| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
|
| |
Having mod_s2s know about the bidi namespace is perhaps a bit awkward
but putting this in mod_s2s_bidi would be more awkward as it has nothing
to do with limits. Some indirection event could be added in the future.
|
| |
|
|
|
|
| |
Thanks MattJ
|
|
|
|
|
|
|
|
| |
Just dropping them isn't great but hopefully something more sensible can
be done in the future.
Will need work to ensure that this signal is handled correctly in
sending modules etc.
|
|
|
|
| |
For future use, i.e. canceling sending of stanzas that exceed the limit
|
|
|
|
| |
So they can, like, not send big stanzas.
|
| |
|
|\ |
|
| |
| |
| |
| |
| | |
Fixes the same kind of issue as in 65563530375b but once and for all,
while improving similarity between incoming and outgoing connections.
|
| |
| |
| |
| |
| |
| |
| | |
This field can be viewed using s2s:show(nil, "... starttls") even
without any special support in mod_admin_shell, which can be added later
to make it nicer. One can then assume that a TLS connection with an
empty / nil starttls field means Direct TLS.
|
| |
| |
| |
| |
| |
| | |
This would mainly be error stanzas.
Good to have some trace of when handling of them are finished.
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The check for the type attr was lost in 11765f0605ec leading to attempts
to create error replies for error stanzas, which util.stanza rejects.
Tested by sending
<message to="reject.badxmpp.eu" type="error"><error/></message>
which produced a traceback previously.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
For this, various accessor functions are now provided directly on the
sockets, which reach down into the LuaSec implementation to obtain the
information.
While this may seem of little gain at first, it hides the implementation
detail of the LuaSec+LuaSocket combination that the actual socket and
the TLS layer are separate objects.
The net gain here is that an alternative implementation does not have to
emulate that specific implementation detail and "only" has to expose
LuaSec-compatible data structures on the new functions.
|
|\| |
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This change ensures we have positively verified the certificates of the server
we are connecting to before marking the session as authenticated. It protects
against situations where the verify-or-close stage of the connection was
interrupted (e.g. due to an uncaught error).
Thanks to Zash for discovery and testing.
|
| |
| |
| |
| |
| |
| | |
Otherwise it would just report "is not trusted" unless you inspect the
logs. This message is sent to to the remote server, and will hopefully
show up in their logs, allowing the admin to fix their DANE setup.
|
| |
| |
| |
| |
| | |
Should be invoked for cases such as when the Let's Encrypt intermediate
certificate expired not too long ago.
|
|/
|
|
|
|
|
|
|
|
|
|
| |
This is the "right" thing to do. Strings were more memory-efficient, but
e.g. bypassed stanza filters at reconnection time. Also not being stanzas
prevents us from potential future work, such as merging sendq with mod_smacks.
Regarding performance: we should counter the probable negative effect of this
change with other positive changes that are desired anyway - e.g. a limit on
the size of the sendq, improved in-memory representation of stanzas, s2s
backoff (e.g. if a remote server is persistently unreachable, cache this
failure for a while and don't just keep forever queuing stanzas for it).
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
These options have been specified (and enabled) in the default config file for
a long time. However if unspecified in the config, they were not enabled. Now
they are.
This may result in a change of behaviour for people using very old config
files that lack the require_encryption options. But that's what we want.
|
| |
| |
| |
| |
| | |
Since there are two calls to done() that can happen, if the timing is
right (or wrong) both can happen, which previously triggered an error.
|
|/
|
|
|
| |
Should make traces point here instead of timer dispatch, making
debugging easier
|
|
|
|
|
|
|
|
|
|
| |
steps
Ensures unavailable presence and other outgoing stanzas are sent.
Waiting for c2s sessions to close first before proceeding to disable and
close s2s ensures that unavailable presence can go out, even if it
requires dialback to complete first.
|
| |
|
|
|
|
| |
This ensures no new clients can start connecting during shutdown
|
|
|
|
|
| |
Allows doing things based on connections rather than sessions, which may
have been created before or after.
|
|
|
|
|
|
|
|
|
|
| |
So that the same TLS context is used for both Direct TLS and starttls,
since they are supposed to be functionally identical apart from the few
extra round trips.
A new event is added because the 's2s-created' event fires much later,
after a connection has already been established, where we need the TLS
context before that.
|
|
|
|
|
|
|
|
|
|
| |
Makes it faster by cutting out the roundtrips involved in <starttls/>,
at the cost of making an additional SRV lookup.
Since we already ignore a missing <starttls/> offer and try anyway there
is not much difference in security. The fact that XMPP is used and the
hostnames involved might still be visible until the future Encrypted
ClientHello extension allows hiding those too.
|
|
|
|
|
|
|
| |
`reason` was often a table, so the log said "table: 0xptr" or such.
mod_c2s, mod_bosh etc logs the stream error stanza object, so better do
the same. It would be nicer if this was an util.error object, but that
will have to be a future change.
|
|
|
|
|
| |
Labels are supposed to be fixed sets of things, so defined hosts are
okay, but not unknown hosts.
|
|
|
|
|
| |
Following the style of other options like (c2s|s2s)_require_encryption,
s2s_secure_auth etc.
|
|
|
|
|
|
| |
Mirroring the c2s 'direct_tls'. Naming things is hard.
direct_tls_s2s_ports = { 5269+1 }
|
|
|
|
|
| |
This could be done with multiplexing, or a future additional port
definition.
|
|
|
|
|
| |
Goal is to call this if the connection is using Direct TLS, either via
multiplexing or a future Direct TLS S2S port.
|
|
|
|
| |
(thanks mjk)
|
|
|
|
|
| |
Could allow e.g. a XEP-0198 implementation to efficiently send ack
requests at optimal times without using timers or nextTick.
|
|
|
|
|
|
|
|
| |
Signals that any pending outgoing stanzas that were in the write buffer
have at least been sent off to the Kernel and maybe even sent out over
the network.
See 7a703af90c9c for mod_c2s commit
|
|
|
|
|
|
|
| |
This way 'extra' is unique for each connect() instance, making it safer
to mutate it, while inheriting the global settings.
See 926d53af9a7a for some more context.
|
|
|
|
|
| |
This could happen with Dialback-only connections or others that were
missing the stream 'to' attribute.
|
|
|
|
|
|
|
|
|
|
| |
Given an incoming <stream:stream from="example.com"> this line would
have mistakenly reported the 'from' as the local host. Neither are
technically required and may be missing, especially on connections used
only for Dialback.
Outgoing connections initiated by Prosody always have 'from_host' and
'to_host', so it is safer to check it this way.
|
| |
|
|
|
|
|
|
| |
Couldn't use those with the host being deactivated.
Problem: This kicks in on reload, which isn't needed.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Increases log level for stream conditions that could indicate a problem
on our end, especially programming errors like invalid XML, or the
remote server saying that our certificate is invalid, since these should
be investigated.
Non-issues like closing of idle streams are lowered to debug since it's
mostly noise.
Other issues left at info are mostly about changes to the remote server,
e.g. complete or partial shutdown.
|
|
|
|
|
|
| |
Reduces the number of left-over timers to handle after many s2s
connections were started, leaving only the ones related to incomplete
connections.
|
|
|
|
|
|
| |
This should probably never happen, but probably does anyways.
A debug message would show the truth of the matter.
|
|
|
|
|
| |
Nicer to get rid of a conditional that covers such a large portion of a
pretty big function.
|
|
|
|
|
| |
These direct accesses are probably more optimized, but weird when the
module API has methods for these things.
|
|
|
|
| |
Should have been removed in the previous commit.
|
|
|
|
| |
See previous commit to mod_c2s: a62146353528
|