Commit message (Collapse) | Author | Age | Files | Lines | ||
---|---|---|---|---|---|---|
... | ||||||
* | mod_s2s: Fix interaction between s2s_secure_auth and s2s_require_encryption, ↵ | Matthew Wild | 2013-05-18 | 1 | -2/+2 | |
| | | | | in particular ensure that when s2s_require_encryption is NOT set, do not require encryption on s2s_insecure_domains. | |||||
* | util.rfc{3484,6724}: Update to RFC 6724 | Florian Zeitz | 2013-04-30 | 1 | -3/+3 | |
| | ||||||
* | mod_s2s: Ensure that to/from on stream headers are always correct, fixes #338 | Matthew Wild | 2013-04-29 | 1 | -6/+7 | |
| | ||||||
* | mod_s2s: Obey tcp_keepalives option for s2s too, and make it individually ↵ | Matthew Wild | 2013-04-26 | 1 | -1/+2 | |
| | | | | configurable through s2s_tcp_keepalives (thanks yeled) | |||||
* | mod_c2s, mod_s2s, net.http, net.http.server: Improve tracebacks (omit ↵ | Matthew Wild | 2013-04-22 | 1 | -1/+1 | |
| | | | | traceback function), to make it clearer where an error occured | |||||
* | mod_s2s: Add missing space | Kim Alvefur | 2013-04-15 | 1 | -1/+1 | |
| | ||||||
* | mod_s2s: Adjust priority of route/remote hooks to negative values (like most ↵ | Kim Alvefur | 2013-04-08 | 1 | -2/+2 | |
| | | | | other internal hooks) | |||||
* | mod_s2s: Add COMPAT cahin verification code for older LuaSec versions | Kim Alvefur | 2013-04-04 | 1 | -2/+11 | |
| | ||||||
* | mod_s2s: Close incoming s2s with stream error when secure and we don't trust ↵ | Matthew Wild | 2013-04-01 | 1 | -1/+5 | |
| | | | | their certificate | |||||
* | mod_s2s: Prevent s2s to and from hosts we serve locally | Kim Alvefur | 2013-03-27 | 1 | -0/+12 | |
| | ||||||
* | mod_s2s: Prevent traceback when replying to incoming connection to a host we ↵ | Kim Alvefur | 2013-03-26 | 1 | -1/+1 | |
| | | | | don't serve | |||||
* | mod_s2s: Reset secure flag on new connection attempt | Kim Alvefur | 2013-03-25 | 1 | -0/+4 | |
| | ||||||
* | mod_s2s: session.from_host does not allways exist on incoming connections, ↵ | Kim Alvefur | 2013-03-25 | 1 | -1/+1 | |
| | | | | true and nil or "our hostname" does not evaluate to what we want here | |||||
* | mod_s2s: Keep the dns answer object around a while so plugins can look at it | Kim Alvefur | 2013-03-23 | 1 | -1/+1 | |
| | ||||||
* | mod_s2s: Fix variable usage in check_auth_policy (thanks Florob) | Matthew Wild | 2013-03-22 | 1 | -6/+7 | |
| | ||||||
* | mod_s2s: Remove unused variable | Matthew Wild | 2013-03-22 | 1 | -1/+0 | |
| | ||||||
* | mod_s2s: Add controls for certificate validation via the s2s_secure_auth ↵ | Matthew Wild | 2013-03-22 | 1 | -3/+32 | |
| | | | | option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout) | |||||
* | s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move ↵ | Matthew Wild | 2013-03-22 | 1 | -2/+74 | |
| | | | | s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event | |||||
* | mod_s2s, mod_saslauth, mod_compression: Refactor to have common code for ↵ | Kim Alvefur | 2013-03-16 | 2 | -13/+26 | |
| | | | | opening streams | |||||
* | mod_s2s: Do not include xmlns:db declaration in stream header if ↵ | Matthew Wild | 2013-03-12 | 1 | -1/+2 | |
| | | | | mod_dialback is not loaded | |||||
* | mod_s2s: Make sure host variable is reachable | Kim Alvefur | 2013-03-11 | 1 | -2/+1 | |
| | ||||||
* | mod_s2s: Fire s2s-check-certificate event after validating a certificate, to ↵ | Matthew Wild | 2013-03-10 | 1 | -0/+1 | |
| | | | | allow plugins to override standard procedure | |||||
* | mod_s2s, mod_dialback: Rename s2s-authenticate-legacy event to ↵ | Matthew Wild | 2013-03-10 | 1 | -1/+1 | |
| | | | | s2sout-authenticate-legacy for clarity. Also, hello! | |||||
* | mod_s2s: Don't try to close sessions that were destroyed before timeout | Kim Alvefur | 2013-01-24 | 1 | -0/+2 | |
| | ||||||
* | prosody, mod_c2s, mod_s2s: Move closing of c2s and s2s sessions to ↵ | Kim Alvefur | 2012-12-28 | 1 | -0/+9 | |
| | | | | respective plugins | |||||
* | mod_s2s: Remove connection from sessions table as soon as we learn it is ↵ | Matthew Wild | 2012-12-28 | 1 | -1/+1 | |
| | | | | disconnected. Fixes a connection/session leak. | |||||
* | mod_s2s: Detect TLS compression | Kim Alvefur | 2012-10-24 | 1 | -0/+8 | |
| | ||||||
* | mod_{admin_telnet,c2s,component,http,net_multiplex,s2s}: Use ↵ | Waqas Hussain | 2012-09-12 | 1 | -1/+1 | |
| | | | | module:provides() instead of module:add_item(). | |||||
* | mod_s2s: Check that an SRV reply isn't empty. | Kim Alvefur | 2012-09-03 | 1 | -1/+1 | |
| | ||||||
* | mod_admin_adhoc, mod_admin_telnet, mod_bosh, mod_c2s, mod_component, ↵ | Kim Alvefur | 2012-07-26 | 1 | -1/+1 | |
| | | | | mod_pep, mod_presence, mod_roster, mod_s2s: Import core_post_stanza from the global prosody table. | |||||
* | mod_s2s: Bump s2s_timeout to 90, to allow for the TCP timeout (in most ↵ | Matthew Wild | 2012-07-23 | 1 | -1/+1 | |
| | | | | cases) - this allows us to continue to try other targets | |||||
* | mod_c2s, mod_s2s: Lower 'Disconnecting X' log messages from 'info' to 'debug' | Matthew Wild | 2012-07-23 | 1 | -3/+3 | |
| | ||||||
* | Hopefully inert commit to clean up logging across a number of modules, ↵ | Matthew Wild | 2012-07-23 | 1 | -1/+1 | |
| | | | | removing all cases of concatenation when building log messages | |||||
* | mod_s2s: Adjust session:close() in line with mod_c2s's - fixes waiting for ↵ | Matthew Wild | 2012-07-23 | 1 | -6/+6 | |
| | | | | </stream:stream> if it has already been sent by the peer | |||||
* | mod_s2s/s2sout.lib: Use %s to insert strings into log messages instead of ↵ | Matthew Wild | 2012-07-23 | 1 | -3/+3 | |
| | | | | concatenation | |||||
* | mod_s2s: Don't call ondisconnect manually, don't call conn:close() 3 times ↵ | Matthew Wild | 2012-07-22 | 1 | -19/+29 | |
| | | | | (!) and merge its logic and streamdisconnected into session_close - including now waiting for a reply </stream:stream> if there is the chance of further stanzas requiring delivery arriving. session.sends2s() on a half-closed stream returns false. | |||||
* | mod_s2s: Don't treat a stanza as delivered if session.sends2s() returns false | Matthew Wild | 2012-07-22 | 1 | -3/+4 | |
| | ||||||
* | mod_s2s: Make unauthed session timeout a little more aggressive... otherwise ↵ | Matthew Wild | 2012-07-22 | 1 | -4/+2 | |
| | | | | it's possible for sessions to slip under the net and never get killed off | |||||
* | mod_s2s/s2sout.lib: Fix indentation | Matthew Wild | 2012-07-22 | 1 | -60/+60 | |
| | ||||||
* | mod_s2s/s2sout.lib: Don't wait for both v4 and v6 DNS responses if we only ↵ | Matthew Wild | 2012-07-22 | 1 | -8/+7 | |
| | | | | send one (e.g. because v6 is disabled) | |||||
* | mod_s2s: Remove check for socket.tcp6() | Kim Alvefur | 2012-05-29 | 1 | -4/+0 | |
| | ||||||
* | mod_s2s: Only do AAAA lookup if IPv6 is available, and A if IPv4 is available. | Kim Alvefur | 2012-05-29 | 1 | -1/+17 | |
| | ||||||
* | mod_s2s, s2sout.lib: Send stream header in onconnect() | Matthew Wild | 2012-05-24 | 2 | -4/+5 | |
| | ||||||
* | mod_s2s: Only try next target if the stream didn't open | Matthew Wild | 2012-05-13 | 1 | -1/+1 | |
| | ||||||
* | mod_s2s: Remove TODO comment for SASL/TLS on s2s (thanks Florob) | Matthew Wild | 2012-05-11 | 1 | -1/+0 | |
| | ||||||
* | mod_s2s, mod_auth_anonymous, hostmanager: Remove disallow_s2s flag, ↵ | Matthew Wild | 2012-05-11 | 1 | -2/+3 | |
| | | | | deprecate the config option of the same name (disable mod_s2s instead), and add 'allow_anonymous_s2s' to separately control s2s for anonymous users | |||||
* | Merge with Zash | Matthew Wild | 2012-05-10 | 1 | -0/+2 | |
|\ | ||||||
| * | s2smanager, mod_s2s: Move checking DNS timeout option to mod_s2s | Kim Alvefur | 2012-05-10 | 1 | -0/+2 | |
| | | ||||||
* | | mod_s2s, s2smanager, mod_dialback: Move addition of session.send() on s2sin ↵ | Matthew Wild | 2012-05-10 | 1 | -5/+0 | |
|/ | | | | to after they are authenticated (thus from mod_s2s to s2smanager). Update mod_dialback to fire route/remote directly, as session.send() is no longer available for s2sin_unauthed. Fixes #291. | |||||
* | mod_s2s: Cache to_host and from_host in local variables, and use these ↵ | Matthew Wild | 2012-05-04 | 1 | -10/+13 | |
| | | | | instead of repeated lookups |