/+1
| |
* | mod_s2s: Simplify conditionals since all sessions should have .host nowKim Alvefur2022-08-261-2/+2
| |