aboutsummaryrefslogtreecommitdiffstats
path: root/plugins/mod_s2s/mod_s2s.lua
Commit message (Collapse)AuthorAgeFilesLines
* Merge 0.9->0.10Matthew Wild2014-08-281-1/+4
|\
| * mod_c2s, mod_s2s: Log received invalid stream headersMatthew Wild2014-08-231-0/+1
| |
| * mod_s2s: Reset stream ID when resetting stream [compliance]Kim Alvefur2014-08-271-0/+1
| |
| * mod_s2s: Mark stream as opened earlier for outgoing connections, fixes ↵Kim Alvefur2014-08-261-1/+2
| | | | | | | | double stream headers on policy failures
* | mod_s2s: Remove unused localsKim Alvefur2014-07-251-2/+0
| |
* | mod_s2s_auth_certs: Split PKIX based certificate checking from mod_s2s into ↵Kim Alvefur2014-07-251-33/+0
| | | | | | | | new plugin
* | mod_dialback: Short-circuit dialback auth if certificate is considered validKim Alvefur2014-07-041-1/+1
| |
* | mod_s2s: Fire a 's2s-created' event when new s2s connections are initializedKim Alvefur2014-05-241-0/+2
| |
* | mod_s2s: Remove redundant setting of session.directionKim Alvefur2014-05-221-1/+0
| |
* | mod_s2s: Move filter initialization to common placeKim Alvefur2014-05-221-17/+17
| |
* | mod_s2s: Decide on log function onceKim Alvefur2014-05-221-2/+3
| |
* | mod_s2s: Follow XMPP Core on when a stream is to be considered readyKim Alvefur2014-04-221-1/+11
| |
* | mod_s2s: Replace open_stream() with function that only adds s2s/dialback ↵Kim Alvefur2014-04-181-14/+2
| | | | | | | | attributes to stream header
* | mod_s2s: Revert e626ee2fe106 change, it broke DialbackKim Alvefur2014-04-101-0/+20
| |
* | mod_c2s, mod_s2s, mod_component, util.xmppstream: Move all ↵Kim Alvefur2014-04-101-20/+0
| | | | | | | | session:open_stream() functions to util.xmppstream
* | Merge 0.9->0.10Matthew Wild2014-01-121-4/+4
|\|
| * mod_s2s: Include IP in log messages, if host is unavailableFlorian Zeitz2014-01-051-4/+4
| |
* | mod_c2s, mod_s2s: Set session.encrypted as session.secure does not allways ↵Kim Alvefur2013-10-071-0/+1
| | | | | | | | mean encrypted (eg consider_bosh_secure)
* | mod_c2s, mod_s2s: Log cipher and encryption info in a more compact and ↵Kim Alvefur2013-08-141-2/+1
| | | | | | | | (hopefully) less confusing way
* | mod_s2s: Captitalize log messages that begin with a stream directionKim Alvefur2013-08-141-2/+2
| |
* | Remove all trailing whitespaceFlorian Zeitz2013-08-091-24/+24
| |
* | Merge 0.9->trunkKim Alvefur2013-08-061-2/+3
|\|
| * mod_admin_telnet, mod_s2s: Fix reporting of certificate chain validation detailsKim Alvefur2013-08-061-1/+1
| |
| * mod_s2s: Improve policy checkKim Alvefur2013-08-051-1/+1
| |
| * mod_s2s: Log certificate identity validation resultKim Alvefur2013-08-041-0/+1
| |
* | mod_c2s, mod_s2s: Log a message that stream encryption has been enabled with ↵Kim Alvefur2013-08-021-4/+7
| | | | | | | | some details
* | mod_s2s: Add missing global hook for read-timeoutKim Alvefur2013-06-261-0/+2
| |
* | mod_c2s, mod_s2s: Fire an event on read timeoutsKim Alvefur2013-06-111-1/+6
| |
* | mod_s2s: Set s2s_session.ipKim Alvefur2013-06-091-0/+1
| |
* | mod_c2s, mod_c2s: Send a whitespace on read timeout, to prod TCP into ↵Kim Alvefur2013-05-301-0/+7
| | | | | | | | detecting if the connection died
* | mod_s2s: Remove unnecessary debug messageMatthew Wild2013-05-281-1/+0
|/
* mod_s2s: Fix interaction between s2s_secure_auth and s2s_require_encryption, ↵Matthew Wild2013-05-181-2/+2
| | | | in particular ensure that when s2s_require_encryption is NOT set, do not require encryption on s2s_insecure_domains.
* mod_s2s: Ensure that to/from on stream headers are always correct, fixes #338Matthew Wild2013-04-291-6/+7
|
* mod_s2s: Obey tcp_keepalives option for s2s too, and make it individually ↵Matthew Wild2013-04-261-1/+2
| | | | configurable through s2s_tcp_keepalives (thanks yeled)
* mod_c2s, mod_s2s, net.http, net.http.server: Improve tracebacks (omit ↵Matthew Wild2013-04-221-1/+1
| | | | traceback function), to make it clearer where an error occured
* mod_s2s: Add missing spaceKim Alvefur2013-04-151-1/+1
|
* mod_s2s: Adjust priority of route/remote hooks to negative values (like most ↵Kim Alvefur2013-04-081-2/+2
| | | | other internal hooks)
* mod_s2s: Add COMPAT cahin verification code for older LuaSec versionsKim Alvefur2013-04-041-2/+11
|
* mod_s2s: Close incoming s2s with stream error when secure and we don't trust ↵Matthew Wild2013-04-011-1/+5
| | | | their certificate
* mod_s2s: Prevent s2s to and from hosts we serve locallyKim Alvefur2013-03-271-0/+12
|
* mod_s2s: Prevent traceback when replying to incoming connection to a host we ↵Kim Alvefur2013-03-261-1/+1
| | | | don't serve
* mod_s2s: session.from_host does not allways exist on incoming connections, ↵Kim Alvefur2013-03-251-1/+1
| | | | true and nil or "our hostname" does not evaluate to what we want here
* mod_s2s: Fix variable usage in check_auth_policy (thanks Florob)Matthew Wild2013-03-221-6/+7
|
* mod_s2s: Remove unused variableMatthew Wild2013-03-221-1/+0
|
* mod_s2s: Add controls for certificate validation via the s2s_secure_auth ↵Matthew Wild2013-03-221-3/+32
| | | | option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout)
* s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move ↵Matthew Wild2013-03-221-2/+74
| | | | s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
* mod_s2s, mod_saslauth, mod_compression: Refactor to have common code for ↵Kim Alvefur2013-03-161-6/+25
| | | | opening streams
* mod_s2s: Do not include xmlns:db declaration in stream header if ↵Matthew Wild2013-03-121-1/+2
| | | | mod_dialback is not loaded
* mod_s2s: Make sure host variable is reachableKim Alvefur2013-03-111-2/+1
|
* mod_s2s: Fire s2s-check-certificate event after validating a certificate, to ↵Matthew Wild2013-03-101-0/+1
| | | | allow plugins to override standard procedure