aboutsummaryrefslogtreecommitdiffstats
path: root/plugins
Commit message (Collapse)AuthorAgeFilesLines
...
| * mod_blocklist: Drop blocked messages without error, option to restore ↵Kim Alvefur2024-04-271-2/+7
| | | | | | | | | | | | | | | | | | | | | | | | compliant behavior From XEP-0191: > For message stanzas, the server SHOULD return an error, which SHOULD > be <service-unavailable/>. Following this may leak to a blocked JID that they have been blocked, which seems contrary to the goal of pretending to be perpetually offline.
* | mod_pep: Implement 'roster' (group) access_modelKim Alvefur2023-12-032-1/+24
| | | | | | | | | | | | | | Allows e.g. restricting your vcard4 to only family or similar. Notes: This does not include roster groups in the configuration form, so the client will have to get them from the actual roster.
* | mod_announce: Suppress luacheck warningsMatthew Wild2024-04-261-3/+3
| |
* | mod_announce: Add shell commands and APIs for sending to all/online/rolesMatthew Wild2024-04-241-3/+85
| |
* | mod_blocklist: Fix fix signal for letting stanzas passKim Alvefur2024-04-231-2/+0
| | | | | | | | Returning nothing/nil lets stanzas pass, returning anything else blocks
* | mod_blocklist: Check JID of mediated MUC invite sender against blocklistMatthew Wild2024-04-221-1/+16
| | | | | | | | | | This ensures that someone on your blocklist is unable to invite you to MUC rooms.
* | mod_saslauth: Log when tls-exporter is NOT supported, as well as when it isMatthew Wild2024-04-171-0/+2
| |
* | mod_http_file_share: Fix expiry disabled check for new config APIKim Alvefur2024-04-081-1/+1
| | | | | | | | Similar to 26c30844cac6
* | mod_version: Fix uname result style (thanks riau)Kim Alvefur2024-04-071-3/+3
| | | | | | | | `result[, err]`, not `ok, err|result`, must have confused it with pcall
* | mod_server_contact_info: Sort form fields to please scansionKim Alvefur2024-04-061-1/+2
| | | | | | | | | | The unstable hash table order caused the tests to fail and I don't know how to tell scansion to ignore the order.
* | mod_version: Handle access denied from uname()Kim Alvefur2024-04-061-1/+6
| | | | | | | | | | Discovered while experimenting with a stricter SystemCallFilter setting See man:systemd.exec(5)
* | mod_admin_shell: Add connection created timeaidan2024-04-031-0/+12
| | | | | | | | | | | | This adds an output format option to show the time that the connection was created. Ref #1852
* | Merge 0.12->trunkKim Alvefur2024-04-041-2/+2
|\|
| * mod_invites_adhoc: Fix result form type (thanks betarays)Kim Alvefur2024-04-041-2/+2
| |
* | MUC: Fix legacy hats (thanks nicoco)Kim Alvefur2024-03-281-2/+8
| | | | | | | | Why do we not have tests for this?
* | MUC: Switch to official XEP-0317 namespace for Hats (including compat) ↵Kim Alvefur2024-03-281-1/+10
| | | | | | | | (thanks nicoco)
* | mod_posix: Move everything to util.startupKim Alvefur2024-03-231-112/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This allows greater control over the order of events. Notably, the internal ordering between daemonization, initialization of libunbound and setup of signal handling is sensitive. libunbound starts a separate thread for processing DNS requests. If this thread is started before signal handling has been set up, it will not inherit the signal handlers and instead behave as it would have before signal handlers were set up, i.e. cause the whole process to immediately exit. libunbound is usually initialized on the first DNS request, usually triggered by an outgoing s2s connection attempt. If daemonization happens before signals have been set up, signals may not be processed at all.
* | mod_bosh: Set base_type on sessionMatthew Wild2024-03-171-1/+1
| | | | | | | | | | This fixes a traceback with mod_saslauth. Ideally we move this to util.session at some point, though.
* | mod_pubsub: Ignore shadowed variable [luacheck]Kim Alvefur2024-03-061-0/+1
| |
* | mod_pubsub: Add shell commands to create and list nodesMatthew Wild2024-03-061-0/+42
| |
* | mod_posix: Move POSIX signal handling into util.startup to avoid raceKim Alvefur2024-03-021-50/+0
| | | | | | | | | | | | | | | | | | | | When libunbound is initialized, it spawns a thread to work in. In case a module initializes libunbound, e.g. by triggering a s2s connection, Prosody would not handle signals, instead immediately quit on e.g. the reload (SIGHUP) signal. Likely because the libunbound thread would not have inherited the signal mask from the main Prosody thread. Thanks Menel, riau and franck-x for reporting and help narrowing down
* | mod_s2s: Comment on why we avoid hostnames in stanza bounce messagesKim Alvefur2024-02-241-0/+2
| |
* | mod_cron: Fix log format to account for float that was integer beforeKim Alvefur2024-02-241-1/+1
| |
* | mod_server_contact_info: Update to publish fields via new mod_server_infoMatthew Wild2024-02-231-12/+25
| |
* | mod_server_info: New module to manage the serverinfo disco extension formMatthew Wild2024-02-231-0/+55
| | | | | | | | | | | | | | | | This allows multiple modules to populate the form dynamically. Currently the form is "owned" by mod_server_contact_info, which prevents other modules from contributing to it. A further commit will port mod_server_contact_info to use this module.
* | mod_s2s_auth_certs: Handle potential string errorKim Alvefur2024-02-211-3/+6
| | | | | | | | | | conn:ssl_peerverification() can now return a single error in case the connection has been closed for whatever reason
* | mod_cron: Allow configuring various "internal" delay parametersMatthew Wild2024-02-201-2/+10
| | | | | | | | | | Notably, it is now possible to add a randomized spread factor to the check interval.
* | mod_c2s: Fix error on role change on Components (thanks Menel)Kim Alvefur2024-02-171-0/+3
| |
* | mod_smacks: Adjust buckets for resumption age statisticKim Alvefur2024-02-161-1/+1
| | | | | | | | | | | | | | | | | | Given that there are recommendations floating around recommending 24 hours session lifetime, having buckets up to 10 minutes wouldn't be useful in that case. Would be nice if we had some way to automatically assign suitable number series for buckets, scaled to what the configuration might be.
* | mod_storage_internal: Fix off-by-one when searching archive forKim Alvefur2024-02-151-6/+2
| | | | | | | | | | Fixes a test case provided by MattJ where the very first item matched by a 'start' timestamp was not returned.
* | mod_s2s_auth_dane_in: Try single TLSA lookup per draft-ietf-dance-client-authKim Alvefur2024-01-111-4/+11
| | | | | | | | Moves some complexity from the implementation into DNS operations.
* | mod_s2s_auth_dane_in: Simplify result processingKim Alvefur2024-01-111-18/+26
| | | | | | | | Fewer loops
* | MUC: Record reason for affiliation changes and return in list (fixes #1227)Kim Alvefur2021-08-081-4/+11
| |
* | mod_invites: Fix argument handlingKim Alvefur2024-01-211-1/+1
| | | | | | | | | | Not sure what the next() was supposed to do. Reject unknown --options perhaps?
* | mod_invites: Show short help instead of traceback on missing hostnameKim Alvefur2024-01-131-2/+3
| |
* | mod_invites: Show help if --help passed instead of hostnameKim Alvefur2024-01-131-18/+25
| | | | | | | | | | Because I couldn't guess the right way to get the help message without reading the source twice.
* | mod_invites: Allow specifying invite ttl on command lineKim Alvefur2024-01-131-1/+3
| | | | | | | | Was missing a way to pass TTL via command or shell.
* | Merge 0.12->trunkKim Alvefur2023-12-171-0/+4
|\|
| * mod_disco: Advertise disco#info and #items on bare JIDs to fix #1664Kim Alvefur2023-12-171-0/+4
| | | | | | | | | | | | | | | | Having to add these in *there* places seems less than ideal. I would also think that advertising disco#info is a bit redundant, since it is a requirement for everything in XMPP and if it was missing you would get an error back.
* | mod_storage_internal, tests: Fix before/after combined with the 'reverse' flagMatthew Wild2023-12-121-0/+1
| |
* | mod_http_errors: Simplify CSS via built-in dark modeKim Alvefur2023-12-061-2/+2
| |
* | mod_user_account_management: Clear pending deletion if account re-enabledMatthew Wild2023-12-071-0/+6
| |
* | mod_saslauth: Fire event per SASL stepMatthew Wild2023-12-051-2/+5
| | | | | | | | | | This matches the behaviour of the newer mod_sasl2 implementation. It allows plugins to observe (and potentially, with caution, modify) the SASL exchange.
* | mod_c2s: Make c2s_timeout timer reachable to allow access from other modulesKim Alvefur2023-12-031-1/+3
| | | | | | | | E.g. the timeout could be extended under certain conditions.
* | mod_s2s: Close connection on smacks timeoutKim Alvefur2023-12-021-0/+6
| | | | | | | | | | | | | | | | | | | | | | This merges the mod_s2s_smacks_timeout behavior from prosody-modules This event is fired by mod_smacks when the connection has not responded to an ack-request for a period of time defaulting to 30 seconds, indicating that the connection has become stuck or non-responsive. Closing it prevents routing further messages via this connection and frees resources. A stuck connection may otherwise remain until for a time determined by the OS TCP subsystem, which can be quite long.
* | mod_saslauth: Fire event at start of authentication attemptKim Alvefur2023-12-011-0/+6
| | | | | | | | | | | | As extension point for rate limiting and similar checks, so they can hook a single event instead of <{sasl1}auth> or stream features, which might not be fired in case of SASL2 or e.g. HTTP based login.
* | mod_user_account_management: Fire events with a fake (not destroyed) sessionMatthew Wild2023-11-301-3/+24
| | | | | | | | | | | | | | Previously these events fired after the session had been destroyed, which removes many of the useful properties. The ones I chose to preserve here are the ones used by the community module mod_audit, which seems like a good baseline.
* | mod_cron: Rebuild with new LuaFormatter settings (tabs!)Kim Alvefur2023-11-301-77/+59
| |
* | mod_user_account_management: Add support for soft-deletion of accounts via IBRMatthew Wild2023-11-301-13/+137
| | | | | | | | | | | | | | | | | | | | | | | | When registration_delete_grace_period is set, accounts will be disabled for the specified grace period before they are fully deleted. During the grace period, accounts can be restored with the user:restore() shell command. The primary purpose is to prevent accidental or malicious deletion of a user's account, which is traditionally very easy for any XMPP client to do with a single stanza.
* | mod_cron: Update Teal source and rebuildMatthew Wild2023-11-301-77/+75
| |