Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | mod_s2s: Refactor stream error handling on close | Kim Alvefur | 2019-12-01 | 1 | -19/+14 |
| | | | | | | Deduplicates the 3 log calls that log the same thing but subtly differently. The first one would say "Disconnecting localhost" and the last one didn't log the IP. | ||||
* | mod_s2s: Use stanza type check instead of duck typing | Kim Alvefur | 2019-12-01 | 1 | -1/+1 |
| | |||||
* | mod_s2s: Improve TLS handshake error messages | Kim Alvefur | 2019-12-01 | 1 | -0/+4 |
| | | | | | | This should make it clearer that it's about the TLS handshake. Otherwise it's something like "unsupported protocol" or "no shared ciphers" that might not be that obvious. | ||||
* | mod_s2s: Log from session logger | Kim Alvefur | 2019-11-30 | 1 | -1/+1 |
| | | | | Helps locating all messages related to a specific session | ||||
* | mod_s2s: Improve log message about forbidding insecure connections | Kim Alvefur | 2019-11-30 | 1 | -1/+1 |
| | | | | This new wording generator is nice. | ||||
* | mod_net_multiplex: Add support for using ALPN | Kim Alvefur | 2019-11-29 | 1 | -0/+1 |
| | | | | | | | Potentially a bit more efficient since it can jump to the selected protocol on connect instead of waiting for some data to look at. Adds a 'protocol' field to net providers for this purpose. | ||||
* | mod_s2s: Prevent unhandled stanza handler from complaining about stream ↵ | Kim Alvefur | 2019-11-29 | 1 | -2/+2 |
| | | | | | | features on aborted connections I have no idea why I wrote return false in e5945fb5b71f | ||||
* | mod_s2s: Abort outgoing connections earlier when TLS requirement isn't satisfied | Kim Alvefur | 2019-11-28 | 1 | -0/+7 |
| | | | | | This ensures the closure reason is accurate and not reported as an authentication or other problem | ||||
* | mod_s2s: Send stream errors for cert problems on outgoing connections | Kim Alvefur | 2019-11-28 | 1 | -6/+7 |
| | | | | Rationale in comment. | ||||
* | mod_s2s: Improve error in bounces due to cert validation problems | Kim Alvefur | 2019-11-27 | 1 | -3/+24 |
| | |||||
* | mod_s2s: Add error text for error replies on some s2s failures (#770) | Kim Alvefur | 2019-11-23 | 1 | -5/+6 |
| | |||||
* | s2s: Allow passing a custom error for bouncing queued stanzas (#770) | Kim Alvefur | 2019-11-23 | 1 | -3/+3 |
| | | | | Since stream errors and stanza errors are different | ||||
* | mod_s2s: Wait for remote to close any connection allowing incoming stanzas | Kim Alvefur | 2019-11-18 | 1 | -1/+1 |
| | | | | Ie both s2sin and bidi-enabled s2sout. | ||||
* | mod_s2s: Allow passing bounce reason as an util.error object (see #770) | Kim Alvefur | 2019-11-08 | 1 | -2/+9 |
| | | | | This argument is currently unused in s2smanager. | ||||
* | mod_s2s: Only nameprep stream to/from addresses if they are present | Kim Alvefur | 2019-11-02 | 1 | -1/+3 |
| | | | | Prevents traceback from nameprep(nil) | ||||
* | mod_s2s: Close with a stream error in case neither SASL or Dialback are ↵ | Kim Alvefur | 2019-10-06 | 1 | -1/+4 |
| | | | | | | | available This both tells the remote server and users who sent any queued stanzas why it failed. | ||||
* | mod_s2s: Remove warning about hostname mismatch | Kim Alvefur | 2019-09-07 | 1 | -5/+0 |
| | | | | | | It triggers on bidi-related routing where this to/from is flipped. Removing since I don't think we have ever seen this potential bug. | ||||
* | mod_s2s: Insert s2sin into outgoing routing table when bidirectional | Kim Alvefur | 2019-09-07 | 1 | -0/+4 |
| | |||||
* | mod_s2s: Add function to send replies on s2sout connections that support ↵ | Kim Alvefur | 2019-09-07 | 1 | -0/+7 |
| | | | | incoming traffic | ||||
* | mod_s2s: Handle authentication of s2sin and s2sout the same way | Kim Alvefur | 2019-09-07 | 1 | -7/+5 |
| | |||||
* | mod_s2s: Remove obsolete cleanup code | Kim Alvefur | 2019-09-07 | 1 | -7/+0 |
| | | | | These were added by s2sout.lib | ||||
* | Remove COMPAT with temporary luasec fork | Kim Alvefur | 2019-08-25 | 1 | -1/+0 |
| | | | | | The changes in the temporary fork were merged into mainline luasec ca 2013 and included in the 0.5 release in 2014. | ||||
* | mod_s2s: Use net.connect instead of s2sout.lib for outgoing s2s connections | Kim Alvefur | 2018-11-10 | 2 | -364/+23 |
| | |||||
* | mod_s2s: Distinguish between high and low level errors in bounces | Kim Alvefur | 2019-08-01 | 1 | -2/+10 |
| | | | | | | | | | | | | `remote-server-not-found` is reported for problems occurring without a reply `<stream>` having been opened, e.g. DNS records were not found or no TCP stream could be established to a functioning XMPP entity. `remote-server-timeout` is reported for problems that occurring after a stream has been opened, such as configuration problems, inability to perform TLS or unsuccessful certificate validation. Related: #770 | ||||
* | plugins: Remove tostring call from logging | Kim Alvefur | 2019-07-30 | 1 | -3/+3 |
| | | | | | | Taken care of by loggingmanager now Mass-rewrite using lua pattern like `tostring%b()` | ||||
* | mod_s2s: Set warning status if not listening on any ports | Matthew Wild | 2019-03-19 | 1 | -1/+1 |
| | |||||
* | mod_tls: Restore querying for certificates on s2s | Kim Alvefur | 2019-03-11 | 1 | -1/+1 |
| | | | | | The 'ssl_config' setting in the mod_s2s network service is not used. Only direct TLS ports use this currently. | ||||
* | core.certmanager: Do not ask for client certificates by default | Kim Alvefur | 2019-03-10 | 1 | -0/+3 |
| | | | | | | Since it's mostly only mod_s2s that needs to request client certificates it makes some sense to have mod_s2s ask for this, instead of having eg mod_http ask to disable it. | ||||
* | mod_c2s, mod_s2s, mod_component: Log invalid XML escaped (fixes #734) | Kim Alvefur | 2019-01-15 | 1 | -2/+1 |
| | | | | See 6ed0d6224d64 | ||||
* | mod_s2s: Indicate origin of s2s error | Kim Alvefur | 2018-10-08 | 1 | -1/+1 |
| | |||||
* | mod_s2s: Fix previous commit | Kim Alvefur | 2018-09-30 | 1 | -1/+1 |
| | |||||
* | mod_s2s: Silence luacheck warnings in s2sout module | Kim Alvefur | 2018-09-30 | 1 | -1/+3 |
| | |||||
* | mod_s2s: Silence all warnings instead of ignoring the entire module | Kim Alvefur | 2018-09-30 | 1 | -6/+13 |
| | |||||
* | sessionmanager, mod_s2s: Bring debug line for outgoing stanzas in line with ↵ | Kim Alvefur | 2018-07-24 | 1 | -1/+1 |
| | | | | that for incoming | ||||
* | mod_s2s: Reduce logging (#776) | Kim Alvefur | 2018-07-22 | 1 | -2/+0 |
| | |||||
* | Merge 0.10->trunk | Kim Alvefur | 2018-06-22 | 1 | -0/+3 |
|\ | |||||
| * | mod_s2s: Close sockets held by resolver (#1170) | Kim Alvefur | 2018-06-17 | 1 | -0/+3 |
| | | |||||
* | | mod_s2s: Use session logger to ease debugging | Kim Alvefur | 2018-06-14 | 1 | -1/+6 |
| | | |||||
* | | mod_s2s: Log a message before trying the next SRV record | Kim Alvefur | 2018-06-14 | 1 | -0/+1 |
| | | | | | | | | This was the only spot where it did `ip_hosts = nil` without logging | ||||
* | | Merge 0.10->trunk | Kim Alvefur | 2018-06-09 | 1 | -1/+1 |
|\| | |||||
| * | mod_s2s: Fix DNS timeout setting for per-session resolvers (fixes #1167) | Kim Alvefur | 2018-06-09 | 1 | -1/+1 |
| | | |||||
* | | mod_s2s: Add setting for overriding DNS resolvers (and avoid reading ↵ | Kim Alvefur | 2018-06-03 | 1 | -0/+6 |
| | | | | | | | | /etc/resolv.conf every time) | ||||
* | | mod_s2s: Add a counter for IPv6. | Emmanuel Gil Peyrot | 2017-09-09 | 1 | -1/+7 |
| | | |||||
* | | mod_s2s: Don't use string concatenation when passing values to logging | Kim Alvefur | 2018-02-25 | 1 | -1/+1 |
| | | |||||
* | | mod_s2s: Remove tostring() in logging since this is handled by util.format now | Kim Alvefur | 2017-12-21 | 2 | -11/+11 |
| | | |||||
* | | mod_s2s: Restructure some code | Kim Alvefur | 2017-12-05 | 1 | -2/+9 |
| | | |||||
* | | mod_s2s: Remove unused argument [luacheck] | Kim Alvefur | 2017-12-05 | 1 | -1/+1 |
| | | |||||
* | | mod_s2s: Remove unused local [luacheck] | Kim Alvefur | 2017-12-05 | 1 | -1/+1 |
| | | |||||
* | | Merge 0.10->trunk | Matthew Wild | 2017-09-26 | 2 | -5/+7 |
|\| | |||||
| * | mod_s2s: Use a separate resolver object for each outgoing session | Matthew Wild | 2017-09-25 | 2 | -5/+7 |
| | | | | | | | | | | | | | | | | Cleaner approach hopefully fixes problems with some peoples' DNS hanging after a while, failed DNS when a large number of queries are made at once, and source port re-use. Related issues: #487, 761, #991, #992, #1001 |