Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | mod_saslauth: Set a nicer bounce error explaining SASL EXTERNAL failures | Kim Alvefur | 2019-12-07 | 1 | -1/+4 |
| | | | | | | | | Better than the previous string concatenation of SASL failure condition and optional text sent by the remote server. Would be nice to have a text per condition, other than the probably most common 'not-authorized'. | ||||
* | mod_saslauth: Collect SASL EXTERNAL failures into an util.error object | Kim Alvefur | 2019-12-07 | 1 | -5/+12 |
| | | | | | Will be easier than that concatenated string to extract info out of for use elsewhere. | ||||
* | mod_s2s: Invert condition to return early and reduce indentation | Kim Alvefur | 2019-12-04 | 1 | -26/+26 |
| | |||||
* | mod_s2s: Fix mistake in 28755107c2f4 | Kim Alvefur | 2019-12-03 | 1 | -0/+1 |
| | |||||
* | mod_saslauth: Advertise correct set of mechanisms | Kim Alvefur | 2019-12-02 | 1 | -1/+1 |
| | | | | | | | | | Mistakenly iterates over the set of all supported mechanisms instead of the one without insecure mechanisms if the connection is insecure. Not a problem if c2s_require_encryption is true Introduced in 56a0f68b7797 | ||||
* | mod_s2s: Refactor stream error handling on close | Kim Alvefur | 2019-12-01 | 1 | -19/+14 |
| | | | | | | Deduplicates the 3 log calls that log the same thing but subtly differently. The first one would say "Disconnecting localhost" and the last one didn't log the IP. | ||||
* | mod_s2s: Use stanza type check instead of duck typing | Kim Alvefur | 2019-12-01 | 1 | -1/+1 |
| | |||||
* | mod_net_multiplex: Remove debug message | Kim Alvefur | 2019-12-01 | 1 | -1/+0 |
| | | | | | This was something I added during development and set to info level for visibility. | ||||
* | mod_s2s: Improve TLS handshake error messages | Kim Alvefur | 2019-12-01 | 1 | -0/+4 |
| | | | | | | This should make it clearer that it's about the TLS handshake. Otherwise it's something like "unsupported protocol" or "no shared ciphers" that might not be that obvious. | ||||
* | mod_s2s: Log from session logger | Kim Alvefur | 2019-11-30 | 1 | -1/+1 |
| | | | | Helps locating all messages related to a specific session | ||||
* | mod_s2s: Improve log message about forbidding insecure connections | Kim Alvefur | 2019-11-30 | 1 | -1/+1 |
| | | | | This new wording generator is nice. | ||||
* | mod_admin_telnet: Sort hosts | Kim Alvefur | 2019-11-30 | 1 | -1/+5 |
| | | | | | | Groups by domain in DNS hierarchy order or something. Why not split on '.' you ask? Well becasue that's not what I typed here. Also "[^.]" is longer than "%P". | ||||
* | mod_carbons: Improve performance by delaying creation of carbon payload | Kim Alvefur | 2019-11-30 | 1 | -11/+15 |
| | | | | | | If there are no other sessions which also enabled carbons then the carbons wrapper is not used and the potentially expensive clone operation was a waste of cycles. | ||||
* | mod_net_multiplex: Tweak debug logging for ALPN case | Kim Alvefur | 2019-11-29 | 1 | -2/+1 |
| | |||||
* | mod_net_multiplex: Add support for using ALPN | Kim Alvefur | 2019-11-29 | 4 | -3/+40 |
| | | | | | | | Potentially a bit more efficient since it can jump to the selected protocol on connect instead of waiting for some data to look at. Adds a 'protocol' field to net providers for this purpose. | ||||
* | mod_admin_telnet: Display ALPN in show_tls() if supported and available | Kim Alvefur | 2019-11-21 | 1 | -0/+6 |
| | |||||
* | mod_http: Log served URLs at 'info' level | Kim Alvefur | 2019-11-29 | 1 | -1/+1 |
| | | | | | | These are similar to the "activated service" messages from portmanager and similarily useful for the service admin to know even if they're not debugging anything. | ||||
* | mod_s2s: Prevent unhandled stanza handler from complaining about stream ↵ | Kim Alvefur | 2019-11-29 | 1 | -2/+2 |
| | | | | | | features on aborted connections I have no idea why I wrote return false in e5945fb5b71f | ||||
* | mod_s2s_bidi: Ignore unencrypted connections if s2s_require_encryption is set | Kim Alvefur | 2019-11-28 | 1 | -3/+5 |
| | | | | Prevents some weirdness in cases where no authentication is done | ||||
* | mod_s2s: Abort outgoing connections earlier when TLS requirement isn't satisfied | Kim Alvefur | 2019-11-28 | 1 | -0/+7 |
| | | | | | This ensures the closure reason is accurate and not reported as an authentication or other problem | ||||
* | mod_s2s: Send stream errors for cert problems on outgoing connections | Kim Alvefur | 2019-11-28 | 1 | -6/+7 |
| | | | | Rationale in comment. | ||||
* | mod_s2s: Improve error in bounces due to cert validation problems | Kim Alvefur | 2019-11-27 | 1 | -3/+24 |
| | |||||
* | mod_s2s_auth_certs: Save chain validation errors for later use | Kim Alvefur | 2019-11-27 | 1 | -0/+1 |
| | |||||
* | MUC: Add missing reference to room (thanks buildbot) [luacheck] | Kim Alvefur | 2019-11-26 | 1 | -0/+1 |
| | |||||
* | MUC: Indicate the component as origin of various errors where there's no room | Kim Alvefur | 2019-11-26 | 2 | -7/+7 |
| | | | | A room that doesn't exist can't return an error, can it? | ||||
* | MUC: Indicate that the room is the origin of various errors where 'from' is ↵ | Kim Alvefur | 2019-11-25 | 3 | -16/+19 |
| | | | | an occupant JID | ||||
* | MUC: Indicate origin of registration related errors | Kim Alvefur | 2019-11-25 | 1 | -3/+3 |
| | |||||
* | MUC: Indicate origin of password related errors | Kim Alvefur | 2019-11-25 | 1 | -1/+1 |
| | |||||
* | Merge 0.11->trunk | Kim Alvefur | 2019-11-23 | 49 | -976/+1526 |
|\ | |||||
| * | mod_http_errors: Show a friendly page instead of 404 on top level | Kim Alvefur | 2019-11-17 | 1 | -0/+12 |
| | | |||||
| * | mod_csi: Cache CSI module availability to improve readabilty | Kim Alvefur | 2019-11-23 | 1 | -1/+4 |
| | | |||||
| * | mod_csi: Set module status based on whether a CSI handler module appears to ↵ | Kim Alvefur | 2019-11-23 | 1 | -0/+9 |
| | | | | | | | | be loaded | ||||
| * | mod_csi: Only advertise CSI to clients if something is handling CSI events | Kim Alvefur | 2019-11-17 | 1 | -1/+1 |
| | | |||||
| * | mod_s2s: Add error text for error replies on some s2s failures (#770) | Kim Alvefur | 2019-11-23 | 1 | -5/+6 |
| | | |||||
| * | s2s: Allow passing a custom error for bouncing queued stanzas (#770) | Kim Alvefur | 2019-11-23 | 1 | -3/+3 |
| | | | | | | | | Since stream errors and stanza errors are different | ||||
| * | mod_admin_telnet: Show SNI name in show_tls() if available | Kim Alvefur | 2019-11-20 | 1 | -0/+6 |
| | | |||||
| * | mod_s2s: Wait for remote to close any connection allowing incoming stanzas | Kim Alvefur | 2019-11-18 | 1 | -1/+1 |
| | | | | | | | | Ie both s2sin and bidi-enabled s2sout. | ||||
| * | mod_muc_mam: Copy debug log improvements from mod_mam | Kim Alvefur | 2019-11-17 | 1 | -6/+12 |
| | | |||||
| * | mod_csi_simple: Make sure to disable optimizations before mod_smacks (thanks ↵ | Kim Alvefur | 2019-11-17 | 1 | -1/+1 |
| | | | | | | | | pep.) | ||||
| * | mod_http: Soften dependency on mod_http_errors | Kim Alvefur | 2019-11-16 | 1 | -1/+3 |
| | | | | | | | | | | | | This allows disabling mod_http_errors by adding it to moduless_disabled and ensures mod_http loads even if the error pages aren't as pretty. | ||||
| * | mod_s2s: Allow passing bounce reason as an util.error object (see #770) | Kim Alvefur | 2019-11-08 | 1 | -2/+9 |
| | | | | | | | | This argument is currently unused in s2smanager. | ||||
| * | mod_ping: Remove ad-hoc command | Kim Alvefur | 2019-11-07 | 1 | -15/+0 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 17:27:40 <Ge0rG> Zash: the Ping thing is absolutely worthless 17:27:55 <Zash> The command provided by mod_ping? 17:27:59 <pep.> To own server? 17:28:14 <Ge0rG> the Ping command in mod_admin_web, whatever it maps to 17:28:29 <Ge0rG> > Pong > 2019-11-07T16:28:16Z What am I supposed to do with that result? 17:28:29 <Zash> Yeah, mod_ping provides that 17:28:41 <Ge0rG> Is it a ping to my own server? Where's the RTT? 17:28:48 <Zash> Dunno if it's useful for more than verifying that the adhoc command system works 17:29:02 <Ge0rG> (it lags, but there is no indication of how much) 17:29:14 <Zash> It can't really test that itself 17:29:52 <Zash> Anyone opposed to deleting it? 17:30:42 <Zash> Half the module 17:42:47 <MattJ> Zash, I'm fine with removing it | ||||
| * | mod_admin_adhoc: Add some flags to s2s listing command | Kim Alvefur | 2019-11-07 | 1 | -0/+12 |
| | | | | | | | | These are present in mod_admin_telnet and relevant to s2s | ||||
| * | mod_admin_telnet: Show s2s authentication method (probably) used | Kim Alvefur | 2019-11-02 | 1 | -0/+6 |
| | | |||||
| * | mod_user_account_management: Apply username normalization later | Kim Alvefur | 2019-11-02 | 1 | -1/+2 |
| | | | | | | | | Prevents traceback from nodeprep(nil) | ||||
| * | mod_s2s: Only nameprep stream to/from addresses if they are present | Kim Alvefur | 2019-11-02 | 1 | -1/+3 |
| | | | | | | | | Prevents traceback from nameprep(nil) | ||||
| * | mod_dialback: Fix potential traceback in case of missing addressing | Kim Alvefur | 2019-11-02 | 1 | -0/+1 |
| | | | | | | | | | | | | Not tested. Assuming nothing good comes from continuing the program flow after this. The connection should get closed and the event gets aborted by a traceback anyways. | ||||
| * | mod_c2s: Validate that a 'to' attribute exists at all | Kim Alvefur | 2019-11-02 | 1 | -0/+5 |
| | | | | | | | | Prevents traceback from nameprep(nil) | ||||
| * | mod_bosh: Abort early if request is missing hostname | Kim Alvefur | 2019-11-02 | 1 | -0/+9 |
| | | | | | | | | Prevents traceback from passing nil to nameprep() | ||||
| * | mod_dialback: Abort early if request is missing addressing attributes | Kim Alvefur | 2019-11-02 | 1 | -0/+5 |
| | | | | | | | | Prevents traceback from passing nil to nameprep() |