aboutsummaryrefslogtreecommitdiffstats
path: root/plugins/mod_s2s/mod_s2s.lua
Commit message (Collapse)AuthorAgeFilesLines
* mod_s2s: Add COMPAT cahin verification code for older LuaSec versionsKim Alvefur2013-04-041-2/+11
|
* mod_s2s: Close incoming s2s with stream error when secure and we don't trust ↵Matthew Wild2013-04-011-1/+5
| | | | their certificate
* mod_s2s: Prevent s2s to and from hosts we serve locallyKim Alvefur2013-03-271-0/+12
|
* mod_s2s: Prevent traceback when replying to incoming connection to a host we ↵Kim Alvefur2013-03-261-1/+1
| | | | don't serve
* mod_s2s: session.from_host does not allways exist on incoming connections, ↵Kim Alvefur2013-03-251-1/+1
| | | | true and nil or "our hostname" does not evaluate to what we want here
* mod_s2s: Fix variable usage in check_auth_policy (thanks Florob)Matthew Wild2013-03-221-6/+7
|
* mod_s2s: Remove unused variableMatthew Wild2013-03-221-1/+0
|
* mod_s2s: Add controls for certificate validation via the s2s_secure_auth ↵Matthew Wild2013-03-221-3/+32
| | | | option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout)
* s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move ↵Matthew Wild2013-03-221-2/+74
| | | | s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
* mod_s2s, mod_saslauth, mod_compression: Refactor to have common code for ↵Kim Alvefur2013-03-161-6/+25
| | | | opening streams
* mod_s2s: Do not include xmlns:db declaration in stream header if ↵Matthew Wild2013-03-121-1/+2
| | | | mod_dialback is not loaded
* mod_s2s: Make sure host variable is reachableKim Alvefur2013-03-111-2/+1
|
* mod_s2s: Fire s2s-check-certificate event after validating a certificate, to ↵Matthew Wild2013-03-101-0/+1
| | | | allow plugins to override standard procedure
* mod_s2s, mod_dialback: Rename s2s-authenticate-legacy event to ↵Matthew Wild2013-03-101-1/+1
| | | | s2sout-authenticate-legacy for clarity. Also, hello!
* mod_s2s: Don't try to close sessions that were destroyed before timeoutKim Alvefur2013-01-241-0/+2
|
* prosody, mod_c2s, mod_s2s: Move closing of c2s and s2s sessions to ↵Kim Alvefur2012-12-281-0/+9
| | | | respective plugins
* mod_s2s: Remove connection from sessions table as soon as we learn it is ↵Matthew Wild2012-12-281-1/+1
| | | | disconnected. Fixes a connection/session leak.
* mod_s2s: Detect TLS compressionKim Alvefur2012-10-241-0/+8
|
* mod_{admin_telnet,c2s,component,http,net_multiplex,s2s}: Use ↵Waqas Hussain2012-09-121-1/+1
| | | | module:provides() instead of module:add_item().
* mod_admin_adhoc, mod_admin_telnet, mod_bosh, mod_c2s, mod_component, ↵Kim Alvefur2012-07-261-1/+1
| | | | mod_pep, mod_presence, mod_roster, mod_s2s: Import core_post_stanza from the global prosody table.
* mod_s2s: Bump s2s_timeout to 90, to allow for the TCP timeout (in most ↵Matthew Wild2012-07-231-1/+1
| | | | cases) - this allows us to continue to try other targets
* mod_c2s, mod_s2s: Lower 'Disconnecting X' log messages from 'info' to 'debug'Matthew Wild2012-07-231-3/+3
|
* Hopefully inert commit to clean up logging across a number of modules, ↵Matthew Wild2012-07-231-1/+1
| | | | removing all cases of concatenation when building log messages
* mod_s2s: Adjust session:close() in line with mod_c2s's - fixes waiting for ↵Matthew Wild2012-07-231-6/+6
| | | | </stream:stream> if it has already been sent by the peer
* mod_s2s: Don't call ondisconnect manually, don't call conn:close() 3 times ↵Matthew Wild2012-07-221-19/+29
| | | | (!) and merge its logic and streamdisconnected into session_close - including now waiting for a reply </stream:stream> if there is the chance of further stanzas requiring delivery arriving. session.sends2s() on a half-closed stream returns false.
* mod_s2s: Don't treat a stanza as delivered if session.sends2s() returns falseMatthew Wild2012-07-221-3/+4
|
* mod_s2s: Make unauthed session timeout a little more aggressive... otherwise ↵Matthew Wild2012-07-221-4/+2
| | | | it's possible for sessions to slip under the net and never get killed off
* mod_s2s, s2sout.lib: Send stream header in onconnect()Matthew Wild2012-05-241-2/+5
|
* mod_s2s: Only try next target if the stream didn't openMatthew Wild2012-05-131-1/+1
|
* mod_s2s: Remove TODO comment for SASL/TLS on s2s (thanks Florob)Matthew Wild2012-05-111-1/+0
|
* mod_s2s, mod_auth_anonymous, hostmanager: Remove disallow_s2s flag, ↵Matthew Wild2012-05-111-2/+3
| | | | deprecate the config option of the same name (disable mod_s2s instead), and add 'allow_anonymous_s2s' to separately control s2s for anonymous users
* mod_s2s, s2smanager, mod_dialback: Move addition of session.send() on s2sin ↵Matthew Wild2012-05-101-5/+0
| | | | to after they are authenticated (thus from mod_s2s to s2smanager). Update mod_dialback to fire route/remote directly, as session.send() is no longer available for s2sin_unauthed. Fixes #291.
* mod_s2s: Cache to_host and from_host in local variables, and use these ↵Matthew Wild2012-05-041-10/+13
| | | | instead of repeated lookups
* mod_s2s: Add session.send() only to incoming streams, and fire the ↵Matthew Wild2012-05-041-1/+5
| | | | route/remote event on the host (not global anymore)
* mod_s2s: Become a shared module (yay)Matthew Wild2012-05-041-4/+14
|
* Rename plugins/s2s/ to plugins/mod_s2s/Matthew Wild2012-05-041-0/+486