Commit message (Collapse) | Author | Age | Files | Lines | ||
---|---|---|---|---|---|---|
... | ||||||
| * | | | | | | | | certmanager: Overhaul of how ssl configs are built. | Kim Alvefur | 2013-06-13 | 1 | -38/+45 | |
| | | | | | | | | | ||||||
| * | | | | | | | | Merge 0.9->trunk | Matthew Wild | 2013-06-13 | 1 | -0/+5 | |
| |\ \ \ \ \ \ \ \ | ||||||
| * \ \ \ \ \ \ \ \ | Merge 0.9->trunk | Matthew Wild | 2013-06-13 | 1 | -1/+1 | |
| |\ \ \ \ \ \ \ \ \ | ||||||
| * \ \ \ \ \ \ \ \ \ | Merge 0.9->trunk | Matthew Wild | 2013-06-11 | 1 | -0/+2 | |
| |\ \ \ \ \ \ \ \ \ \ | ||||||
| * | | | | | | | | | | | certmanager: Complain if key or certificate is missing from SSL config. | Kim Alvefur | 2013-06-07 | 1 | -0/+2 | |
| | | | | | | | | | | | | ||||||
* | | | | | | | | | | | | portmanager: Make maximum read size configurable, and default to 4KB | Matthew Wild | 2014-03-30 | 1 | -1/+3 | |
| |_|_|_|_|_|_|_|_|_|/ |/| | | | | | | | | | | ||||||
* | | | | | | | | | | | modulemanager: Load mod_saslauth on components by default | Kim Alvefur | 2014-03-22 | 1 | -1/+1 | |
| |_|_|_|_|_|_|_|_|/ |/| | | | | | | | | | ||||||
* | | | | | | | | | | certmanager: Further cipher string tweaking. Re-enable ciphers required for ↵ | Matthew Wild | 2013-11-21 | 1 | -1/+1 | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | DSA and ECDH certs/keys. | |||||
* | | | | | | | | | | Back out 1b0ac7950129, as SSLv3 appears to still be in moderate use on the ↵ | Matthew Wild | 2013-11-12 | 1 | -1/+1 | |
| |_|_|_|_|_|_|_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | network. Also, although obsolete, SSLv3 isn't documented to have any weaknesses that TLS 1.0 (the most common version used today) doesn't also have. Get your act together clients! | |||||
* | | | | | | | | | certmanager: Update default cipher string to prefer forward-secrecy over ↵ | Matthew Wild | 2013-11-10 | 1 | -1/+1 | |
| |_|_|_|_|_|_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | cipher strength and to disable triple-DES (weaker and much slower than AES) | |||||
* | | | | | | | | certmanager: Fix order of options, so that the dynamic option is at the end ↵ | Matthew Wild | 2013-11-09 | 1 | -1/+1 | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | of the array | |||||
* | | | | | | | | certmanager: Default to using the server's cipher preference order by ↵ | Matthew Wild | 2013-11-09 | 1 | -1/+1 | |
| |_|_|_|_|_|/ |/| | | | | | | | | | | | | | | | | | | | | default, as clients have been shown to commonly select weak and insecure ciphers even when they support stronger ones | |||||
* | | | | | | | certmanager: Disable SSLv3 by default | Kim Alvefur | 2013-10-31 | 1 | -1/+1 | |
| | | | | | | | ||||||
* | | | | | | | certmanager: Fix dhparam callback, missing imports (Testing, pfft)0.9.1 | Kim Alvefur | 2013-09-03 | 1 | -3/+5 | |
| | | | | | | | ||||||
* | | | | | | | certmanager: Allow for specifying the dhparam option as a path to a file ↵ | Kim Alvefur | 2013-09-03 | 1 | -0/+11 | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | instead of a callback | |||||
* | | | | | | | certmanager: Fix for working around a bug with LuaSec 0.4.1 that causes it ↵ | Matthew Wild | 2013-09-03 | 1 | -4/+4 | |
| |_|_|_|_|/ |/| | | | | | | | | | | | | | | | | | to not honour the 'ciphers' option. This change will apply 0.9's default cipher string for LuaSec 0.4.1 users. | |||||
* | | | | | | configmanager: Fix checking of absolute paths on Windows | Kim Alvefur | 2013-08-30 | 1 | -1/+1 | |
| |_|_|_|/ |/| | | | | ||||||
* | | | | | certmanager: Set our own default cipher string, which includes only ciphers ↵ | Matthew Wild | 2013-07-13 | 1 | -0/+1 | |
| |_|_|/ |/| | | | | | | | | | | | regarded as 'HIGH' strength (by OpenSSL). In particular this disables RC4. | |||||
* | | | | certmanager: Add single_dh_use and single_ecdh_use to default options | Matthew Wild | 2013-06-13 | 1 | -0/+5 | |
| |_|/ |/| | | ||||||
* | | | certmanager: Set ssl.curve to 'secp384r1' by default, to enable ECC ciphers | Matthew Wild | 2013-06-13 | 1 | -1/+1 | |
| |/ |/| | ||||||
* | | certmanager: Use 'curve' and 'dhparam' options from ssl config if present | Matthew Wild | 2013-06-11 | 1 | -0/+2 | |
|/ | ||||||
* | certmanager: Disable SSL compression if possible (LuaSec 0.5 or ↵ | Matthew Wild | 2013-05-22 | 1 | -1/+5 | |
| | | | | 0.4.1+OpenSSL 1.x) | |||||
* | portmanager: Also include the interface the service is listening on | Kim Alvefur | 2013-04-29 | 1 | -1/+1 | |
| | ||||||
* | portmanager: Include port numbers the service is listening on in the info logs. | Waqas Hussain | 2013-04-29 | 1 | -1/+3 | |
| | ||||||
* | moduleapi: in module:provides(), add the name of the module in item._provided_by | Kim Alvefur | 2013-04-27 | 1 | -0/+1 | |
| | ||||||
* | moduleapi: module:provides called without an item makes a copy of the ↵ | Kim Alvefur | 2013-04-27 | 1 | -1/+7 | |
| | | | | environment instead. Fixes warnings about non-existent globals | |||||
* | moduleapi: Add module:get_option_inherited_set() to return a set that ↵ | Matthew Wild | 2013-04-27 | 1 | -0/+12 | |
| | | | | inherits items from a globally set set, if set | |||||
* | moduleapi: Add module:context(host) to produce a fake API context for a ↵ | Matthew Wild | 2013-04-27 | 1 | -0/+4 | |
| | | | | given host (or global). module:context("*"):get_option("foo") to get global options. | |||||
* | storagemanager: Fix traceback in logging when store type is nil, and store ↵ | Waqas Hussain | 2013-04-22 | 1 | -1/+1 | |
| | | | | is unsupported. | |||||
* | moduleapi: Make module:open_store() open a store named after the calling ↵ | Kim Alvefur | 2013-04-19 | 1 | -1/+1 | |
| | | | | module by default | |||||
* | moduleapi: Add module:open_store() as a front-end to storagemanager.open() | Matthew Wild | 2013-04-19 | 1 | -0/+4 | |
| | ||||||
* | sessionmanager, s2smanager: Remove unused imports | Matthew Wild | 2013-04-11 | 2 | -5/+2 | |
| | ||||||
* | sessionmanager, s2smanager: Remove open_session tracing | Matthew Wild | 2013-04-08 | 2 | -18/+2 | |
| | ||||||
* | moduleapi: assert() that prosody.core_post_stanza is not nil | Matthew Wild | 2013-04-05 | 1 | -1/+4 | |
| | ||||||
* | portmanager: import pairs() (thanks Maranda) | Matthew Wild | 2013-04-05 | 1 | -1/+1 | |
| | ||||||
* | rostermanager: do not save rosters for unexistant users. | Marco Cirillo | 2013-04-05 | 1 | -0/+6 | |
| | ||||||
* | portmanager: add logic to allow specification of service default values for ↵ | Marco Cirillo | 2013-04-04 | 1 | -3/+28 | |
| | | | | ssl config and / or overrides. | |||||
* | configmanager: Some cleanup, remove unused variables and imports | Matthew Wild | 2013-04-03 | 1 | -5/+4 | |
| | ||||||
* | moduleapi: have get_host_items wrap on get_items from modulemanager, also ↵ | Marco Cirillo | 2013-04-01 | 1 | -17/+15 | |
| | | | | add has_{feature/identity} to the API. | |||||
* | modulemanager: add missing ipairs import. | Marco Cirillo | 2013-04-01 | 1 | -1/+1 | |
| | ||||||
* | modulemanager: add function to retrieve module items from a specific host ↵ | Marco Cirillo | 2013-04-01 | 1 | -1/+18 | |
| | | | | entity. | |||||
* | portmanager: Log error and fail to bind when port is invalid (not a number) | Matthew Wild | 2013-03-31 | 1 | -9/+11 | |
| | ||||||
* | portmanager: Add use_ipv4 option, default to true. | Kim Alvefur | 2013-03-27 | 1 | -2/+6 | |
| | ||||||
* | portmanager: use_ipv6 defaults to true if luasocket has ipv6 support | Kim Alvefur | 2013-03-27 | 1 | -1/+2 | |
| | ||||||
* | configmanager: Fix so unset variables are searched for in the global section | Kim Alvefur | 2013-03-23 | 1 | -1/+1 | |
| | ||||||
* | core.*: Complete removal of all traces of the "core" section and ↵ | Kim Alvefur | 2013-03-23 | 7 | -23/+20 | |
| | | | | section-related code. | |||||
* | s2smanager: Remove unused function parameter | Matthew Wild | 2013-03-22 | 1 | -1/+1 | |
| | ||||||
* | s2smanager: Access prosody.hosts instead of hosts global directly | Matthew Wild | 2013-03-22 | 1 | -1/+1 | |
| | ||||||
* | s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move ↵ | Matthew Wild | 2013-03-22 | 1 | -73/+2 | |
| | | | | s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event | |||||
* | hostmanager: Use rawget to check for activated hosts to prevent recursion in ↵ | Matthew Wild | 2013-03-22 | 1 | -2/+2 | |
| | | | | dynamic host loaders |