aboutsummaryrefslogtreecommitdiffstats
path: root/plugins/mod_s2s.lua
Commit message (Collapse)AuthorAgeFilesLines
* mod_s2s: Comment on why we avoid hostnames in stanza bounce messagesKim Alvefur2024-02-241-0/+2
|
* mod_s2s: Close connection on smacks timeoutKim Alvefur2023-12-021-0/+6
| | | | | | | | | | | This merges the mod_s2s_smacks_timeout behavior from prosody-modules This event is fired by mod_smacks when the connection has not responded to an ack-request for a period of time defaulting to 30 seconds, indicating that the connection has become stuck or non-responsive. Closing it prevents routing further messages via this connection and frees resources. A stuck connection may otherwise remain until for a time determined by the OS TCP subsystem, which can be quite long.
* mod_s2s: Automagically enable DANE for s2sin if 'use_dane' is enabledKim Alvefur2023-11-021-0/+6
| | | | Simplifies configuration, only one already existing boolean to flip.
* mod_s2s: Fix reporting of DANE mismatchKim Alvefur2023-08-051-1/+3
| | | | | | Thought it was a case mismatch at first, fixed that, but it changed nothing because the error was in the leaf part of the errors, not the chain part.
* plugins: Use integer config API with interval specification where sensibleKim Alvefur2023-07-171-1/+1
| | | | | | | Many of these fall into a few categories: - util.cache size, must be >= 1 - byte or item counts that logically can't be negative - port numbers that should be in 1..0xffff
* plugins: Switch to :get_option_period() for time range optionsKim Alvefur2023-07-161-2/+2
| | | | Improves readability ("1 day" vs 86400) and centralizes validation.
* Merge 0.12->trunkKim Alvefur2023-05-241-0/+4
|\
| * mod_s2s: Add event where resolver for s2sout can be tweakedKim Alvefur2022-08-181-0/+4
| | | | | | | | | | | | | | | | Could be used to implement custom connection methods (c.f. mod_onions) without needing to duplicate the rest of route_to_new_session(). Adds a feature to enable detection since it can be difficult to detect support for an event otherwise.
* | mod_c2s,mod_s2s: Fix tag name for SLA (thanks mjk)Kim Alvefur2023-05-031-4/+4
| | | | | | | | | | | | | | The (still not published) XEP-xxxx: Stream Limits Advertisement uses the element <max-bytes/> to advertise the maximum octet size of top level stream elements. "size" was probably a leftover of an even earlier version of the (Proto)XEP.
* | plugins: Prefix module imports with prosody namespaceKim Alvefur2023-03-241-17/+17
| |
* | mod_s2s: Retrieve stanza size limit from peer for bidi connectionsKim Alvefur2022-11-091-0/+7
| | | | | | | | | | | | Having mod_s2s know about the bidi namespace is perhaps a bit awkward but putting this in mod_s2s_bidi would be more awkward as it has nothing to do with limits. Some indirection event could be added in the future.
* | mod_s2s: Advertise stream features on bidi connectionsKim Alvefur2022-10-201-0/+6
| |
* | mod_c2s,mod_s2s: Adapt to XEP-xxxx: Stream Limits AdvertisementKim Alvefur2022-10-201-3/+4
| | | | | | | | Thanks MattJ
* | mod_s2s: Avoid sending too large stanzasKim Alvefur2021-03-161-0/+5
| | | | | | | | | | | | | | | | Just dropping them isn't great but hopefully something more sensible can be done in the future. Will need work to ensure that this signal is handled correctly in sending modules etc.
* | mod_s2s: Record stanza size limit advertised by other serversKim Alvefur2021-03-161-0/+4
| | | | | | | | For future use, i.e. canceling sending of stanzas that exceed the limit
* | mod_s2s: Advertise stanza size limit to other serversKim Alvefur2021-03-161-0/+5
| | | | | | | | So they can, like, not send big stanzas.
* | mod_s2s: Simplify conditionals since all sessions should have .host nowKim Alvefur2022-08-261-1/+1
| |
* | Merge 0.12->trunkKim Alvefur2022-08-261-2/+2
|\|
| * mod_s2s: Fix firing buffer drain eventsKim Alvefur2022-08-261-2/+2
| | | | | | | | | | Fixes the same kind of issue as in 65563530375b but once and for all, while improving similarity between incoming and outgoing connections.
* | mod_tls: Record STARTTLS state so it can be shown in ShellKim Alvefur2022-08-021-1/+3
| | | | | | | | | | | | | | This field can be viewed using s2s:show(nil, "... starttls") even without any special support in mod_admin_shell, which can be added later to make it nicer. One can then assume that a TLS connection with an empty / nil starttls field means Direct TLS.
* | mod_s2s: Log queued stanzas for which no error reply is producedKim Alvefur2022-05-071-0/+2
| | | | | | | | | | | | This would mainly be error stanzas. Good to have some trace of when handling of them are finished.
* | mod_s2s: Don't bounce queued error stanzas (thanks Martin)Kim Alvefur2022-05-071-1/+1
| | | | | | | | | | | | | | | | | | The check for the type attr was lost in 11765f0605ec leading to attempts to create error replies for error stanzas, which util.stanza rejects. Tested by sending <message to="reject.badxmpp.eu" type="error"><error/></message> which produced a traceback previously.
* | net: isolate LuaSec-specificsJonas Schäfer2022-04-271-5/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | For this, various accessor functions are now provided directly on the sockets, which reach down into the LuaSec implementation to obtain the information. While this may seem of little gain at first, it hides the implementation detail of the LuaSec+LuaSocket combination that the actual socket and the TLS layer are separate objects. The net gain here is that an alternative implementation does not have to emulate that specific implementation detail and "only" has to expose LuaSec-compatible data structures on the new functions.
* | Merge 0.12->trunkMatthew Wild2022-04-251-0/+11
|\|
| * mod_s2s: Improve robustness of outgoing s2s certificate verificationMatthew Wild2022-04-251-0/+11
| | | | | | | | | | | | | | | | | | This change ensures we have positively verified the certificates of the server we are connecting to before marking the session as authenticated. It protects against situations where the verify-or-close stage of the connection was interrupted (e.g. due to an uncaught error). Thanks to Zash for discovery and testing.
* | mod_s2s: Distinguish DANE TLSA errors from generic cert chain errorsKim Alvefur2022-04-251-0/+2
| | | | | | | | | | | | Otherwise it would just report "is not trusted" unless you inspect the logs. This message is sent to to the remote server, and will hopefully show up in their logs, allowing the admin to fix their DANE setup.
* | mod_s2s: Recognise and report errors with CA or intermediate certsKim Alvefur2022-04-251-0/+8
| | | | | | | | | | Should be invoked for cases such as when the Let's Encrypt intermediate certificate expired not too long ago.
* | mod_s2s: Store real stanzas in session.sendq, rather than stringsMatthew Wild2022-03-231-19/+13
|/ | | | | | | | | | | | This is the "right" thing to do. Strings were more memory-efficient, but e.g. bypassed stanza filters at reconnection time. Also not being stanzas prevents us from potential future work, such as merging sendq with mod_smacks. Regarding performance: we should counter the probable negative effect of this change with other positive changes that are desired anyway - e.g. a limit on the size of the sendq, improved in-memory representation of stanzas, s2s backoff (e.g. if a remote server is persistently unreachable, cache this failure for a while and don't just keep forever queuing stanzas for it).
* Merge config-updates+check-turn from timberMatthew Wild2022-03-041-1/+1
|\
| * various: Require encryption by default for realKim Alvefur2021-12-251-1/+1
| | | | | | | | | | | | | | | | | | These options have been specified (and enabled) in the default config file for a long time. However if unspecified in the config, they were not enabled. Now they are. This may result in a change of behaviour for people using very old config files that lack the require_encryption options. But that's what we want.
* | mod_c2s,mod_s2s: Fix error on shutdown (Thanks Martin)Kim Alvefur2022-02-221-1/+1
| | | | | | | | | | Since there are two calls to done() that can happen, if the timing is right (or wrong) both can happen, which previously triggered an error.
* | mod_c2s,mod_s2s: Wrap callback to improve tracebacksKim Alvefur2022-02-221-1/+1
|/ | | | | Should make traces point here instead of timer dispatch, making debugging easier
* mod_c2s,mod_s2s: Wait for sessions to close before proceeding with shutdown ↵Kim Alvefur2022-02-171-1/+16
| | | | | | | | | | steps Ensures unavailable presence and other outgoing stanzas are sent. Waiting for c2s sessions to close first before proceeding to disable and close s2s ensures that unavailable presence can go out, even if it requires dialback to complete first.
* mod_s2s: Disable creation of new outgoing connections during shutdownKim Alvefur2022-02-111-0/+7
|
* mod_c2s,mod_s2s: Disable and close port listeners before closing sessionsKim Alvefur2022-02-111-0/+7
| | | | This ensures no new clients can start connecting during shutdown
* mod_s2s: Add new early s2s-connected eventsKim Alvefur2022-02-061-0/+3
| | | | | Allows doing things based on connections rather than sessions, which may have been created before or after.
* mod_s2s: Retrieve TLS context for outgoing Direct TLS connections from mod_tlsKim Alvefur2022-01-211-7/+11
| | | | | | | | | | So that the same TLS context is used for both Direct TLS and starttls, since they are supposed to be functionally identical apart from the few extra round trips. A new event is added because the 's2s-created' event fires much later, after a connection has already been established, where we need the TLS context before that.
* mod_s2s: Enable outgoing Direct TLS connectionsKim Alvefur2022-01-211-2/+9
| | | | | | | | | | Makes it faster by cutting out the roundtrips involved in <starttls/>, at the cost of making an additional SRV lookup. Since we already ignore a missing <starttls/> offer and try anyway there is not much difference in security. The fact that XMPP is used and the hostnames involved might still be visible until the future Encrypted ClientHello extension allows hiding those too.
* mod_s2s: Fix logging of <stream:error> consistency with other modsKim Alvefur2021-10-241-1/+1
| | | | | | | `reason` was often a table, so the log said "table: 0xptr" or such. mod_c2s, mod_bosh etc logs the stream error stanza object, so better do the same. It would be nicer if this was an util.error object, but that will have to be a future change.
* mod_s2s: Don't pass unknown hostnames as stats labelKim Alvefur2021-10-211-0/+1
| | | | | Labels are supposed to be fixed sets of things, so defined hosts are okay, but not unknown hosts.
* mod_s2s: Rename Direct TLS listener 's2s_direct_tls'Kim Alvefur2021-09-091-1/+1
| | | | | Following the style of other options like (c2s|s2s)_require_encryption, s2s_secure_auth etc.
* mod_s2s: Add a Direct TLS listenerKim Alvefur2021-08-101-0/+14
| | | | | | Mirroring the c2s 'direct_tls'. Naming things is hard. direct_tls_s2s_ports = { 5269+1 }
* mod_s2s: Handle connections having TLS from the startKim Alvefur2021-08-101-0/+4
| | | | | This could be done with multiplexing, or a future additional port definition.
* mod_s2s: Factor out procedure for newly encrypted sessionsKim Alvefur2021-08-101-12/+16
| | | | | Goal is to call this if the connection is using Direct TLS, either via multiplexing or a future Direct TLS S2S port.
* mod_c2s,mod_s2s: Indicate stanza size violation with condition from XEP-0205 ↵Kim Alvefur2021-09-061-1/+5
| | | | (thanks mjk)
* mod_c2s,mod_s2s: Fire event just before writesKim Alvefur2021-08-161-0/+7
| | | | | Could allow e.g. a XEP-0198 implementation to efficiently send ack requests at optimal times without using timers or nextTick.
* mod_s2s: Fire 's2s-ondrain' event, mirroring mod_c2sKim Alvefur2021-08-161-0/+7
| | | | | | | | Signals that any pending outgoing stanzas that were in the write buffer have at least been sent off to the Kernel and maybe even sent out over the network. See 7a703af90c9c for mod_c2s commit
* mod_s2s: Clone 'extra' data to let resolvers add more to itKim Alvefur2021-07-181-1/+5
| | | | | | | This way 'extra' is unique for each connect() instance, making it safer to mutate it, while inheriting the global settings. See 926d53af9a7a for some more context.
* mod_s2s: Handle measurement where the local host is unknownKim Alvefur2021-07-181-1/+1
| | | | | This could happen with Dialback-only connections or others that were missing the stream 'to' attribute.
* mod_s2s: Guard against missing 'to' on incoming streamKim Alvefur2021-07-181-1/+1
| | | | | | | | | | Given an incoming <stream:stream from="example.com"> this line would have mistakenly reported the 'from' as the local host. Neither are technically required and may be missing, especially on connections used only for Dialback. Outgoing connections initiated by Prosody always have 'from_host' and 'to_host', so it is safer to check it this way.