aboutsummaryrefslogtreecommitdiffstats
path: root/plugins
Commit message (Collapse)AuthorAgeFilesLines
* mod_saslauth: Set a nicer bounce error explaining SASL EXTERNAL failuresKim Alvefur2019-12-071-1/+4
| | | | | | | | Better than the previous string concatenation of SASL failure condition and optional text sent by the remote server. Would be nice to have a text per condition, other than the probably most common 'not-authorized'.
* mod_saslauth: Collect SASL EXTERNAL failures into an util.error objectKim Alvefur2019-12-071-5/+12
| | | | | Will be easier than that concatenated string to extract info out of for use elsewhere.
* mod_s2s: Invert condition to return early and reduce indentationKim Alvefur2019-12-041-26/+26
|
* mod_s2s: Fix mistake in 28755107c2f4Kim Alvefur2019-12-031-0/+1
|
* mod_saslauth: Advertise correct set of mechanismsKim Alvefur2019-12-021-1/+1
| | | | | | | | | Mistakenly iterates over the set of all supported mechanisms instead of the one without insecure mechanisms if the connection is insecure. Not a problem if c2s_require_encryption is true Introduced in 56a0f68b7797
* mod_s2s: Refactor stream error handling on closeKim Alvefur2019-12-011-19/+14
| | | | | | Deduplicates the 3 log calls that log the same thing but subtly differently. The first one would say "Disconnecting localhost" and the last one didn't log the IP.
* mod_s2s: Use stanza type check instead of duck typingKim Alvefur2019-12-011-1/+1
|
* mod_net_multiplex: Remove debug messageKim Alvefur2019-12-011-1/+0
| | | | | This was something I added during development and set to info level for visibility.
* mod_s2s: Improve TLS handshake error messagesKim Alvefur2019-12-011-0/+4
| | | | | | This should make it clearer that it's about the TLS handshake. Otherwise it's something like "unsupported protocol" or "no shared ciphers" that might not be that obvious.
* mod_s2s: Log from session loggerKim Alvefur2019-11-301-1/+1
| | | | Helps locating all messages related to a specific session
* mod_s2s: Improve log message about forbidding insecure connectionsKim Alvefur2019-11-301-1/+1
| | | | This new wording generator is nice.
* mod_admin_telnet: Sort hostsKim Alvefur2019-11-301-1/+5
| | | | | | Groups by domain in DNS hierarchy order or something. Why not split on '.' you ask? Well becasue that's not what I typed here. Also "[^.]" is longer than "%P".
* mod_carbons: Improve performance by delaying creation of carbon payloadKim Alvefur2019-11-301-11/+15
| | | | | | If there are no other sessions which also enabled carbons then the carbons wrapper is not used and the potentially expensive clone operation was a waste of cycles.
* mod_net_multiplex: Tweak debug logging for ALPN caseKim Alvefur2019-11-291-2/+1
|
* mod_net_multiplex: Add support for using ALPNKim Alvefur2019-11-294-3/+40
| | | | | | | Potentially a bit more efficient since it can jump to the selected protocol on connect instead of waiting for some data to look at. Adds a 'protocol' field to net providers for this purpose.
* mod_admin_telnet: Display ALPN in show_tls() if supported and availableKim Alvefur2019-11-211-0/+6
|
* mod_http: Log served URLs at 'info' levelKim Alvefur2019-11-291-1/+1
| | | | | | These are similar to the "activated service" messages from portmanager and similarily useful for the service admin to know even if they're not debugging anything.
* mod_s2s: Prevent unhandled stanza handler from complaining about stream ↵Kim Alvefur2019-11-291-2/+2
| | | | | | features on aborted connections I have no idea why I wrote return false in e5945fb5b71f
* mod_s2s_bidi: Ignore unencrypted connections if s2s_require_encryption is setKim Alvefur2019-11-281-3/+5
| | | | Prevents some weirdness in cases where no authentication is done
* mod_s2s: Abort outgoing connections earlier when TLS requirement isn't satisfiedKim Alvefur2019-11-281-0/+7
| | | | | This ensures the closure reason is accurate and not reported as an authentication or other problem
* mod_s2s: Send stream errors for cert problems on outgoing connectionsKim Alvefur2019-11-281-6/+7
| | | | Rationale in comment.
* mod_s2s: Improve error in bounces due to cert validation problemsKim Alvefur2019-11-271-3/+24
|
* mod_s2s_auth_certs: Save chain validation errors for later useKim Alvefur2019-11-271-0/+1
|
* MUC: Add missing reference to room (thanks buildbot) [luacheck]Kim Alvefur2019-11-261-0/+1
|
* MUC: Indicate the component as origin of various errors where there's no roomKim Alvefur2019-11-262-7/+7
| | | | A room that doesn't exist can't return an error, can it?
* MUC: Indicate that the room is the origin of various errors where 'from' is ↵Kim Alvefur2019-11-253-16/+19
| | | | an occupant JID
* MUC: Indicate origin of registration related errorsKim Alvefur2019-11-251-3/+3
|
* MUC: Indicate origin of password related errorsKim Alvefur2019-11-251-1/+1
|
* Merge 0.11->trunkKim Alvefur2019-11-2349-976/+1526
|\
| * mod_http_errors: Show a friendly page instead of 404 on top levelKim Alvefur2019-11-171-0/+12
| |
| * mod_csi: Cache CSI module availability to improve readabiltyKim Alvefur2019-11-231-1/+4
| |
| * mod_csi: Set module status based on whether a CSI handler module appears to ↵Kim Alvefur2019-11-231-0/+9
| | | | | | | | be loaded
| * mod_csi: Only advertise CSI to clients if something is handling CSI eventsKim Alvefur2019-11-171-1/+1
| |
| * mod_s2s: Add error text for error replies on some s2s failures (#770)Kim Alvefur2019-11-231-5/+6
| |
| * s2s: Allow passing a custom error for bouncing queued stanzas (#770)Kim Alvefur2019-11-231-3/+3
| | | | | | | | Since stream errors and stanza errors are different
| * mod_admin_telnet: Show SNI name in show_tls() if availableKim Alvefur2019-11-201-0/+6
| |
| * mod_s2s: Wait for remote to close any connection allowing incoming stanzasKim Alvefur2019-11-181-1/+1
| | | | | | | | Ie both s2sin and bidi-enabled s2sout.
| * mod_muc_mam: Copy debug log improvements from mod_mamKim Alvefur2019-11-171-6/+12
| |
| * mod_csi_simple: Make sure to disable optimizations before mod_smacks (thanks ↵Kim Alvefur2019-11-171-1/+1
| | | | | | | | pep.)
| * mod_http: Soften dependency on mod_http_errorsKim Alvefur2019-11-161-1/+3
| | | | | | | | | | | | This allows disabling mod_http_errors by adding it to moduless_disabled and ensures mod_http loads even if the error pages aren't as pretty.
| * mod_s2s: Allow passing bounce reason as an util.error object (see #770)Kim Alvefur2019-11-081-2/+9
| | | | | | | | This argument is currently unused in s2smanager.
| * mod_ping: Remove ad-hoc commandKim Alvefur2019-11-071-15/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 17:27:40 <Ge0rG> Zash: the Ping thing is absolutely worthless 17:27:55 <Zash> The command provided by mod_ping? 17:27:59 <pep.> To own server? 17:28:14 <Ge0rG> the Ping command in mod_admin_web, whatever it maps to 17:28:29 <Ge0rG> > Pong > 2019-11-07T16:28:16Z What am I supposed to do with that result? 17:28:29 <Zash> Yeah, mod_ping provides that 17:28:41 <Ge0rG> Is it a ping to my own server? Where's the RTT? 17:28:48 <Zash> Dunno if it's useful for more than verifying that the adhoc command system works 17:29:02 <Ge0rG> (it lags, but there is no indication of how much) 17:29:14 <Zash> It can't really test that itself 17:29:52 <Zash> Anyone opposed to deleting it? 17:30:42 <Zash> Half the module 17:42:47 <MattJ> Zash, I'm fine with removing it
| * mod_admin_adhoc: Add some flags to s2s listing commandKim Alvefur2019-11-071-0/+12
| | | | | | | | These are present in mod_admin_telnet and relevant to s2s
| * mod_admin_telnet: Show s2s authentication method (probably) usedKim Alvefur2019-11-021-0/+6
| |
| * mod_user_account_management: Apply username normalization laterKim Alvefur2019-11-021-1/+2
| | | | | | | | Prevents traceback from nodeprep(nil)
| * mod_s2s: Only nameprep stream to/from addresses if they are presentKim Alvefur2019-11-021-1/+3
| | | | | | | | Prevents traceback from nameprep(nil)
| * mod_dialback: Fix potential traceback in case of missing addressingKim Alvefur2019-11-021-0/+1
| | | | | | | | | | | | Not tested. Assuming nothing good comes from continuing the program flow after this. The connection should get closed and the event gets aborted by a traceback anyways.
| * mod_c2s: Validate that a 'to' attribute exists at allKim Alvefur2019-11-021-0/+5
| | | | | | | | Prevents traceback from nameprep(nil)
| * mod_bosh: Abort early if request is missing hostnameKim Alvefur2019-11-021-0/+9
| | | | | | | | Prevents traceback from passing nil to nameprep()
| * mod_dialback: Abort early if request is missing addressing attributesKim Alvefur2019-11-021-0/+5
| | | | | | | | Prevents traceback from passing nil to nameprep()