aboutsummaryrefslogtreecommitdiffstats
path: root/plugins
Commit message (Collapse)AuthorAgeFilesLines
...
| | * | mod_c2s: Validate that a 'to' attribute exists at allKim Alvefur2019-11-021-0/+5
| | | | | | | | | | | | | | | | Prevents traceback from nameprep(nil)
| | * | mod_bosh: Abort early if request is missing hostnameKim Alvefur2019-11-021-0/+9
| | | | | | | | | | | | | | | | Prevents traceback from passing nil to nameprep()
| | * | mod_dialback: Abort early if request is missing addressing attributesKim Alvefur2019-11-021-0/+5
| | | | | | | | | | | | | | | | Prevents traceback from passing nil to nameprep()
| | * | MUC: Make nickname field in registration form requiredKim Alvefur2019-11-021-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | Prevents traceback from resourceprep(nil) muc#register_roomnick is also required in XEP-0045
| | * | mod_register_ibr: Enforce strict JID validationKim Alvefur2019-11-011-1/+1
| | | |
| | * | MUC: Strictly validate room JID on creationKim Alvefur2019-11-011-0/+8
| | | | | | | | | | | | | | | | This should prevent any MUCs with invalid JID (according to current normalization routine)
| | * | mod_register_limits: Use util.error for managing rejection reasonsKim Alvefur2019-11-011-9/+28
| | | |
| | * | mod_register_ibr: Allow registartion rejection reason as util.error objectKim Alvefur2019-11-011-2/+9
| | | |
| | * | MUC: Enforce strict resourceprep on nicknames (bye bye robot face)Kim Alvefur2019-09-231-0/+16
| | | |
| | * | util.pubsub, pubsub.lib and tests: Add text to precondition-not-met error ↵Matthew Wild2019-10-271-0/+4
| | | | | | | | | | | | | | | | (fixes #1455)
| | * | MUC: Advertise history related fields as integers via XEP-0122Kim Alvefur2019-10-201-2/+4
| | | | | | | | | | | | | | | | This takes advantage of data type validation and conversion done in util.dataforms.
| | * | MUC: Add controls for whose presence is broadcast (closes #1335)Lance Stout2019-10-203-5/+112
| | | | | | | | | | | | | | | | Committed by Zash
| | * | Merge 0.11->trunkKim Alvefur2019-10-201-2/+0
| | |\ \
| | * | | MUC: Validate registration dataform more carefullyKim Alvefur2019-10-201-1/+13
| | | | |
| | * | | mod_saslauth: Demote "no SASL mechanisms" error back to warningKim Alvefur2019-10-151-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | This gets printed before TLS if c2s_require_encryption = false, in which case it is just annoying.
| | * | | mod_saslauth: Improve logging of why no SASL mechanisms were offeredKim Alvefur2019-10-151-6/+18
| | | | |
| | * | | mod_saslauth: Use the power of Set Theory to mange sets of SASL mechanismsKim Alvefur2019-10-151-6/+24
| | | | | | | | | | | | | | | | | | | | This makes sets of excluded mechanisms easily available for use later.
| | * | | mod_saslauth: Log (debug) messages about channel bindingKim Alvefur2019-10-151-0/+5
| | | | |
| | * | | mod_saslauth: Remove useless debug log lineKim Alvefur2019-10-131-1/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fairly useless to only log half of SASL messages. Use mod_stanza_debug instead to get the full exchange.
| | * | | mod_saslauth: Remove commented-out debug log lineKim Alvefur2019-10-131-1/+0
| | | | |
| | * | | mod_websocket: Guard against upgrading to websocket from a HEAD requestKim Alvefur2019-10-121-1/+1
| | | | |
| | * | | mod_http: Unhook CORS related event handlersKim Alvefur2019-10-101-3/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Prevents CORS related handlers from being left over on reload. BC: `mod_http.apps[app_name][event_name]` is now a table instead of the main handler function.
| | * | | mod_s2s: Close with a stream error in case neither SASL or Dialback are ↵Kim Alvefur2019-10-061-1/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | available This both tells the remote server and users who sent any queued stanzas why it failed.
| | * | | mod_admin_telnet: xmpp:ping: Log ping timeKim Alvefur2019-10-061-1/+3
| | | | |
| | * | | mod_csi_simple: Always remove session filters when disabling CSIKim Alvefur2019-10-051-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Only guard the actual pausing of outgoing data on the method existing. This prevents the filters from lingering in case something happened to the connection. Removing already removed filters should be a safe noop.
| | * | | mod_csi_simple: Try not to flush buffer while already flushing itKim Alvefur2019-10-051-0/+5
| | | | | | | | | | | | | | | | | | | | Reduces log noice
| | * | | Merge 0.11->trunkMatthew Wild2019-10-031-0/+2
| | |\ \ \
| | * | | | mod_offline: Log a debug message when message is storedKim Alvefur2019-09-291-1/+5
| | | | | |
| | * | | | Merge 0.11-trunkKim Alvefur2019-09-291-0/+1
| | |\ \ \ \
| | * | | | | mod_admin_telnet: Use new compact function for waiting on promisesKim Alvefur2019-09-291-7/+1
| | | | | | |
| | * | | | | mod_register_ibr: Distinguish between failure to create account or save ↵Kim Alvefur2019-09-291-6/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | extra data
| | * | | | | mod_register_ibr: Reminder to maybe use util.error in the futureKim Alvefur2019-09-291-0/+1
| | | | | | |
| | * | | | | mod_register_ibr, mod_register_limits: Add support for custom error type and ↵Emmanuel Gil Peyrot2019-09-292-1/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | defined-condition.
| | * | | | | mod_register_ibr: Add FORM_TYPE as required by XEP-0077.Emmanuel Gil Peyrot2019-09-291-0/+2
| | | | | | |
| | * | | | | mod_csi_simple: Remove duplicated check for connectionKim Alvefur2019-09-281-3/+3
| | | | | | |
| | * | | | | mod_pubsub: Remove the unwanted check for @notify on <purge/>.Emmanuel Gil Peyrot2019-09-281-3/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This most likely was copied from the handling of <retract/>, where it actually is required by the spec (XEP-0060 §7.2.2.1), but this attribute doesn’t exist for purge.
| | * | | | | Merge 0.11->trunkKim Alvefur2019-09-211-4/+10
| | |\ \ \ \ \
| | * | | | | | mod_http: Add support for configuring CORS Access-Control-Allow-CredentialsMatthew Wild2019-09-111-2/+6
| | | | | | | |
| | * | | | | | mod_admin_telnet: Identify native bidi sessionsKim Alvefur2019-09-081-1/+3
| | | | | | | |
| | * | | | | | mod_s2s_bidi: Enables bi-directional streams via XEP-0288Kim Alvefur2019-09-081-0/+38
| | | | | | | |
| | * | | | | | mod_s2s: Remove warning about hostname mismatchKim Alvefur2019-09-071-5/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It triggers on bidi-related routing where this to/from is flipped. Removing since I don't think we have ever seen this potential bug.
| | * | | | | | mod_s2s: Insert s2sin into outgoing routing table when bidirectionalKim Alvefur2019-09-071-0/+4
| | | | | | | |
| | * | | | | | mod_s2s: Add function to send replies on s2sout connections that support ↵Kim Alvefur2019-09-071-0/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | incoming traffic
| | * | | | | | mod_s2s: Handle authentication of s2sin and s2sout the same wayKim Alvefur2019-09-071-7/+5
| | | | | | | |
| | * | | | | | mod_offline: Add some debug logging to reduce confusionKim Alvefur2019-09-081-1/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Where did these messages come from???
| | * | | | | | mod_s2s: Remove obsolete cleanup codeKim Alvefur2019-09-071-7/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | These were added by s2sout.lib
| | * | | | | | mod_admin_telnet: Identify bidi-capable s2sout sessions (fixes #1403)Kim Alvefur2019-09-071-1/+1
| | | | | | | |
| | * | | | | | Merge 0.11->trunkKim Alvefur2019-08-311-2/+2
| | |\ \ \ \ \ \
| | * | | | | | | Remove COMPAT with temporary luasec forkKim Alvefur2019-08-253-7/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The changes in the temporary fork were merged into mainline luasec ca 2013 and included in the 0.5 release in 2014.
| | * | | | | | | MUC: Simplify nickname refresh loopKim Alvefur2019-08-251-2/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Affiliation data is passed as a loop variable so no need to retrieve it