aboutsummaryrefslogtreecommitdiffstats
path: root/core
Commit message (Collapse)AuthorAgeFilesLines
* certmanager, net.http: Disable SSLv3 by default0.9.6Matthew Wild2014-10-141-1/+1
|
* core.stanza_router: Stricter validation of stanzasKim Alvefur2014-09-091-21/+24
|
* modulemanager: Reduce warning to debug level message about modules already ↵Kim Alvefur2014-08-271-1/+1
| | | | being loaded, it's probably just module:depends()
* configmanager: nameprep VirtualHost and Component namesMatthew Wild2014-07-311-0/+5
|
* configmanager: Delay importing LuaFileSystem until needed by an Include lineKim Alvefur2014-05-091-1/+5
|
* portmanager: Make maximum read size configurable, and default to 4KBMatthew Wild2014-03-301-1/+3
|
* modulemanager: Load mod_saslauth on components by defaultKim Alvefur2014-03-221-1/+1
|
* certmanager: Further cipher string tweaking. Re-enable ciphers required for ↵Matthew Wild2013-11-211-1/+1
| | | | DSA and ECDH certs/keys.
* Back out 1b0ac7950129, as SSLv3 appears to still be in moderate use on the ↵Matthew Wild2013-11-121-1/+1
| | | | network. Also, although obsolete, SSLv3 isn't documented to have any weaknesses that TLS 1.0 (the most common version used today) doesn't also have. Get your act together clients!
* certmanager: Update default cipher string to prefer forward-secrecy over ↵Matthew Wild2013-11-101-1/+1
| | | | cipher strength and to disable triple-DES (weaker and much slower than AES)
* certmanager: Fix order of options, so that the dynamic option is at the end ↵Matthew Wild2013-11-091-1/+1
| | | | of the array
* certmanager: Default to using the server's cipher preference order by ↵Matthew Wild2013-11-091-1/+1
| | | | default, as clients have been shown to commonly select weak and insecure ciphers even when they support stronger ones
* certmanager: Disable SSLv3 by defaultKim Alvefur2013-10-311-1/+1
|
* certmanager: Fix dhparam callback, missing imports (Testing, pfft)0.9.1Kim Alvefur2013-09-031-3/+5
|
* certmanager: Allow for specifying the dhparam option as a path to a file ↵Kim Alvefur2013-09-031-0/+11
| | | | instead of a callback
* certmanager: Fix for working around a bug with LuaSec 0.4.1 that causes it ↵Matthew Wild2013-09-031-4/+4
| | | | to not honour the 'ciphers' option. This change will apply 0.9's default cipher string for LuaSec 0.4.1 users.
* configmanager: Fix checking of absolute paths on WindowsKim Alvefur2013-08-301-1/+1
|
* certmanager: Set our own default cipher string, which includes only ciphers ↵Matthew Wild2013-07-131-0/+1
| | | | regarded as 'HIGH' strength (by OpenSSL). In particular this disables RC4.
* certmanager: Add single_dh_use and single_ecdh_use to default optionsMatthew Wild2013-06-131-0/+5
|
* certmanager: Set ssl.curve to 'secp384r1' by default, to enable ECC ciphersMatthew Wild2013-06-131-1/+1
|
* certmanager: Use 'curve' and 'dhparam' options from ssl config if presentMatthew Wild2013-06-111-0/+2
|
* certmanager: Disable SSL compression if possible (LuaSec 0.5 or ↵Matthew Wild2013-05-221-1/+5
| | | | 0.4.1+OpenSSL 1.x)
* portmanager: Also include the interface the service is listening onKim Alvefur2013-04-291-1/+1
|
* portmanager: Include port numbers the service is listening on in the info logs.Waqas Hussain2013-04-291-1/+3
|
* moduleapi: in module:provides(), add the name of the module in item._provided_byKim Alvefur2013-04-271-0/+1
|
* moduleapi: module:provides called without an item makes a copy of the ↵Kim Alvefur2013-04-271-1/+7
| | | | environment instead. Fixes warnings about non-existent globals
* moduleapi: Add module:get_option_inherited_set() to return a set that ↵Matthew Wild2013-04-271-0/+12
| | | | inherits items from a globally set set, if set
* moduleapi: Add module:context(host) to produce a fake API context for a ↵Matthew Wild2013-04-271-0/+4
| | | | given host (or global). module:context("*"):get_option("foo") to get global options.
* storagemanager: Fix traceback in logging when store type is nil, and store ↵Waqas Hussain2013-04-221-1/+1
| | | | is unsupported.
* moduleapi: Make module:open_store() open a store named after the calling ↵Kim Alvefur2013-04-191-1/+1
| | | | module by default
* moduleapi: Add module:open_store() as a front-end to storagemanager.open()Matthew Wild2013-04-191-0/+4
|
* sessionmanager, s2smanager: Remove unused importsMatthew Wild2013-04-112-5/+2
|
* sessionmanager, s2smanager: Remove open_session tracingMatthew Wild2013-04-082-18/+2
|
* moduleapi: assert() that prosody.core_post_stanza is not nilMatthew Wild2013-04-051-1/+4
|
* portmanager: import pairs() (thanks Maranda)Matthew Wild2013-04-051-1/+1
|
* rostermanager: do not save rosters for unexistant users.Marco Cirillo2013-04-051-0/+6
|
* portmanager: add logic to allow specification of service default values for ↵Marco Cirillo2013-04-041-3/+28
| | | | ssl config and / or overrides.
* configmanager: Some cleanup, remove unused variables and importsMatthew Wild2013-04-031-5/+4
|
* moduleapi: have get_host_items wrap on get_items from modulemanager, also ↵Marco Cirillo2013-04-011-17/+15
| | | | add has_{feature/identity} to the API.
* modulemanager: add missing ipairs import.Marco Cirillo2013-04-011-1/+1
|
* modulemanager: add function to retrieve module items from a specific host ↵Marco Cirillo2013-04-011-1/+18
| | | | entity.
* portmanager: Log error and fail to bind when port is invalid (not a number)Matthew Wild2013-03-311-9/+11
|
* portmanager: Add use_ipv4 option, default to true.Kim Alvefur2013-03-271-2/+6
|
* portmanager: use_ipv6 defaults to true if luasocket has ipv6 supportKim Alvefur2013-03-271-1/+2
|
* configmanager: Fix so unset variables are searched for in the global sectionKim Alvefur2013-03-231-1/+1
|
* core.*: Complete removal of all traces of the "core" section and ↵Kim Alvefur2013-03-237-23/+20
| | | | section-related code.
* s2smanager: Remove unused function parameterMatthew Wild2013-03-221-1/+1
|
* s2smanager: Access prosody.hosts instead of hosts global directlyMatthew Wild2013-03-221-1/+1
|
* s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move ↵Matthew Wild2013-03-221-73/+2
| | | | s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
* hostmanager: Use rawget to check for activated hosts to prevent recursion in ↵Matthew Wild2013-03-221-2/+2
| | | | dynamic host loaders