Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | mod_http_file_share: Add support for removing old files (default 2 weeks) | Kim Alvefur | 2021-01-27 | 1 | -1/+59 |
| | |||||
* | mod_http_file_share: More security headers | Kim Alvefur | 2021-01-27 | 1 | -2/+4 |
| | |||||
* | mod_http_file_share: Strip authorization type prefix a bit earlier | Kim Alvefur | 2021-01-27 | 1 | -2/+5 |
| | |||||
* | mod_http_file_share: Factor out function for generating full filename | Kim Alvefur | 2021-01-27 | 1 | -2/+6 |
| | |||||
* | mod_http_file_share: Use '.bin' file extension | Kim Alvefur | 2021-01-27 | 1 | -2/+3 |
| | | | | | Distinct from '.dat' used by datamanager / internal stortage for Lua object storage so that they can't easily be loaded by accident that way. | ||||
* | mod_http_file_share: Validate file size early in HTTP PUT request | Kim Alvefur | 2021-01-27 | 1 | -0/+5 |
| | |||||
* | mod_http_file_share: Move Authorization type string | Kim Alvefur | 2021-01-27 | 1 | -2/+2 |
| | | | | It belongs with the header more than the token itself | ||||
* | mod_http_file_share: Add some logging | Kim Alvefur | 2021-01-27 | 1 | -0/+14 |
| | |||||
* | mod_http_file_share: Handle content-type being optional | Kim Alvefur | 2021-01-27 | 1 | -2/+2 |
| | |||||
* | mod_http_file_share: Reject invalid file sizes | Kim Alvefur | 2021-01-27 | 1 | -0/+4 |
| | |||||
* | mod_http_file_share: Fix name of max-file-size tag | Kim Alvefur | 2021-01-27 | 1 | -1/+1 |
| | |||||
* | mod_http_file_share: Expand registry to fix extra tag | Kim Alvefur | 2021-01-27 | 1 | -5/+6 |
| | | | | | Error registry compact format doesn't support extra.tag so needs to be the more verbose format | ||||
* | mod_http_file_share: Verify final file size on completion of upload | Kim Alvefur | 2021-01-27 | 1 | -0/+5 |
| | |||||
* | mod_http_file_share: Add file type filter | Kim Alvefur | 2021-01-26 | 1 | -0/+6 |
| | | | | | Unlike mod_http_upload, this can't be bypassed by uploading with a different file extension. | ||||
* | mod_http_file_share: Add file size limit (default 10M) | Kim Alvefur | 2021-01-26 | 1 | -0/+13 |
| | |||||
* | mod_http_file_share: Validate that filename does not contain '/' | Kim Alvefur | 2021-01-26 | 1 | -0/+6 |
| | |||||
* | mod_http_file_share: Return proper error if unauthorized | Kim Alvefur | 2021-01-26 | 1 | -1/+5 |
| | |||||
* | mod_http_file_share: Add basic access control | Kim Alvefur | 2021-01-26 | 1 | -1/+7 |
| | | | | Partly lifted from mod_external_services | ||||
* | mod_http_file_share: Add support for external file upload service | Kim Alvefur | 2021-01-26 | 1 | -2/+8 |
| | | | | | PUT /upload/:slot/:filename Authorization: Bearer JWT{ uploader, filename, filesize, filetype, exp } | ||||
* | mod_http_file_share: Let's write another XEP-0363 implementation | Kim Alvefur | 2021-01-26 | 1 | -0/+191 |
| | | | | | | | | | | This variant is meant to improve upon mod_http_upload in some ways: * Handle files much of arbitrary size efficiently * Allow GET and PUT URLs to be different * Remember Content-Type sent by client * Avoid dependency on mod_http_files * Built-in way to delegate storage to another httpd | ||||
* | MUC: Allow modules to add to the room registration form, and handle the result | Matthew Wild | 2021-01-15 | 1 | -0/+23 |
| | |||||
* | mod_storage_sql: Fix compatibilty with Lua 5.1 | Kim Alvefur | 2021-01-13 | 1 | -1/+2 |
| | | | | | | string.rep() doesn't have the 3rd argument before Lua 5.2 Revert once we drop support for Lua 5.1 | ||||
* | mod_muc_mam: Copy extended MAM support from mod_mam | Kim Alvefur | 2021-01-12 | 1 | -4/+21 |
| | | | | | | mod_mam and mod_muc_mam are just different enough that having them be the same module gets complicated, but close enough to have overlapping code. | ||||
* | mod_mam: Advertise extended MAM when archive storage is capable | Kim Alvefur | 2021-01-12 | 1 | -2/+1 |
| | |||||
* | mod_mam: Allow querying by set of IDs | Kim Alvefur | 2021-01-12 | 1 | -2/+8 |
| | |||||
* | mod_storage_sql: Support query for set of IDs | Kim Alvefur | 2021-01-12 | 1 | -0/+10 |
| | | | | Not compatible with Lua 5.1 | ||||
* | mod_storage_internal: Support query for set of IDs | Kim Alvefur | 2021-01-12 | 1 | -0/+8 |
| | | | | Based on implementation in mod_storage_memory | ||||
* | mod_storage_memory: Support query for set of IDs | Kim Alvefur | 2021-01-12 | 1 | -0/+8 |
| | |||||
* | mod_storage_internal: Add support for full ID range query | Kim Alvefur | 2021-01-12 | 1 | -2/+5 |
| | | | | Based on the mod_storage_memory implementation | ||||
* | mod_storage_memory: Support full ID range queries | Kim Alvefur | 2021-01-12 | 1 | -2/+5 |
| | |||||
* | mod_mam: Add support for before-id and after-id fields | Kim Alvefur | 2021-01-09 | 1 | -4/+9 |
| | |||||
* | mod_storage_sql: Advertise support for id range query | Kim Alvefur | 2021-01-09 | 1 | -0/+1 |
| | | | | That is, a query for items between two IDs (not inclusive). | ||||
* | mod_mam: Implement extended MAM metadata query | Kim Alvefur | 2020-11-30 | 1 | -1/+35 |
| | |||||
* | mod_mam: Add support for page flipping | Kim Alvefur | 2020-11-30 | 1 | -3/+8 |
| | | | | | This was easy. Needs tests tho, 100% chance of the logic being backwards. | ||||
* | mod_mam: Advertise extended MAM 0.7.x behind a feature flag | Kim Alvefur | 2020-11-30 | 1 | -1/+12 |
| | | | | | | | In order to ease testing until the extended feautres are all implemented. Also TODOs for all the sub-features. | ||||
* | mod_csi_simple,mod_carbons,mod_mam: Update comment about XEP-0353 | Kim Alvefur | 2021-01-08 | 3 | -3/+3 |
| | | | | It went back to Deferred | ||||
* | mod_scansion_record: Flush after writes | Matthew Wild | 2021-01-08 | 1 | -0/+3 |
| | |||||
* | MUC: Reject probes from non-occupants | JC Brand | 2020-10-02 | 1 | -12/+21 |
| | | | | Also test for self-probes | ||||
* | MUC: Add support for presence probes (fixes #1535) | JC Brand | 2020-04-19 | 2 | -24/+87 |
| | | | | | | | | | | | The following patch allows Prosody to respond to `probe` presences and send out the probed occupant's current presence. This is based on line 17.3 in XEP-0045: A MUC service MAY handle presence probes sent to the room JID <room@service> or an occupant JID <room@service/nick> (e.g, these might be sent by an occupant's home server to determine if the room is still online or to synchronize presence information if the user or the user's server has gone offline temporarily or has started sharing presence again, as for instance when Stanza Interception and Filtering Technology (XEP-0273) is used). | ||||
* | mod_component: Distinguish missing stream @to from unknown local component ↵ | Kim Alvefur | 2020-12-18 | 1 | -0/+4 |
| | | | | | | | | | | | (thanks Daniel_W) Spectrum2 did not include a stream @to attribute due to a configuration error. "nil does not match ..." is not very clear in pointing this out and is somewhat confusing, tho it did help pinpoint what went wrong. It's also not great leak to programming language internals like "nil" out into user-facing strings like this. | ||||
* | Merge 0.11->trunk | Kim Alvefur | 2020-12-16 | 1 | -1/+1 |
|\ | |||||
| * | mod_s2s: Fix copypaste mistake in b3ae48362f78 | Kim Alvefur | 2020-12-16 | 1 | -1/+1 |
| | | | | | | | | | | Directly sending something over s2s needs to use sends2s() but the code copied from mod_c2s had .send() | ||||
* | | Merge 0.11->trunk | Matthew Wild | 2020-12-15 | 1 | -2/+2 |
|\| | |||||
| * | MUC: Fix logic bug causing unnecessary presence to be sent, fixes #1615 ↵ | Matthew Wild | 2020-12-15 | 1 | -2/+2 |
| | | | | | | | | (thanks damencho) | ||||
* | | Merge 0.11->trunk | Kim Alvefur | 2020-12-11 | 1 | -1/+4 |
|\| | |||||
| * | mod_s2s: Prevent whitespace keepalives the stream has been opened | Kim Alvefur | 2020-12-10 | 1 | -1/+4 |
| | | | | | | | | | | | | | | | | | | This will result in the stream timing out instead, which is probably correct if the stream has not been opened yet. This was already done for c2s in e69df8093387 Thanks Ge0rG | ||||
* | | MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!) | Matthew Wild | 2020-11-24 | 2 | -0/+72 |
| | | |||||
* | | Merge 0.11->trunk | Kim Alvefur | 2020-11-23 | 1 | -1/+4 |
|\| | |||||
| * | mod_saslauth: Only advertise channel binding if a finished message is available | Kim Alvefur | 2020-11-23 | 1 | -1/+1 |
| | | | | | | | | In some cases this method returns nothing, unclear why. | ||||
| * | mod_saslauth: Disable 'tls-unique' channel binding with TLS 1.3 (closes #1542) | Kim Alvefur | 2020-11-23 | 1 | -1/+4 |
| | | | | | | | | | | | | | | | | The 'tls-unique' channel binding is undefined in TLS 1.3 according to a single sentence in parenthesis in Apendix C of RFC 8446 This may trigger downgrade protection in clients that were expecting channel binding to be available. |