aboutsummaryrefslogtreecommitdiffstats
path: root/plugins
Commit message (Collapse)AuthorAgeFilesLines
* mod_pep: Prevent creation of services for non-existent usersKim Alvefur2021-11-041-0/+15
| | | | | Using a dedicated service should give identical behavior, except for a possible timing difference in the user existence lookup.
* mod_pep: Limit possible growth of node subscription infoKim Alvefur2021-11-041-2/+5
|
* mod_pep: Limit possible growth of number of pubsub servicesKim Alvefur2021-11-041-2/+16
|
* mod_pep: Don't pass pubsub services across reloadsKim Alvefur2021-11-041-6/+0
| | | | Ensures configuration is refreshed, releases some memory.
* mod_c2s: Indicate stream secure state in error text when no stream features ↵Matthew Wild2021-07-061-1/+4
| | | | to offer
* MUC: Fix logic for access to affiliation lists0.11.10Kim Alvefur2021-07-221-1/+1
| | | | | | Fixes https://prosody.im/security/advisory_20210722/ Backs out 4d7b925652d9
* mod_pep: Remove obsolete node restoration code (now done by util.pubsub)Kim Alvefur2021-05-161-12/+0
| | | | | | | | | | | | Originally added in 202b9951b037 but util.pubsub gained a better method in 6c2c2fc4b8dd since then, which mod_pep uses since 9194431b6447 which should have deleted this. All these :create calls would have failed with a 'conflict' error, since the nodes had already been created. This was never noticed because of missing error handling. Also note that this code did not restore node configuration.
* mod_dialback: Remove d-w-d feature0.11.9Kim Alvefur2021-05-122-23/+1
| | | | | | | Backs out 1d0862814bfc and 2fdd71b08126 Largely unused, undocumented and did not have enough tests to provide confidence in its correct operation.
* mod_dialback: Use correct host for certificate check (fixes #1381)Kim Alvefur2019-06-231-2/+1
|
* mod_dialback: Use constant-time comparison with hmacMatthew Wild2021-05-121-1/+2
|
* mod_proxy65: Restrict access to local c2s connections by defaultMatthew Wild2021-05-121-4/+12
| | | | | Previously no 'proxy65_acl' option would allow unrestricted access by local or remote JIDs.
* mod_limits: Use default limits if none configuredMatthew Wild2021-05-111-1/+10
|
* mod_limits: Don't emit error when no burst period is configuredMatthew Wild2021-05-111-1/+1
|
* MUC: Add support for advertising muc#roomconfig_allowinvites in room disco#infoMatthew Wild2021-05-101-2/+10
| | | | | | | | | | | | The de-facto interpretation of this (undocumented) option is to indicate to the client whether it is allowed to invite other users to the MUC. This is differs from the existing option in our config form, which only controls the behaviour of sending of invites in a members-only MUC (we always allow invites in open rooms). Conversations is one client known to use this disco#info item to determine whether it may send invites.
* mod_auth_internal_{plain,hashed}: Use constant-time string comparison for ↵Matthew Wild2021-05-102-3/+5
| | | | secrets
* mod_c2s, mod_s2s, mod_component, mod_bosh, mod_websockets: Set default ↵Matthew Wild2021-05-075-5/+7
| | | | | | | | | | | | stanza size limits c2s/bosh/ws streams will default to 256KB, s2s and components to 512KB. These values are aligned with ejabberd's default settings, which should reduce issues related to inconsistent size limits between servers on the XMPP network. The previous default (10MB) is excessive for any production server, and allows significant memory usage by even unauthenticated sessions.
* mod_saslauth: Use a defined SASL errorKim Alvefur2021-03-181-1/+1
|
* mod_saslauth: Improve code styleKim Alvefur2021-03-181-1/+3
| | | | | | This many returns deserve their own line. `session["sasl_handler"]` style isn't used anywhere else.
* mod_c2s: Log about missing conn on async state changesKim Alvefur2021-03-181-0/+4
|
* mod_c2s: Improve code styleKim Alvefur2021-03-181-2/+6
| | | | | We don't use the quoted table indexing style that often, it's not needed here and it's enough to check for falsyness rather than `nil`.
* mod_c2s: Fix traceback in session close when conn is nilKim Alvefur2021-03-171-2/+2
| | | | Unclear how this happens.
* mod_saslauth: Don't throw errors in async code when connections are gonetmolitor2021-03-181-0/+1
| | | | Fixes #1515
* mod_c2s: Don't throw errors in async code when connections are gonetmolitor2021-03-181-2/+2
| | | | Fixes #1507
* mod_http: Restore ip field for requests without proxiesKim Alvefur2021-02-271-2/+2
| | | | | 8603011e51fe optimized out more than just the loop, leaving the .ip field blank when the request wasn't from a proxy.
* mod_http: Fix trusted proxies check (thanks buildbot)Kim Alvefur2021-02-181-1/+1
| | | | | is_trusted_proxy() is only in trunk, I dun goofed when I rebased 8603011e51fe from trunk.
* mod_http: Skip IP resolution in non-proxied caseKim Alvefur2021-02-181-1/+1
| | | | | Skips doing the whole get_ip_from_request() dance if the request isn't from a proxy at all, even if the client sent the header for some reason.
* mod_pep: Advertise base pubsub feature (fixes #1632)0.11.8Kim Alvefur2021-02-151-0/+1
| | | | | Noticed while discussing feature discovery in Gajim Thanks lovetox
* mod_s2s: Fix copypaste mistake in b3ae48362f78Kim Alvefur2020-12-161-1/+1
| | | | | Directly sending something over s2s needs to use sends2s() but the code copied from mod_c2s had .send()
* MUC: Fix logic bug causing unnecessary presence to be sent, fixes #1615 ↵Matthew Wild2020-12-151-2/+2
| | | | (thanks damencho)
* mod_s2s: Prevent whitespace keepalives the stream has been openedKim Alvefur2020-12-101-1/+4
| | | | | | | | | This will result in the stream timing out instead, which is probably correct if the stream has not been opened yet. This was already done for c2s in e69df8093387 Thanks Ge0rG
* mod_saslauth: Only advertise channel binding if a finished message is availableKim Alvefur2020-11-231-1/+1
| | | | In some cases this method returns nothing, unclear why.
* mod_saslauth: Disable 'tls-unique' channel binding with TLS 1.3 (closes #1542)Kim Alvefur2020-11-231-1/+4
| | | | | | | | The 'tls-unique' channel binding is undefined in TLS 1.3 according to a single sentence in parenthesis in Apendix C of RFC 8446 This may trigger downgrade protection in clients that were expecting channel binding to be available.
* mod_pubsub: Fix notification stanza type setting (fixes #1605)Kim Alvefur2020-11-061-1/+1
|
* mod_pubsub: Lower priority of default <body> generatorKim Alvefur2020-11-051-1/+1
| | | | | | | in order to avoid conflict with a handler at the default (0) priority, making it easier to write your own formatting in plugins. this follows the common pattern of default modules having lower priority
* MUC: Preserve disco 'node' attribute (or lack thereof) in response (fix ↵Kim Alvefur2020-10-071-2/+2
| | | | #1595) (thanks lessthan3)
* MUC: Correct advertising of subject write access (really fixes #1155)Kim Alvefur2020-10-041-2/+2
| | | | | | | | | | Thanks pep. and lovetox XEP-0045 §6.4: > any field defined for the muc\#roomconfig FORM_TYPE can be included in > the extended service discovery fields Probably happened because the same mistake is in #1155
* mod_bosh: Ensure that stream is directed to a VirtualHost (fixes #425)Kim Alvefur2020-10-031-0/+16
|
* mod_bosh: Pick out the 'wait' before checking it instead of earlierKim Alvefur2020-10-031-1/+2
| | | | | Going to add more host related checks, so to keep the wait variable closer to the related checks
* mod_c2s,mod_s2s: Make stanza size limits configurable0.11.7Kim Alvefur2020-05-312-2/+4
|
* mod_websocket: Refactor frame validity checking, also check ↵Matthew Wild2020-09-291-77/+95
| | | | partially-received frames against constraints
* mod_websocket: Continue to process data already in the buffer after an error ↵Matthew Wild2020-09-281-1/+1
| | | | | | | | | | occurs Previously any error, or even a normal websocket close frame, would return early, leaving potentially entire frames in the buffer unprocessed and then discarded. This change stops processing new data, but returns an existing processed data up to the point of the error/close.
* mod_websocket: Enforce stanza size limit and close streamMatthew Wild2020-09-171-0/+4
|
* mod_websocket: Add separate limit for frame buffer sizeMatthew Wild2020-09-171-2/+2
|
* mod_websocket: handle full frame buffer and raise stream errorMatthew Wild2020-09-171-1/+5
|
* mod_websocket: Switch partial frame buffering to util.dbufferMatthew Wild2020-09-171-3/+8
| | | | | This improves performance and enforces stanza size limits earlier in the pipeline.
* mod_s2s: Escape invalid XML in loggin (same way as mod_c2s) fix #15740.11.6Kim Alvefur2020-08-011-2/+1
|
* mod_muc_mam: Don't strip MUC <x> tags, fix #1567Kim Alvefur2020-06-211-3/+0
|
* mod_auth_internal_*: Apply saslprep to passwordsKim Alvefur2020-05-233-2/+25
| | | | Related to #1560
* mod_storage_internal: Fix error in time limited queries on items without ↵Kim Alvefur2020-05-151-2/+4
| | | | 'when' field, fixes #1557
* mod_muc_mam: Remove spoofed archive IDs before archiving, fix #1552Kim Alvefur2020-05-111-1/+1
| | | | | | | | | The stanza-id added during archiving looks exactly like what should be stripped, so the stripping must happen before archiving. Getting priorities right is hard! Also no test coverage yet.