aboutsummaryrefslogtreecommitdiffstats
path: root/plugins
Commit message (Collapse)AuthorAgeFilesLines
* mod_s2s: Handle connections having TLS from the startKim Alvefur2021-08-101-0/+4
| | | | | This could be done with multiplexing, or a future additional port definition.
* mod_s2s: Factor out procedure for newly encrypted sessionsKim Alvefur2021-08-101-12/+16
| | | | | Goal is to call this if the connection is using Direct TLS, either via multiplexing or a future Direct TLS S2S port.
* mod_bosh,mod_websocket: Make into global-shared modules (...again)Kim Alvefur2021-06-212-22/+28
| | | | | | | | | | | | Global modules aren't quite considered loaded onto hosts, which causes confusion in some cases. They are also reported in the log as being served on http://*:5280/foo which is also a bit confusing, and can't be clicked. Global modules also have to have their paths configured in the global section, which could be confusing and unexpected. This global+shared method should be the best of both worlds.
* mod_c2s,mod_s2s: Indicate stanza size violation with condition from XEP-0205 ↵Kim Alvefur2021-09-062-2/+10
| | | | (thanks mjk)
* mod_pubsub: Move reversal of item order in <items>Kim Alvefur2021-09-051-3/+9
| | | | | | | | | | | | Examples in XEP-0060 suggest that items should be listed in chronological order, but we get them from the archive in reverse order. However when requesting specific items by id the results keep that order and we don't want to flip it again. At some point it would likely be best to use the archive API directly instead of this util.cache-compatible wrapper.
* mod_pubsub: Add support for limiting result size #1608Kim Alvefur2021-09-051-1/+5
|
* mod_tls: Attempt STARTTLS on outgoing unencrypted legacy s2s connectionsKim Alvefur2021-09-011-0/+8
| | | | As suggested by RFC 7590
* mod_storage_internal: Stop storing XEP-0091 timestampKim Alvefur2021-09-041-2/+1
| | | | | | | Should no longer be used by anything since the conversion of mod_offline to the archive API in 0.10.0, which was 4 years ago. The line clearing the property is left for a bit longer in case someone has very old offline messages or archived data.
* mod_mam: Suppress offline message broadcast for MAM clientsKim Alvefur2021-08-311-0/+7
| | | | | | | | MattJ on 09:34:24 > Zash: I think as a first step, offline messages should not be sent to > clients that request MAM https://chat.modernxmpp.org/log/modernxmpp/2021-08-31#2021-08-31-8518a542bd283686
* mod_mam: Only check for locally generated stanza-idsKim Alvefur2021-08-311-2/+5
| | | | | | Otherwise a message archived by a remote server would be incorrectly silently discarded. This should be safe from spoofing thanks to strip_stanza_id earlier in the event chain.
* mod_mam: Explain behavior with absent mod_offline in a commentKim Alvefur2021-08-311-0/+4
|
* mod_mam: "Handle" messages that have been archived in the absense of mod_offlineKim Alvefur2020-06-251-0/+7
|
* mod_external_services: Factor out public function for converting to XMLKim Alvefur2021-08-301-28/+21
| | | | | | | | Along with the previous commit, allows building the XML thing yourself, should you wish to send it yourself or use it in a different context than an iq reply. API change: The 'reply' is removed from the event.
* mod_external_services: Factor out public function returning current servicesKim Alvefur2021-08-301-8/+11
| | | | | This way you get the _prepared_ services and don't have to do that mapping yourself.
* mod_external_services: Filter services by requested credentials using a SetKim Alvefur2021-08-301-23/+21
| | | | Please don't be accidentally quadratic.
* mod_external_services: Validate required attributes on credentials requestsKim Alvefur2021-08-291-1/+6
|
* usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given roleMatthew Wild2021-08-261-3/+33
|
* mod_muc_mam: Omit queryid attribute from <fin/>Holger Weiss2021-08-061-1/+1
| | | | | Since version 0.4 of XEP-0313, the <fin/> element is sent with the IQ result and no longer has a queryid attribute.
* mod_c2s,mod_s2s: Fire event just before writesKim Alvefur2021-08-162-0/+14
| | | | | Could allow e.g. a XEP-0198 implementation to efficiently send ack requests at optimal times without using timers or nextTick.
* mod_s2s: Fire 's2s-ondrain' event, mirroring mod_c2sKim Alvefur2021-08-161-0/+7
| | | | | | | | Signals that any pending outgoing stanzas that were in the write buffer have at least been sent off to the Kernel and maybe even sent out over the network. See 7a703af90c9c for mod_c2s commit
* mod_disco: Send XEP-0115 caps in s2s stream featuresKim Alvefur2021-08-121-0/+6
| | | | | Not currently used for anything, but allowed and could be used in the future and might be used by other servers.
* mod_admin_shell: Keep unrestricted environment for session lifetimeKim Alvefur2021-08-111-1/+5
| | | | | | | | Makes it so that global values set in the environment are kept longer than within one line, and thus can be used until the session ends. They still don't pollute the global environment, which is an error anyway. Thanks phryk for noticing.
* mod_limits: Extend unlimited_jids to s2s sessions (for Ge0rG)Kim Alvefur2021-07-291-0/+15
| | | | | This makes unlimited_jids also work for s2s connections, assuming the remote server has been identified.
* mod_limits: Factor out function for disabling limits allowing use from shellKim Alvefur2021-07-291-9/+13
| | | | Also enables reuse for s2s, which we will add next.
* mod_bosh: Add todo to use util.session to create session objectKim Alvefur2021-07-291-0/+1
| | | | | So that we get single point where shared session properties can be added. But not now. One day. Maybe. Patches welcome.
* mod_pubsub: Update callbacks on reload to more completely refresh configKim Alvefur2021-07-291-0/+8
| | | | | | | | | This would also release any resources held via references from these callbacks. I'm not sure why we don't just re-new() the whole thing. Related to #1382
* Fix various spelling errors (thanks codespell)Kim Alvefur2021-07-275-5/+5
| | | | | Also special thanks to timeless, for wordlessly reminding me to check for typos.
* mod_pubsub: Update configuration on reload (fixes #1382)Kim Alvefur2021-07-251-0/+3
| | | | | | Because of the way the previous pubsub service is carried access module reloads, it would retain the configuration options with their previous values from when the service was first created.
* mod_pubsub: Silence warning about 'service' as argument [luacheck]Kim Alvefur2021-07-251-1/+1
| | | | | Maybe the 'service' in the outer scope should be moved down to minimize overlap with other functions that receive the same service as argument?
* mod_pep: Remove now unused util.cache importKim Alvefur2021-07-251-1/+0
|
* util.pubsub: Signal that 'persistent-items' is unsupported when disabledKim Alvefur2021-07-221-0/+1
| | | | | | XEP-0060 says that this the way to indicate that 'persistent-items' is unsupported, but doesn't explicitly say if it being disabled in the node configuration also counts as unsupported.
* mod_pep: Remove use of RLU cache when persist_items was set to falseKim Alvefur2021-07-211-8/+3
| | | | | | | | This behavior came from some confusion over the meaning of persist_items. The correct behavior is that items are only stored when it is set to true. When set to false, the service becomes a "pure" publish-subscribe service, where items are forgotten immediately after broadcasting.
* mod_pubsub: Explicitly enable persistence by default to preserve behaviorKim Alvefur2021-07-211-0/+3
| | | | | | Since nodes were always persistent according to the XEP-0060 definition. Whether data is stored in memory or on disk was not what this setting was meant for.
* mod_pubsub: Remove publisher field when not exposing publisherKim Alvefur2021-07-251-1/+3
| | | | | The publisher is already there on the item when the broadcaster gets it, so it needs to do the opposite thing.
* mod_pubsub: Normalize 'publisher' JIDKim Alvefur2021-07-251-2/+2
| | | | | | | | | | | | | All the XEP-0060 examples have the publisher attribute set to a bare JID, but the text does allow it to be the full JID. Since mod_pubsub is more likely used for open nodes that anyone can subscribe to it makes sense to not leak the full JIDs. This is also disabled by defaults. In mod_pep on the other hand it might make sense to have the full JID since that data is more likely to be broadcast to contacts which are already somewhat trusted.
* mod_pubsub: Respect 'expose publisher' setting in item retrievalKim Alvefur2021-07-252-1/+9
|
* mod_pubsub: Fix inclusion of publisher (fixes #1399)Kim Alvefur2019-05-011-2/+5
|
* Merge 0.11->trunkKim Alvefur2021-07-231-1/+1
|\
| * MUC: Fix logic for access to affiliation lists0.11.10Kim Alvefur2021-07-221-1/+1
| | | | | | | | | | | | Fixes https://prosody.im/security/advisory_20210722/ Backs out 4d7b925652d9
* | MUC: Skip adding to history when it's set to zeroKim Alvefur2021-07-191-0/+4
| | | | | | | | | | Optimizes away all the processing on every message in case the end-result is zero history.
* | mod_s2s: Clone 'extra' data to let resolvers add more to itKim Alvefur2021-07-181-1/+5
| | | | | | | | | | | | | | This way 'extra' is unique for each connect() instance, making it safer to mutate it, while inheriting the global settings. See 926d53af9a7a for some more context.
* | mod_s2s: Handle measurement where the local host is unknownKim Alvefur2021-07-181-1/+1
| | | | | | | | | | This could happen with Dialback-only connections or others that were missing the stream 'to' attribute.
* | mod_s2s: Guard against missing 'to' on incoming streamKim Alvefur2021-07-181-1/+1
| | | | | | | | | | | | | | | | | | | | Given an incoming <stream:stream from="example.com"> this line would have mistakenly reported the 'from' as the local host. Neither are technically required and may be missing, especially on connections used only for Dialback. Outgoing connections initiated by Prosody always have 'from_host' and 'to_host', so it is safer to check it this way.
* | mod_s2s: Don't close connections on reloadKim Alvefur2021-07-141-0/+1
| |
* | mod_s2s: Close connections attached to a host being deactivatedKim Alvefur2021-07-141-0/+8
| | | | | | | | | | | | Couldn't use those with the host being deactivated. Problem: This kicks in on reload, which isn't needed.
* | mod_s2s: Vary log level by remote stream errorKim Alvefur2021-07-141-1/+33
| | | | | | | | | | | | | | | | | | | | | | | | | | Increases log level for stream conditions that could indicate a problem on our end, especially programming errors like invalid XML, or the remote server saying that our certificate is invalid, since these should be investigated. Non-issues like closing of idle streams are lowered to debug since it's mostly noise. Other issues left at info are mostly about changes to the remote server, e.g. complete or partial shutdown.
* | mod_dialback: Tweak wording in a commentKim Alvefur2021-07-131-1/+1
| |
* | mod_s2s: Remove connection timeout once it's no longer neededKim Alvefur2021-07-131-1/+12
| | | | | | | | | | | | Reduces the number of left-over timers to handle after many s2s connections were started, leaving only the ones related to incomplete connections.
* | mod_s2s: Log debug message on attempted close of an connectionless sessionKim Alvefur2021-07-111-0/+1
| | | | | | | | | | | | This should probably never happen, but probably does anyways. A debug message would show the truth of the matter.
* | mod_s2s: Drop level of indentation by inverting a condition and early returnKim Alvefur2021-07-111-59/+61
| | | | | | | | | | Nicer to get rid of a conditional that covers such a large portion of a pretty big function.