| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
| |
Sending stanzas with a remote session as origin when the stanzas have a
local JID in the from attribute trips validation in core.stanza_router,
leading to warnings:
> Received a stanza claiming to be from remote.example, over a stream authed for localhost.example
Using module:send() uses the local host as origin, which is fine here.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes #1758
Introduced in 1ea01660c79a
In e62025f949f9 to and from was inverted since it changed from acting on
a reply to acting on the original stanza (or a clone thereof)
Unsure of the purpose of this check, you don't usually send stanzas to
your own full JID. Perhaps guarding against routing loops?
The check was present in the original commit of mod_smacks,
prosody-modules rev 9a7671720dec
|
|
|
|
|
|
|
|
|
| |
Fixes #1757
These places seem to have been left since e62025f949f9
The logic around expected_h in should_ack() misbehaved, always comparing
with 0 + unacked instead of acked + unacked.
|
|
|
|
|
|
| |
Due to the dummy statistics provider (see core.statsmanager line 250)
having a metatable that allows infinite indexing where everything is
always the same table, which end up in suf() in the concatenation line.
|
|
|
|
| |
Fixes #1752
|
|
|
|
|
|
|
| |
The type checks, they do nothing!
Observed: Tasks that were supposed to run weekly or daily were running
each hour.
|
|
|
|
|
|
|
|
|
| |
This change ensures we have positively verified the certificates of the server
we are connecting to before marking the session as authenticated. It protects
against situations where the verify-or-close stage of the connection was
interrupted (e.g. due to an uncaught error).
Thanks to Zash for discovery and testing.
|
|
|
|
|
|
|
| |
Turns out this table was wrong, it's missing some fields which are
required and it's 'name', not 'node'. Setting it to the boolean true
invokes compatibility behavior in mod_pep which results in the correct
default structure.
|
|
|
|
|
| |
Looks like this function was a copy of hex_to_base64 without modifying
it to do its inverse.
|
|
|
|
|
|
| |
pubsub#admin data
Allows migrating PEP nodes with default settings
|
|
|
|
| |
What were we looking at?
|
| |
|
|
|
|
|
|
|
|
|
| |
The same-origin policy enforced by browsers is a security measure that should
only be turned off when it is safe to do so. It is safe to do so in Prosody's
default modules, but people may load third-party modules that are unsafe.
Therefore we have flipped the default, so that modules must explicitly opt in
to having CORS headers added on their requests.
|
|
|
|
|
| |
This is far better than pre-0.12, because we now have a universal way to
configure and enable/disable CORS on a per-module basis.
|
| |
|
|
|
|
| |
option (fixes #1727)
|
|
|
|
|
|
|
|
|
|
| |
This is allowed by XEP-0045, which states:
"A moderator SHOULD NOT be allowed to revoke moderation privileges from
someone with a higher affiliation than themselves (i.e., an unaffiliated
moderator SHOULD NOT be allowed to revoke moderation privileges from an admin
or an owner, and an admin SHOULD NOT be allowed to revoke moderation
privileges from an owner)."
|
|
|
|
|
| |
This message was misplaced in c4599a7c534c when the @type and @host
check was introduced.
|
| |
|
|
|
|
| |
(fixes #1719)
|
|
|
|
| |
Ref #1717
|
|
|
|
|
|
|
|
|
|
| |
The "socket.unix" module exported only a function before
https://github.com/lunarmodules/luasocket/commit/aa1b8cc9bc35e56de15eeb153c899e4c51de82a8
when datagram support was added.
Fixes #1717
Thanks rsc and lucas for reporting and testing
|
|
|
|
|
|
|
|
|
| |
Invitee would not show up in the roster of the invite creator unless
they fetch their roster afterwards.
Fixes #1715
Thanks gerald
|
| |
|
|
|
|
|
|
| |
Words, sometimes I wonder how they even work
Maybe I missed something.
|
|\ |
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
specified
The default config was updated in this way long ago, but if no option was
present in the config, Prosody would load internal_plain.
This change can result in changes (for the better) for people using very old
configuration files lacking an 'authentication' setting.
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
These options have been specified (and enabled) in the default config file for
a long time. However if unspecified in the config, they were not enabled. Now
they are.
This may result in a change of behaviour for people using very old config
files that lack the require_encryption options. But that's what we want.
|
| |
| |
| |
| | |
In line with the Prosody-wide default change for 0.12.
|
| | |
|
| |
| |
| |
| |
| | |
Since there are two calls to done() that can happen, if the timing is
right (or wrong) both can happen, which previously triggered an error.
|
| |
| |
| |
| |
| | |
Should make traces point here instead of timer dispatch, making
debugging easier
|
| |
| |
| |
| | |
Similar procedure as mod_csi_simple and mod_mam
|
| |
| |
| |
| | |
This is the noop that gets replaced later
|
|/
|
|
| |
Similar procedure as mod_csi_simple
|
|
|
|
| |
Because tables make everything better and more readable!
|
| |
|
|
|
|
|
|
|
|
|
|
| |
steps
Ensures unavailable presence and other outgoing stanzas are sent.
Waiting for c2s sessions to close first before proceeding to disable and
close s2s ensures that unavailable presence can go out, even if it
requires dialback to complete first.
|
|
|
|
|
| |
Lets other things step in and do things while c2s ports are closed, e.g.
mod_smacks, or other modules with port handlers that forward to c2s.
|
| |
|
|
|
|
| |
This ensures no new clients can start connecting during shutdown
|
| |
|
|
|
|
| |
The more compact these are, the better
|
|
|
|
|
| |
But then this is the internal API which is weird and unfriendly to
expose externally. Lots of methods to wrap tho ... one day.
|
|
|
|
|
|
| |
There was a separate boolean option to enable TLS before, but it was
merged with the port number option and it seems the typed API interface
got confused.
|
|
|
|
|
| |
This ensures that registration actually works even if allow_registration
is not enabled.
|
|
|
|
|
| |
This hack is not needed since a9c975a0f113 so can be removed when
included with Prosody.
|
|
|
|
|
|
| |
Usually on port 443 to avoid restrictive firewalls.
Thanks to Holger for discussion
|
|
|
|
|
| |
Much harder to get boolean options wrong than accidentally adding
something unrecognised to a Set.
|