| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
| |
All the XEP-0060 examples have the publisher attribute set to a bare
JID, but the text does allow it to be the full JID.
Since mod_pubsub is more likely used for open nodes that anyone can
subscribe to it makes sense to not leak the full JIDs. This is also
disabled by defaults.
In mod_pep on the other hand it might make sense to have the full JID
since that data is more likely to be broadcast to contacts which are
already somewhat trusted.
|
| |
|
| |
|
|\ |
|
| |
| |
| |
| |
| |
| | |
Fixes https://prosody.im/security/advisory_20210722/
Backs out 4d7b925652d9
|
| |
| |
| |
| |
| | |
Optimizes away all the processing on every message in case the
end-result is zero history.
|
| |
| |
| |
| |
| |
| |
| | |
This way 'extra' is unique for each connect() instance, making it safer
to mutate it, while inheriting the global settings.
See 926d53af9a7a for some more context.
|
| |
| |
| |
| |
| | |
This could happen with Dialback-only connections or others that were
missing the stream 'to' attribute.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Given an incoming <stream:stream from="example.com"> this line would
have mistakenly reported the 'from' as the local host. Neither are
technically required and may be missing, especially on connections used
only for Dialback.
Outgoing connections initiated by Prosody always have 'from_host' and
'to_host', so it is safer to check it this way.
|
| | |
|
| |
| |
| |
| |
| |
| | |
Couldn't use those with the host being deactivated.
Problem: This kicks in on reload, which isn't needed.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Increases log level for stream conditions that could indicate a problem
on our end, especially programming errors like invalid XML, or the
remote server saying that our certificate is invalid, since these should
be investigated.
Non-issues like closing of idle streams are lowered to debug since it's
mostly noise.
Other issues left at info are mostly about changes to the remote server,
e.g. complete or partial shutdown.
|
| | |
|
| |
| |
| |
| |
| |
| | |
Reduces the number of left-over timers to handle after many s2s
connections were started, leaving only the ones related to incomplete
connections.
|
| |
| |
| |
| |
| |
| | |
This should probably never happen, but probably does anyways.
A debug message would show the truth of the matter.
|
| |
| |
| |
| |
| | |
Nicer to get rid of a conditional that covers such a large portion of a
pretty big function.
|
| |
| |
| |
| |
| | |
These direct accesses are probably more optimized, but weird when the
module API has methods for these things.
|
| |
| |
| |
| | |
It isn't quite an error.
|
| | |
|
| | |
|
| |
| |
| |
| | |
Goal is to have some accountability for these privileged actions.
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This doesn't really make sense today. It doesn't even work with
mod_auth_internal_hashed, which should be the default. And even with a
supporting authentication module, why would we just hand out the
password? One use case may be to recover a forgotten password. While not
yet included with Prosody, there are better ways to handle forgotten
passwords, usually by resetting them to a new password.
|
| |
| |
| |
| |
| |
| | |
Fixes #1643
API change: The argument to archive_itemstore() changes type to integer
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Because during startup, if all items are provided by a different module
(e.g. mod_turn_external) then this would log a scary warning even if
everything is fine after that other module has been loaded.
This way, any persistent problematic state is reported in the console.
Errors with individual items should still be reported by prepare().
Now, if you load mod_external_services alone without configuring any
services, no error or warning is reported in the log, but maybe that's
not so bad with it reported in the console.
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| | |
This ensures that problems with entries added other modules, e.g.
mod_turn_external, are reported on startup. However, this depends on
load order and whether a `module:depends()` call comes before the
`module:add_item()` call. A followup commit will do something about
that.
|
| | |
|
| |
| |
| |
| | |
Should have been removed in the previous commit.
|
| |
| |
| |
| | |
See previous commit to mod_c2s: a62146353528
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The :info() method has been observed to return nothing ... sometimes.
Unclear what causes it. Perhaps the TLS connection was shut down or
hasn't fully settled?
The LuaSec code has code paths that return nothing or nil, error, so it
is best to guard against it.
|
| |
| |
| |
| | |
^C^V
|
| | |
|
| |
| |
| |
| |
| | |
This only differs from 'legacy_ssl' in name, at least on the server
side. For clients this is the one that uses SRV records.
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
X-Frame-Options was replaced by the Content-Security-Policy
'frame-ancestors' directive, but Internet Explorer does not support that
part of CSP.
Since it's just one line it doesn't hurt to keep until some future
spring cleaning event :)
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Fixes "attempt to compare number with nil" because `session.version` has
been cleared by s2smanager.destroy_session.
This can happen with the server_epoll setting opportunistic_writes
enabled, which means that it can notice that the connection failed at
this point, after which it triggers the whole chain of events that leads
to session destruction and "cleaning" most of the session fields.
|
| | |
|
| |
| |
| |
| |
| | |
Some items like HTTP providers would be very verbose, others are tricky
to handle.
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| | |
Hosts have a metatable __tostring method that produces a nice
representation such as `VirtualHost "example.com"`, which even includes
the component module for internal components.
|
| | |
|
| | |
|
| |
| |
| |
| |
| | |
To show info about loaded modules. Inspired by the desire to know
whether a module was loaded from the core set or 3rd party.
|
| | |
|
| |
| |
| |
| |
| | |
Creates buckets up to the configured size limit or 1TB, whichever is
smaller, e.g. {1K, 4K, 16K, ... 4M, 16M}
|
| | |
|
| | |
|
| |
| |
| |
| | |
Nicer than the "unsupported stanza type" error we get otherwise.
|
| | |
|
| |
| |
| |
| |
| |
| |
| | |
Turns out you can seek past the end of the file without getting an
error.
Also rejects empty range instead of sending the whole file.
|