Commit message (Collapse) | Author | Age | Files | Lines | ||
---|---|---|---|---|---|---|
... | ||||||
* | | mod_s2s: Close s2s connections that can not proceed due to mod_dialback not ↵ | Kim Alvefur | 2014-09-23 | 1 | -0/+4 | |
| | | | | | | | | being present | |||||
* | | core.stanza_router, mod_s2s: Move handling of S2S features to mod_s2s from ↵ | Kim Alvefur | 2014-09-09 | 1 | -0/+1 | |
| | | | | | | | | stanza_router | |||||
* | | Merge 0.9->0.10 | Kim Alvefur | 2014-09-02 | 1 | -2/+9 | |
|\| | ||||||
| * | net.http, net.http.server, mod_c2s, mod_s2s, mod_component, ↵ | Matthew Wild | 2014-08-29 | 1 | -0/+4 | |
| | | | | | | | | mod_admin_telnet, mod_net_multiplex: Add ondetach to release connection from 'sessions' table (or equivalent) | |||||
| * | mod_s2s: Close offending s2s streams missing an 'id' attribute with a stream ↵ | Kim Alvefur | 2014-09-02 | 1 | -2/+5 | |
| | | | | | | | | error instead of throwing an unhandled error | |||||
* | | Merge 0.9->0.10 | Matthew Wild | 2014-08-28 | 1 | -1/+4 | |
|\| | ||||||
| * | mod_c2s, mod_s2s: Log received invalid stream headers | Matthew Wild | 2014-08-23 | 1 | -0/+1 | |
| | | ||||||
| * | mod_s2s: Reset stream ID when resetting stream [compliance] | Kim Alvefur | 2014-08-27 | 1 | -0/+1 | |
| | | ||||||
| * | mod_s2s: Mark stream as opened earlier for outgoing connections, fixes ↵ | Kim Alvefur | 2014-08-26 | 1 | -1/+2 | |
| | | | | | | | | double stream headers on policy failures | |||||
* | | mod_s2s: Remove unused locals | Kim Alvefur | 2014-07-25 | 1 | -2/+0 | |
| | | ||||||
* | | mod_s2s_auth_certs: Split PKIX based certificate checking from mod_s2s into ↵ | Kim Alvefur | 2014-07-25 | 1 | -33/+0 | |
| | | | | | | | | new plugin | |||||
* | | mod_dialback: Short-circuit dialback auth if certificate is considered valid | Kim Alvefur | 2014-07-04 | 1 | -1/+1 | |
| | | ||||||
* | | mod_s2s: Fire a 's2s-created' event when new s2s connections are initialized | Kim Alvefur | 2014-05-24 | 1 | -0/+2 | |
| | | ||||||
* | | mod_s2s: Remove redundant setting of session.direction | Kim Alvefur | 2014-05-22 | 1 | -1/+0 | |
| | | ||||||
* | | mod_s2s: Move filter initialization to common place | Kim Alvefur | 2014-05-22 | 1 | -17/+17 | |
| | | ||||||
* | | mod_s2s: Decide on log function once | Kim Alvefur | 2014-05-22 | 1 | -2/+3 | |
| | | ||||||
* | | mod_s2s: Follow XMPP Core on when a stream is to be considered ready | Kim Alvefur | 2014-04-22 | 1 | -1/+11 | |
| | | ||||||
* | | mod_s2s: Replace open_stream() with function that only adds s2s/dialback ↵ | Kim Alvefur | 2014-04-18 | 1 | -14/+2 | |
| | | | | | | | | attributes to stream header | |||||
* | | mod_s2s: Revert e626ee2fe106 change, it broke Dialback | Kim Alvefur | 2014-04-10 | 1 | -0/+20 | |
| | | ||||||
* | | mod_c2s, mod_s2s, mod_component, util.xmppstream: Move all ↵ | Kim Alvefur | 2014-04-10 | 1 | -20/+0 | |
| | | | | | | | | session:open_stream() functions to util.xmppstream | |||||
* | | Merge 0.9->0.10 | Matthew Wild | 2014-01-12 | 1 | -4/+4 | |
|\| | ||||||
| * | mod_s2s: Include IP in log messages, if host is unavailable | Florian Zeitz | 2014-01-05 | 1 | -4/+4 | |
| | | ||||||
* | | mod_c2s, mod_s2s: Set session.encrypted as session.secure does not allways ↵ | Kim Alvefur | 2013-10-07 | 1 | -0/+1 | |
| | | | | | | | | mean encrypted (eg consider_bosh_secure) | |||||
* | | mod_c2s, mod_s2s: Log cipher and encryption info in a more compact and ↵ | Kim Alvefur | 2013-08-14 | 1 | -2/+1 | |
| | | | | | | | | (hopefully) less confusing way | |||||
* | | mod_s2s: Captitalize log messages that begin with a stream direction | Kim Alvefur | 2013-08-14 | 1 | -2/+2 | |
| | | ||||||
* | | Remove all trailing whitespace | Florian Zeitz | 2013-08-09 | 1 | -24/+24 | |
| | | ||||||
* | | Merge 0.9->trunk | Kim Alvefur | 2013-08-06 | 1 | -2/+3 | |
|\| | ||||||
| * | mod_admin_telnet, mod_s2s: Fix reporting of certificate chain validation details | Kim Alvefur | 2013-08-06 | 1 | -1/+1 | |
| | | ||||||
| * | mod_s2s: Improve policy check | Kim Alvefur | 2013-08-05 | 1 | -1/+1 | |
| | | ||||||
| * | mod_s2s: Log certificate identity validation result | Kim Alvefur | 2013-08-04 | 1 | -0/+1 | |
| | | ||||||
* | | mod_c2s, mod_s2s: Log a message that stream encryption has been enabled with ↵ | Kim Alvefur | 2013-08-02 | 1 | -4/+7 | |
| | | | | | | | | some details | |||||
* | | mod_s2s: Add missing global hook for read-timeout | Kim Alvefur | 2013-06-26 | 1 | -0/+2 | |
| | | ||||||
* | | mod_c2s, mod_s2s: Fire an event on read timeouts | Kim Alvefur | 2013-06-11 | 1 | -1/+6 | |
| | | ||||||
* | | mod_s2s: Set s2s_session.ip | Kim Alvefur | 2013-06-09 | 1 | -0/+1 | |
| | | ||||||
* | | mod_c2s, mod_c2s: Send a whitespace on read timeout, to prod TCP into ↵ | Kim Alvefur | 2013-05-30 | 1 | -0/+7 | |
| | | | | | | | | detecting if the connection died | |||||
* | | mod_s2s: Remove unnecessary debug message | Matthew Wild | 2013-05-28 | 1 | -1/+0 | |
|/ | ||||||
* | mod_s2s: Fix interaction between s2s_secure_auth and s2s_require_encryption, ↵ | Matthew Wild | 2013-05-18 | 1 | -2/+2 | |
| | | | | in particular ensure that when s2s_require_encryption is NOT set, do not require encryption on s2s_insecure_domains. | |||||
* | mod_s2s: Ensure that to/from on stream headers are always correct, fixes #338 | Matthew Wild | 2013-04-29 | 1 | -6/+7 | |
| | ||||||
* | mod_s2s: Obey tcp_keepalives option for s2s too, and make it individually ↵ | Matthew Wild | 2013-04-26 | 1 | -1/+2 | |
| | | | | configurable through s2s_tcp_keepalives (thanks yeled) | |||||
* | mod_c2s, mod_s2s, net.http, net.http.server: Improve tracebacks (omit ↵ | Matthew Wild | 2013-04-22 | 1 | -1/+1 | |
| | | | | traceback function), to make it clearer where an error occured | |||||
* | mod_s2s: Add missing space | Kim Alvefur | 2013-04-15 | 1 | -1/+1 | |
| | ||||||
* | mod_s2s: Adjust priority of route/remote hooks to negative values (like most ↵ | Kim Alvefur | 2013-04-08 | 1 | -2/+2 | |
| | | | | other internal hooks) | |||||
* | mod_s2s: Add COMPAT cahin verification code for older LuaSec versions | Kim Alvefur | 2013-04-04 | 1 | -2/+11 | |
| | ||||||
* | mod_s2s: Close incoming s2s with stream error when secure and we don't trust ↵ | Matthew Wild | 2013-04-01 | 1 | -1/+5 | |
| | | | | their certificate | |||||
* | mod_s2s: Prevent s2s to and from hosts we serve locally | Kim Alvefur | 2013-03-27 | 1 | -0/+12 | |
| | ||||||
* | mod_s2s: Prevent traceback when replying to incoming connection to a host we ↵ | Kim Alvefur | 2013-03-26 | 1 | -1/+1 | |
| | | | | don't serve | |||||
* | mod_s2s: session.from_host does not allways exist on incoming connections, ↵ | Kim Alvefur | 2013-03-25 | 1 | -1/+1 | |
| | | | | true and nil or "our hostname" does not evaluate to what we want here | |||||
* | mod_s2s: Fix variable usage in check_auth_policy (thanks Florob) | Matthew Wild | 2013-03-22 | 1 | -6/+7 | |
| | ||||||
* | mod_s2s: Remove unused variable | Matthew Wild | 2013-03-22 | 1 | -1/+0 | |
| | ||||||
* | mod_s2s: Add controls for certificate validation via the s2s_secure_auth ↵ | Matthew Wild | 2013-03-22 | 1 | -3/+32 | |
| | | | | option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout) |