Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | mod_tokenauth: Fix misplaced closing parenthesis | Kim Alvefur | 2023-03-02 | 1 | -1/+1 |
| | | | | `type(x ~= y)` is always a string, thus truthy | ||||
* | mod_tokenauth: Gracefully handle missing tokens | Matthew Wild | 2023-03-01 | 1 | -0/+1 |
| | |||||
* | mod_auth_internal_hashed: Add oauthbearer handler to our SASL profile | Matthew Wild | 2023-03-01 | 1 | -1/+4 |
| | |||||
* | mod_tokenauth: Add SASL handler backend that can accept and verify tokens | Matthew Wild | 2023-03-01 | 1 | -0/+18 |
| | | | | | This is designed for use by other modules that want to accept tokens issued by mod_tokenauth, without duplicating all the necessary logic. | ||||
* | mod_tokenauth: Add some sanity checking of the new optional parameters | Matthew Wild | 2023-03-01 | 1 | -0/+4 |
| | |||||
* | mod_tokenauth: Add 'purpose' constraint | Matthew Wild | 2023-03-01 | 1 | -1/+2 |
| | | | | | | | | | | This allows tokens to be tied to specific purposes/protocols. For example, we shouldn't (without specific consideration) allow an OAuth token to be dropped into a slot expecting a FAST token. While FAST doesn't currently use mod_tokenauth, it and others may do in the future. It's better to be explicit about what kind of token code is issuing or expecting. | ||||
* | mod_saslauth: Support for SASL handlers forcing a specific resource | Matthew Wild | 2023-03-01 | 1 | -2/+4 |
| | | | | The token layer supports tokens that are tied to a given resource. | ||||
* | mod_admin_adhoc: Add XEP-0133 commands to Disable and Re-Enable users | Kim Alvefur | 2023-02-23 | 1 | -0/+66 |
| | | | | Enables UI in clients supporting XEP-0050 | ||||
* | mod_admin_shell: Add commands to disable and enable accounts | Kim Alvefur | 2023-02-23 | 1 | -0/+32 |
| | | | | First proper UI to enable/disable, allowing it to be tested. | ||||
* | mod_c2s: Disconnect accounts when they are disabled | Kim Alvefur | 2023-02-23 | 1 | -0/+1 |
| | | | | | | | | We decided that at the first stage, accounts that are disabled should simply be prevented from authenticating, thus they should also be prevented from having connected sessions. Since this is aimed to be a moderation action for cases of abuse, they shouldn't be allowed to continue being connected. | ||||
* | mod_auth_internal_hashed: Implement methods to enable and disable users | Kim Alvefur | 2023-02-23 | 1 | -4/+9 |
| | |||||
* | mod_auth_internal_hashed: Implement is_enabled() method | Kim Alvefur | 2023-02-23 | 1 | -3/+5 |
| | | | | Uses 'disabled' property already introduced in aed38948791f | ||||
* | mod_auth_internal_hashed: Add stub methods for enabling and disabling users | Kim Alvefur | 2023-02-22 | 1 | -0/+8 |
| | | | | But how and where? | ||||
* | mod_auth_internal_hashed: Refactor to prepare for disabling users | Kim Alvefur | 2023-02-22 | 1 | -2/+7 |
| | | | | | | Moving this out will make space for a dynamic check whether a particular user is disabled or not, which is one possible response to abuse of account privileges. | ||||
* | Merge 0.12->trunk | Matthew Wild | 2023-02-20 | 1 | -0/+3 |
|\ | |||||
| * | mod_websocket: Fire pre-session-close event (fixes #1800)0.12.3 | Matthew Wild | 2023-02-20 | 1 | -0/+3 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This event was added in a7c183bb4e64 and is required to make mod_smacks know that a session was intentionally closed and shouldn't be hibernated (see fcea4d9e7502). Because this was missing from mod_websocket's session.close(), mod_smacks would always attempt to hibernate websocket sessions even if they closed cleanly. That mod_websocket has its own copy of session.close() is something to fix another day (probably not in the stable branch). So for now this commit makes the minimal change to get things working again. Thanks to Damian and the Jitsi team for reporting. | ||||
* | | Merge 0.12->trunk | Kim Alvefur | 2023-02-16 | 2 | -1/+7 |
|\| | |||||
| * | mod_admin_socket: Return error on unhandled input to prevent apparent freeze | Kim Alvefur | 2023-02-16 | 2 | -1/+7 |
| | | | | | | | | | | | | When mod_admin_socket is loaded without mod_admin_shell, attempt to use `prosodyctl shell` will appear to freeze after any input, since no response is returned. | ||||
* | | mod_storage_sql: Remove module status on unknown 'debug' level | Kim Alvefur | 2023-01-31 | 1 | -1/+0 |
| | | | | | | | | | | Expected this to be translated to 'core', but it logs an error instead. See previous commit. | ||||
* | | mod_storage_sql: Silence luacheck warning | Kim Alvefur | 2023-01-30 | 1 | -1/+1 |
| | | |||||
* | | mod_storage_sql: Record connection to database as module status | Kim Alvefur | 2023-01-30 | 1 | -0/+6 |
| | | | | | | | | | | | | Allows retrieving this in e.g. a health reporting module Thanks pfak | ||||
* | | mod_admin_shell: Match substring in muc:affiliations() like muc:occupants() | Kim Alvefur | 2023-01-30 | 1 | -1/+1 |
| | | | | | | | | Maybe one day we'll get consistent filtering semantics everywhere. | ||||
* | | mod_admin_shell: Sort MUC users by relation and JID | Kim Alvefur | 2023-01-29 | 1 | -18/+51 |
| | | | | | | | | Suggested by MattJ, our resident UI expert :) | ||||
* | | mod_admin_shell: Make Role and Affiliation columns the same width for aesthetics | Kim Alvefur | 2023-01-29 | 1 | -2/+2 |
| | | | | | | | | | | The length of the title "Affiliation" made them both close enough that it looked off. | ||||
* | | mod_admin_shell: Use tables to present MUC users | Kim Alvefur | 2023-01-29 | 1 | -2/+18 |
| | | | | | | | | Tables are awesome! | ||||
* | | mod_admin_shell: Factor out room retrieval into common function | Kim Alvefur | 2023-01-29 | 1 | -18/+18 |
| | | | | | | | | Justification: See diffstat | ||||
* | | mod_admin_shell: Add muc:affiliations(room) command to list memberships | Kim Alvefur | 2023-01-29 | 1 | -0/+28 |
| | | | | | | | | | | Easier than going trough muc:room():each_affiliation() since you have to do fiddly things to reach the print() function. | ||||
* | | mod_admin_shell: Add muc:occupants(room) command to list occupants | Kim Alvefur | 2023-01-29 | 1 | -1/+30 |
| | | | | | | | | | | Easier than going trough muc:room():each_occupant() since you have to do fiddly things to reach the print() function. | ||||
* | | mod_muc_mam: Use higher precision timestamps | Kim Alvefur | 2023-01-21 | 1 | -1/+1 |
| | | | | | | | | See also 781772c8b6d9 | ||||
* | | Merge 0.12->trunk | Kim Alvefur | 2023-01-21 | 2 | -8/+25 |
|\| | |||||
| * | mod_muc_mam: Copy "include total" behavior from mod_mam | Kim Alvefur | 2023-01-21 | 1 | -1/+5 |
| | | | | | | | | | | Not sure why this was missing from MUC MAM, it already had some of the code for dealing with it. | ||||
| * | mod_muc_mam: Add mam#extended form fields #1796 (Thanks Rain) | Kim Alvefur | 2023-01-21 | 1 | -0/+10 |
| | | | | | | | | Oversight in cabb022f31c0 | ||||
| * | mod_mam,mod_muc_mam: Minimize differences (reorder, copy some comments) | Kim Alvefur | 2023-01-21 | 2 | -8/+11 |
| | | | | | | | | | | Should have no functional difference, but makes it easier keeping mod_mam and mod_muc_mam in sync. | ||||
* | | MUC: Add note about non-existant room method | Kim Alvefur | 2023-01-20 | 1 | -1/+1 |
| | | |||||
* | | mod_admin_socket: Fix typo in comments | Kim Alvefur | 2023-01-20 | 1 | -1/+1 |
| | | | | | | | | Introduced in 6966026262f4 | ||||
* | | Merge 0.12->trunk | Kim Alvefur | 2023-01-19 | 1 | -0/+1 |
|\| | |||||
| * | mod_smacks: Log something when hibernation starts | Kim Alvefur | 2023-01-19 | 1 | -0/+1 |
| | | | | | | | | | | Will hopefully save future confusion about sessions being destroyed when they are in fact not. | ||||
* | | mod_storage_sql: Support SQLite3 without LuaDBI | Kim Alvefur | 2023-01-19 | 1 | -1/+8 |
| | | |||||
* | | Merge 0.12->trunk | Kim Alvefur | 2023-01-10 | 1 | -2/+2 |
|\| | |||||
| * | mod_invites: Prefer landing page over xmpp URI in shell command | Kim Alvefur | 2023-01-10 | 1 | -2/+2 |
| | | | | | | | | To mirror behavior of prosodyctl invocation | ||||
* | | Merge 0.12->trunk | Kim Alvefur | 2023-01-06 | 1 | -14/+12 |
|\| | |||||
| * | mod_storage_sql: Fix #1639 | Kim Alvefur | 2023-01-01 | 1 | -14/+12 |
| | | | | | | | | Patch by Peter Kieser | ||||
* | | Merge 0.12->trunk | Kim Alvefur | 2022-12-29 | 1 | -1/+0 |
|\| | |||||
| * | mod_storage_sql: Don't avoid initialization under prosodyctl (fix #1787) | Kim Alvefur | 2022-12-29 | 1 | -1/+0 |
| | | | | | | | | | | | | | | | | | | Fixes `prosodyctl adduser` etc. Prior to d580e6a57cbb the line did nothing. Sometimes storage in the prosodyctl context does cause weirdness, as it is not in a host context, but rather a variant of global. | ||||
* | | mod_s2s_auth_certs: Validate certificates against secure SRV targets | Kim Alvefur | 2022-12-22 | 1 | -0/+10 |
| | | | | | | | | | | | | | | Secure delegation or "Mini-DANE" As with the existing DANE support, only usable in one direction, client certificate authentication will fail if this is relied on. | ||||
* | | Revert unintentionally committed parts of 12bd40b8e105 | Kim Alvefur | 2022-12-21 | 1 | -10/+0 |
| | | |||||
* | | mod_s2s: Retrieve stanza size limit from peer for bidi connections | Kim Alvefur | 2022-11-09 | 1 | -0/+7 |
| | | | | | | | | | | | | Having mod_s2s know about the bidi namespace is perhaps a bit awkward but putting this in mod_s2s_bidi would be more awkward as it has nothing to do with limits. Some indirection event could be added in the future. | ||||
* | | mod_s2s: Advertise stream features on bidi connections | Kim Alvefur | 2022-10-20 | 1 | -0/+6 |
| | | |||||
* | | mod_s2s_bidi: Add provisions for advertising features to bidi peers | Kim Alvefur | 2022-10-20 | 1 | -1/+3 |
| | | | | | | | | As introduced in XEP-xxxx: Stream Limits Advertisement | ||||
* | | mod_c2s,mod_s2s: Adapt to XEP-xxxx: Stream Limits Advertisement | Kim Alvefur | 2022-10-20 | 3 | -4/+16 |
| | | | | | | | | Thanks MattJ |