aboutsummaryrefslogtreecommitdiffstats
path: root/plugins/mod_s2s
Commit message (Collapse)AuthorAgeFilesLines
* mod_c2s,mod_s2s: Make stanza size limits configurableKim Alvefur2020-05-311-1/+2
|
* mod_c2s,mod_s2s: Use a distinct stream error for hitting stanza size limitKim Alvefur2020-05-311-1/+5
| | | | Since this is not a real parse error, it should not be reported as such.
* mod_s2s: Run stream close in async contextKim Alvefur2020-05-081-1/+8
| | | | | Allows async processing during stream shutdown. Fixes potential ASYNC-01 issues, however no such issues known at the time of this commit.
* mod_s2s: Improve signaling of stream open eventsKim Alvefur2020-05-081-4/+4
| | | | Makes it clearer, cleaner and easier to extend.
* mod_s2s: Fix typo in comment [codespell]Kim Alvefur2020-02-131-1/+1
|
* mod_s2s: Comment on the various 'reason' arguments passed to :closeKim Alvefur2020-01-261-0/+3
|
* mod_s2s: Pass use_ipv4/use_ipv6 from config to service resolverMatthew Wild2020-01-251-1/+7
|
* Backed out changeset 74d66b1be989 (not optimal API)Matthew Wild2020-01-251-6/+1
|
* mod_s2s: Pass use_ipv4/ipv6 from config to connector configMatthew Wild2020-01-241-1/+6
|
* mod_s2s: Remove obsolete pre-connect bufferKim Alvefur2019-12-171-14/+0
| | | | | | Originally added in c500d4cb7855 Dead code since the net.connect switch in 756b8821007a
* mod_s2s: Fix name conflict introduced in c7864f970969Kim Alvefur2019-12-101-7/+7
|
* mod_s2s: Invert condition to return early and reduce indentationKim Alvefur2019-12-041-26/+26
|
* mod_s2s: Fix mistake in 28755107c2f4Kim Alvefur2019-12-031-0/+1
|
* mod_s2s: Refactor stream error handling on closeKim Alvefur2019-12-011-19/+14
| | | | | | Deduplicates the 3 log calls that log the same thing but subtly differently. The first one would say "Disconnecting localhost" and the last one didn't log the IP.
* mod_s2s: Use stanza type check instead of duck typingKim Alvefur2019-12-011-1/+1
|
* mod_s2s: Improve TLS handshake error messagesKim Alvefur2019-12-011-0/+4
| | | | | | This should make it clearer that it's about the TLS handshake. Otherwise it's something like "unsupported protocol" or "no shared ciphers" that might not be that obvious.
* mod_s2s: Log from session loggerKim Alvefur2019-11-301-1/+1
| | | | Helps locating all messages related to a specific session
* mod_s2s: Improve log message about forbidding insecure connectionsKim Alvefur2019-11-301-1/+1
| | | | This new wording generator is nice.
* mod_net_multiplex: Add support for using ALPNKim Alvefur2019-11-291-0/+1
| | | | | | | Potentially a bit more efficient since it can jump to the selected protocol on connect instead of waiting for some data to look at. Adds a 'protocol' field to net providers for this purpose.
* mod_s2s: Prevent unhandled stanza handler from complaining about stream ↵Kim Alvefur2019-11-291-2/+2
| | | | | | features on aborted connections I have no idea why I wrote return false in e5945fb5b71f
* mod_s2s: Abort outgoing connections earlier when TLS requirement isn't satisfiedKim Alvefur2019-11-281-0/+7
| | | | | This ensures the closure reason is accurate and not reported as an authentication or other problem
* mod_s2s: Send stream errors for cert problems on outgoing connectionsKim Alvefur2019-11-281-6/+7
| | | | Rationale in comment.
* mod_s2s: Improve error in bounces due to cert validation problemsKim Alvefur2019-11-271-3/+24
|
* mod_s2s: Add error text for error replies on some s2s failures (#770)Kim Alvefur2019-11-231-5/+6
|
* s2s: Allow passing a custom error for bouncing queued stanzas (#770)Kim Alvefur2019-11-231-3/+3
| | | | Since stream errors and stanza errors are different
* mod_s2s: Wait for remote to close any connection allowing incoming stanzasKim Alvefur2019-11-181-1/+1
| | | | Ie both s2sin and bidi-enabled s2sout.
* mod_s2s: Allow passing bounce reason as an util.error object (see #770)Kim Alvefur2019-11-081-2/+9
| | | | This argument is currently unused in s2smanager.
* mod_s2s: Only nameprep stream to/from addresses if they are presentKim Alvefur2019-11-021-1/+3
| | | | Prevents traceback from nameprep(nil)
* mod_s2s: Close with a stream error in case neither SASL or Dialback are ↵Kim Alvefur2019-10-061-1/+4
| | | | | | | available This both tells the remote server and users who sent any queued stanzas why it failed.
* mod_s2s: Remove warning about hostname mismatchKim Alvefur2019-09-071-5/+0
| | | | | | It triggers on bidi-related routing where this to/from is flipped. Removing since I don't think we have ever seen this potential bug.
* mod_s2s: Insert s2sin into outgoing routing table when bidirectionalKim Alvefur2019-09-071-0/+4
|
* mod_s2s: Add function to send replies on s2sout connections that support ↵Kim Alvefur2019-09-071-0/+7
| | | | incoming traffic
* mod_s2s: Handle authentication of s2sin and s2sout the same wayKim Alvefur2019-09-071-7/+5
|
* mod_s2s: Remove obsolete cleanup codeKim Alvefur2019-09-071-7/+0
| | | | These were added by s2sout.lib
* Remove COMPAT with temporary luasec forkKim Alvefur2019-08-251-1/+0
| | | | | The changes in the temporary fork were merged into mainline luasec ca 2013 and included in the 0.5 release in 2014.
* mod_s2s: Use net.connect instead of s2sout.lib for outgoing s2s connectionsKim Alvefur2018-11-102-364/+23
|
* mod_s2s: Distinguish between high and low level errors in bouncesKim Alvefur2019-08-011-2/+10
| | | | | | | | | | | | `remote-server-not-found` is reported for problems occurring without a reply `<stream>` having been opened, e.g.?DNS records were not found or no TCP stream could be established to a functioning XMPP entity. `remote-server-timeout` is reported for problems that occurring after a stream has been opened, such as configuration problems, inability to perform TLS or unsuccessful certificate validation. Related: #770
* plugins: Remove tostring call from loggingKim Alvefur2019-07-301-3/+3
| | | | | | Taken care of by loggingmanager now Mass-rewrite using lua pattern like `tostring%b()`
* mod_s2s: Set warning status if not listening on any portsMatthew Wild2019-03-191-1/+1
|
* mod_tls: Restore querying for certificates on s2sKim Alvefur2019-03-111-1/+1
| | | | | The 'ssl_config' setting in the mod_s2s network service is not used. Only direct TLS ports use this currently.
* core.certmanager: Do not ask for client certificates by defaultKim Alvefur2019-03-101-0/+3
| | | | | | Since it's mostly only mod_s2s that needs to request client certificates it makes some sense to have mod_s2s ask for this, instead of having eg mod_http ask to disable it.
* mod_c2s, mod_s2s, mod_component: Log invalid XML escaped (fixes #734)Kim Alvefur2019-01-151-2/+1
| | | | See 6ed0d6224d64
* mod_s2s: Indicate origin of s2s errorKim Alvefur2018-10-081-1/+1
|
* mod_s2s: Fix previous commitKim Alvefur2018-09-301-1/+1
|
* mod_s2s: Silence luacheck warnings in s2sout moduleKim Alvefur2018-09-301-1/+3
|
* mod_s2s: Silence all warnings instead of ignoring the entire moduleKim Alvefur2018-09-301-6/+13
|
* sessionmanager, mod_s2s: Bring debug line for outgoing stanzas in line with ↵Kim Alvefur2018-07-241-1/+1
| | | | that for incoming
* mod_s2s: Reduce logging (#776)Kim Alvefur2018-07-221-2/+0
|
* Merge 0.10->trunkKim Alvefur2018-06-221-0/+3
|\
| * mod_s2s: Close sockets held by resolver (#1170)Kim Alvefur2018-06-171-0/+3
| |