| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This channel binding method is now enabled when a hash is manually set in the
config, or it attempts to discover the hash automatically if the value is the
special string "auto".
A related change to mod_c2s prevents complicated certificate lookups in the
client connection hot path - this work now happens only when this channel
binding method is used. I'm not aware of anything else that uses ssl_cfg (vs
ssl_ctx).
Rationale for disabling by default:
- Minor performance impact in automatic cert detection
- This method is weak against a leaked/stolen private key (other methods such
as 'tls-exporter' would not be compromised in such a case)
Rationale for keeping the implementation:
- For some deployments, this may be the only method available (e.g. due to
TLS offloading in another process/server).
|
| |
|
| |
|
|
|
|
|
|
|
| |
Many of these fall into a few categories:
- util.cache size, must be >= 1
- byte or item counts that logically can't be negative
- port numbers that should be in 1..0xffff
|
|
|
|
| |
Improves readability ("1 day" vs 86400) and centralizes validation.
|
|
|
|
|
|
|
|
|
|
| |
Closing the session invokes ondisconnect and session close logic,
including mod_smacks hibernation and the timer that destroys the session
after a timeout.
By closing the connection after it has been detached from the sessions
table it will no longer invoke the ondetach handler, which should
prevent the above problem.
|
|
|
|
|
|
|
| |
The (still not published) XEP-xxxx: Stream Limits Advertisement uses the
element <max-bytes/> to advertise the maximum octet size of top level
stream elements. "size" was probably a leftover of an even earlier
version of the (Proto)XEP.
|
| |
|
|
|
|
|
|
|
|
| |
We decided that at the first stage, accounts that are disabled should
simply be prevented from authenticating, thus they should also be
prevented from having connected sessions. Since this is aimed to be a
moderation action for cases of abuse, they shouldn't be allowed to
continue being connected.
|
|
|
|
| |
Thanks MattJ
|
|
|
|
|
|
|
| |
Should help clients avoid sending stanzas that will get their stream
killed. Custom namespace while ironing out the protocol.
My spoon is too big!
|
|
|
|
| |
We need this to access 'from' in SASL2/FAST.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
These changes to the API (hopefully the last) introduce a cleaner separation
between the user's primary (default) role, and their secondary (optional)
roles.
To keep the code sane and reduce complexity, a data migration is needed for
people using stored roles in 0.12. This can be performed with
prosodyctl mod_authz_internal migrate <host>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For this, various accessor functions are now provided directly on the
sockets, which reach down into the LuaSec implementation to obtain the
information.
While this may seem of little gain at first, it hides the implementation
detail of the LuaSec+LuaSocket combination that the actual socket and
the TLS layer are separate objects.
The net gain here is that an alternative implementation does not have to
emulate that specific implementation detail and "only" has to expose
LuaSec-compatible data structures on the new functions.
|
|
|
|
|
| |
Since there are two calls to done() that can happen, if the timing is
right (or wrong) both can happen, which previously triggered an error.
|
|
|
|
|
| |
Should make traces point here instead of timer dispatch, making
debugging easier
|
| |
|
|
|
|
|
|
|
|
|
|
| |
steps
Ensures unavailable presence and other outgoing stanzas are sent.
Waiting for c2s sessions to close first before proceeding to disable and
close s2s ensures that unavailable presence can go out, even if it
requires dialback to complete first.
|
|
|
|
|
| |
Lets other things step in and do things while c2s ports are closed, e.g.
mod_smacks, or other modules with port handlers that forward to c2s.
|
|
|
|
| |
This ensures no new clients can start connecting during shutdown
|
|
|
|
|
|
|
|
| |
With mod_smacks, a session can outlive the connection, so whether the
event is fired should not hinge on whether the session is connected or
not.
Helps mod_smacks remove some state.
|
|
|
|
|
|
| |
To allow modules to do things just before the session is closed. The
'(pre-)resource-unbind' events are fired after the stream is closed,
leaving no way to send something.
|
|
|
|
|
| |
The overlapping logic for deletion and password changed has been merged into
a single function.
|
|
|
|
|
| |
Better than duck typing, in case anyone ever passes a non-stanza table
with a 'name' field.
|
|
|
|
| |
And to follow existing naming practices better than 'legacy_ssl' did.
|
|
|
|
| |
(thanks mjk)
|
|
|
|
|
| |
Could allow e.g. a XEP-0198 implementation to efficiently send ack
requests at optimal times without using timers or nextTick.
|
|
|
|
|
|
|
|
|
| |
The :info() method has been observed to return nothing ... sometimes.
Unclear what causes it. Perhaps the TLS connection was shut down or
hasn't fully settled?
The LuaSec code has code paths that return nothing or nil, error, so it
is best to guard against it.
|
|
|
|
| |
^C^V
|
| |
|
|
|
|
|
| |
This only differs from 'legacy_ssl' in name, at least on the server
side. For clients this is the one that uses SRV records.
|
| |
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
stanza size limits
c2s/bosh/ws streams will default to 256KB, s2s and components to 512KB.
These values are aligned with ejabberd's default settings, which should reduce
issues related to inconsistent size limits between servers on the XMPP network.
The previous default (10MB) is excessive for any production server, and allows
significant memory usage by even unauthenticated sessions.
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Ge0rG)
Could happen with the 'opportunistic_writes' setting, since then the
stream opening is written directly to the socket, which can in turn
trigger session destruction if the socket somehow got closed just after
the other sent their stream header.
Error happens later when it tries to `hosts[session.host == nil].events`
|
|\| |
|
| | |
|
| |
| |
| |
| |
| | |
We don't use the quoted table indexing style that often, it's not needed
here and it's enough to check for falsyness rather than `nil`.
|
| |
| |
| |
| | |
Unclear how this happens.
|
| |
| |
| |
| | |
Fixes #1507
|
| | |
|
| |
| |
| |
| |
| |
| |
| | |
It was confusing that the connection would just close without much
explanation.
Wanted this while investigating https://github.com/conversejs/converse.js/issues/2438
|
| |
| |
| |
| | |
Clients should *not* be setting this before TLS anyways.
|
| | |
|
| |
| |
| |
| | |
Since this is not a real parse error, it should not be reported as such.
|
| |
| |
| |
| | |
Enables async processing during stream opening and closing.
|
| | |
|
| |
| |
| |
| |
| |
| |
| | |
Potentially a bit more efficient since it can jump to the selected
protocol on connect instead of waiting for some data to look at.
Adds a 'protocol' field to net providers for this purpose.
|