aboutsummaryrefslogtreecommitdiffstats
path: root/plugins
Commit message (Collapse)AuthorAgeFilesLines
...
* | mod_admin_shell: Refactor 'cert' columnKim Alvefur2023-04-301-4/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Removes some dead code and hopefully simplifies a bit. There's a tree of possibilities with the two tri-state status properties, something like chain: * nil -- cert validation disabled? * invalid -- something wrong with the chain (including ee cert) * valid -- chain ok cert: * nil -- incomplete validation?? * invalid -- mismatched names or such * valid -- all good!
* | Merge 0.12->trunkKim Alvefur2023-04-191-1/+1
|\|
| * mod_admin_shell: Fix display of remote cert status when expired etcKim Alvefur2023-04-061-1/+1
| | | | | | | | | | Looks like autocomplete unhelpfully capitalized this word, but it's lowercase where it is set in mod_s2s_auth_certs
* | mod_tls: Drop request for client certificates on outgoing connectionsKim Alvefur2023-04-191-1/+1
| | | | | | | | | | | | It is the other end who should request client certificates for these connections, we only need to send ours. Hopefully this was treated as a noop, so probably no harm in keeping it. But hey, spring cleaning? :)
* | mod_csi: Always advertise featureKim Alvefur2023-04-161-2/+1
| | | | | | | | | | | | Was previously supposed to be conditionally advertised based on availability of a module handling the actual optimizations, which was removed in be9ac41f1619
* | mod_tokenauth: Fix parsing binary part of tokensKim Alvefur2023-04-121-1/+1
| | | | | | | | | | | | Fixes parsing of tokens that happen to have a `;` in their secret part, otherwise it splits there and the later bit goes into the username and hitting the "Invalid token in storage" condition.
* | mod_tokenauth: Only check if expiry of expiring tokensKim Alvefur2023-04-121-1/+1
| | | | | | | | | | | | | | | | Some tokens, e.g. OAuth2 refresh tokens, might not have their lifetime explicitly bounded here, but rather be bounded by the lifetime of something else, like the OAuth2 client. Open question: Would it be better to enforce a lifetime on all tokens?
* | mod_admin_shell: Use same wildcard matching in other s2s commandKim Alvefur2023-04-101-6/+5
| | | | | | | | Consistency is nice.
* | mod_admin_shell: Factor apart wildcard matching into function for reuseKim Alvefur2023-04-101-14/+18
| | | | | | | | Applying this for s2s:close[all]() would also be nice.
* | mod_csi: Remove module status, doesn't work because of mod_smacksKim Alvefur2023-04-101-12/+0
| | | | | | | | | | | | | | This was meant to warn in case you had only mod_csi without a logic handling module like mod_csi_simple by checking if anything hooked this event, however mod_smacks also hooks this event and so this isn't really a useful way of detecting this condition.
* | mod_http: Fix reliance on previous tostring() format of util.setKim Alvefur2023-04-101-2/+7
| | | | | | | | | | | | | | | | a863e4237b91 unintentionally changed the format of HTTP CORS headers, which were apparently relying on the output of tostring(), which it shouldn't have. Explicitly serializing it this time.
* | mod_admin_shell: Add config:set([host,] key, value) because why notKim Alvefur2023-04-081-0/+8
| | | | | | | | | | | | | | | | | | We had config:get() but not this. > <MattJ> Yeah, why did we never implement that? Handy if you want to quickly try out settings without reloading the whole config.
* | mod_admin_shell: Allow wildcard matches like s2s:show("*.example.com")Kim Alvefur2023-04-081-1/+13
| | | | | | | | | | E.g. if you want to show connections to/from a domain, including its subdomains, this is handy.
* | mod_http_file_share: use util.human.io.parse_durationJonas Schäfer2022-04-281-1/+7
| | | | | | | | | | | | Updated by Zash, the original patch by Jonas had put the duration parsing function in util.datetime but MattJ later did the same thing but differently in f4d7fe919969
* | mod_mam: port to use util.human.io.parse_durationJonas Schäfer2022-04-281-8/+6
| | | | | | | | | | | | Updated by Zash, the original patch by Jonas had put the duration parsing function in util.datetime but MattJ later did the same thing but differently in f4d7fe919969
* | mod_admin_shell: Allow "*" as substitute for 'nil' for easier CLI usageKim Alvefur2023-04-071-2/+2
| | | | | | | | | | | | | | | | Since prosodyctl shell with additional arguments assumes the first two are a section:command() and any following arguments are strings, passing a bare 'nil' is not possible. In order to avoid delving into this rabbit hole, instead produce a token that alone is not really a legal JID for use as wildcard.
* | mod_admin_shell: Make IP column thinner if IPv6 is disabledKim Alvefur2023-04-071-1/+1
| | | | | | | | | | | | | | IPv6 addresses can be pretty long, so if they can be more compact, that's nice. But nobody would disable IPv6, would they?
* | mod_admin_shell: Make default column width 1 partKim Alvefur2023-04-071-1/+1
| | | | | | | | | | These gets used for usernames, resources and other random session fields that don't have a column definition in `available_columns`
* | mod_admin_shell: Fix attempt to compare number with stringKim Alvefur2023-04-071-1/+1
| | | | | | | | Missed the # in 93c1590b5951
* | mod_admin_shell: Dynamically size JIDs and hostsKim Alvefur2023-04-071-4/+4
| | | | | | | | Reasoning: a hostname is one part, a JID is 3 parts.
* | mod_admin_shell: More dynamic widths calculationsKim Alvefur2023-04-071-3/+14
| |
* | mod_admin_shell: Calculate widths of columns from example valuesKim Alvefur2023-04-061-12/+19
| | | | | | | | | | Harder to accidentally count wrong if Lua is doing the counting on a plausible input.
* | mod_admin_shell: Strip 'prosody:' prefix to allow narrower Role columnKim Alvefur2023-04-021-3/+4
| |
* | mod_debug_reset: Remove now unused import of util.time (thanks luacheck)Matthew Wild2023-04-061-2/+0
| |
* | mod_debug_reset: Don't delay operations until next tickMatthew Wild2023-04-061-6/+4
| | | | | | | | | | | | | | | | For some unknown reason, this was required with the old mock util.time functions prior to 012d6e7b723a. After 012d6e7b723a, it breaks. So I'm happy to revert to not delaying anything. This makes tests pass again.
* | mod_csi: Drop summary stats, doesn't work in normal moduleKim Alvefur2023-04-061-9/+0
| | | | | | | | | | | | This method ends up going up for each collection and the :clear() method is only available to global modules (see e.g. mod_c2s), while regular per-host modules get scoped stats
* | mod_csi: Add metrics, covering changes and totalsKim Alvefur2023-04-061-0/+12
| | | | | | | | | | Motivation: Investigating clients that seem to forget to set CSI. Also, of course, MORE GRAPHS!
* | mod_tokenauth: Add API method to revoke a grant by idMatthew Wild2023-04-051-0/+7
| | | | | | | | We probably want to refactor revoke_token() to use this one in the future.
* | Merge 0.12->trunkKim Alvefur2023-04-041-1/+10
|\|
| * mod_smacks: Replace existing watchdog when starting hibernationKim Alvefur2023-04-021-0/+4
| | | | | | | | | | | | There shouldn't be one here but if there is, for some reason, it's better to close it than have it around to wake up and possibly try to destroy the session.
| * mod_smacks: Fix stray watchdog closing sessionsKim Alvefur2023-04-021-1/+6
| | | | | | | | | | | | Unsure exactly how this happens, but sometimes a watchdog appears to close a session that isn't hibernating, or hasn't hibernating long enough.
* | mod_adhoc: Remove "mod_" prefix from permission action nameKim Alvefur2023-04-022-3/+3
| | | | | | | | Other places doesn't have "mod_" there, why should it here?
* | mod_admin_shell: Allow matching on host or bare JID in c2s:showKim Alvefur2023-03-311-2/+2
| | | | | | | | | | Only supporting exact match on full JID isn't helpful if you want to list sessions per host or user.
* | mod_invites: Record roles as ordered list, first becoming primary roleKim Alvefur2023-03-301-4/+4
| | | | | | | | For mod_invites_register to apply on user creation.
* | mod_invites_register: Allow roles to be an ordered list, first being primaryKim Alvefur2023-03-301-1/+14
| | | | | | | | | | | | Part of an update to mod_invites and friends to the new authz and roles. Invites with roles in the old way will need to be migrated, but with invites often being short lived it is probably not a long-lived problem.
* | mod_tokenauth: Add API to inspect individual grants or all of a user's grantsMatthew Wild2023-03-291-0/+18
| |
* | mod_tokenauth: Move grant validation to a reusable functionMatthew Wild2023-03-291-6/+25
| |
* | mod_tokenauth: fix traceback if password has never been changedJonas Schäfer2023-03-281-1/+1
| | | | | | | | | | By checking the password_updated_at for non-nilness before using it, we avoid a nasty crash :-).
* | mod_tokenauth: Fire events on grant creation and revocationMatthew Wild2023-03-281-1/+13
| |
* | mod_tokenauth: Fix storage API mistake in revocationKim Alvefur2023-03-281-1/+1
| |
* | mod_tokenauth: Fix traceback when checking expiry of tokens with no expiryMatthew Wild2023-03-271-1/+2
| |
* | mod_tokenauth: Refactor API to separate tokens and grantsMatthew Wild2023-03-271-115/+92
| | | | | | | | | | | | | | This is another iteration on top of the previous sub-tokens work. Essentially, the concept of a "parent token" has been replaced with the concept of a "grant" to which all tokens now belong. The grant does not have any tokens when first created, but the create_token() call can add them.
* | mod_tokenauth: Support for creating sub-tokensMatthew Wild2023-03-261-22/+110
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Properties of sub-tokens: - They share the same id as their parent token - Sub-tokens may not have their own sub-tokens (but may have sibling tokens) - They always have the same or shorter lifetime compared to their parent token - Revoking a parent token revokes all sub-tokens - Sub-tokens always have the same JID as the parent token - They do not have their own 'accessed' property - accessing a sub-token updates the parent token's accessed time Although this is a generic API, it is designed to at least fill the needs of OAuth2 refresh + access tokens (where the parent token is the refresh token and the sub-tokens are access tokens).
* | mod_tokenauth: return error if storage of new token failsMatthew Wild2023-03-261-1/+4
| |
* | core.usermanager: Correct formatting of not implemented errorKim Alvefur2023-03-261-1/+1
| | | | | | | | Spaces, no hyphen, apparently.
* | mod_admin_shell: Enable user after creation with roleKim Alvefur2023-03-261-0/+5
| | | | | | | | | | Fixes that otherwise the user was created in a disabled state and left as such.
* | mod_admin_shell: Simplify user creation when no role givenKim Alvefur2023-03-261-8/+16
| | | | | | | | | | | | Idea here is to prevent a user from being created with the default role if a different role was given, but that dance wouldn't be needed if no role is provided.
* | mod_server_contact_info: Reorder dataform keys for more aligned viewKim Alvefur2023-03-241-9/+10
| |
* | mod_tokenauth: Track last access time (last time a token was used)Matthew Wild2023-03-241-3/+15
| |
* | plugins: Prefix module imports with prosody namespaceKim Alvefur2023-03-24100-503/+503
| |