Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | util.xml: Do not allow doctypes, comments or processing instructions0.11.12 | Jonas Schäfer | 2022-01-10 | 1 | -2/+23 |
| | | | | | | | | | | | | | | | | | | Yes. This is as bad as it sounds. CVE pending. In Prosody itself, this only affects mod_websocket, which uses util.xml to parse the <open/> frame, thus allowing unauthenticated remote DoS using Billion Laughs. However, third-party modules using util.xml may also be affected by this. This commit installs handlers which disallow the use of doctype declarations and processing instructions without any escape hatch. It, by default, also introduces such a handler for comments, however, there is a way to enable comments nontheless. This is because util.xml is used to parse human-facing data, where comments are generally a desirable feature, and also because comments are generally harmless. | ||||
* | util.startup: Correctly point out unknown short param (fixes #1691) | Kim Alvefur | 2021-10-12 | 1 | -1/+1 |
| | |||||
* | util.ip: Fix netmask for link-local address range | Kim Alvefur | 2021-07-03 | 1 | -1/+1 |
| | | | | | | | | | | | This may have mistakenly caused link-local addresses to be considered global. May have caused mod_s2s and prosodyctl check dns to behave incorrectly on networks using link-local IPv4 addresses. By my guesstimate, these are extremely rare. Probably minimal impact beyond a bit longer to establish s2s and some possible confusion from prosodyctl check dns results. Ref RFC 3927 | ||||
* | util.pubsub: Fix traceback if node data not initialized | Kim Alvefur | 2021-05-16 | 1 | -0/+4 |
| | | | | | This should not be possible, but a traceback indicating node_data being nil here was reported by Ron in the chat. | ||||
* | util.xmppstream: Allow dynamically configuring the stanza size limit for a ↵ | Matthew Wild | 2021-05-10 | 1 | -0/+3 |
| | | | | | | | stream This may be useful for any plugins that want to experiment with different policies for stanza size limits (e.g. unauthenticated vs authenticated streams). | ||||
* | util.xmppstream: Mark bytes for stream closure as handled | Matthew Wild | 2021-05-10 | 1 | -0/+3 |
| | |||||
* | util.xmppstream: Reduce default xmppstream limit to 1MB | Matthew Wild | 2021-05-10 | 1 | -1/+1 |
| | |||||
* | util.set: Add is_set() to test if an object is a set | Matthew Wild | 2021-05-10 | 1 | -2/+8 |
| | |||||
* | util.startup: Set more aggressive defaults for GC | Matthew Wild | 2021-05-07 | 1 | -1/+7 |
| | | | | | | | | | Testing has demonstrated that the default GC parameters are not sufficient to prevent runaway memory growth when running under Lua 5.2 and Lua 5.3. Setting the GC speed to 500 was tested on Lua versions 5.1->5.4 and did not display unbounded memory growth. | ||||
* | util.interpolation: Fix combination of filters and fallback values #1623 | Kim Alvefur | 2021-01-25 | 1 | -2/+2 |
| | |||||
* | util.timer: Ensure timers can't run more than once per tick (fixes #1620) | Kim Alvefur | 2021-01-08 | 1 | -1/+14 |
| | | | | See longer explanation in 2c559953ad41 | ||||
* | util.stanza: Move misplaced argument to correct place | Kim Alvefur | 2020-12-24 | 1 | -2/+2 |
| | | | | | valid_utf8() takes only one argument, so the false was probably meant to be valid_xml_cdata(text, attribute=false) | ||||
* | util.promise: Use xpcall() for promise function to preserve tracebacks | Matthew Wild | 2020-11-23 | 1 | -1/+1 |
| | |||||
* | util.stanza: Reject ASCII control characters (fixes #1606) | Kim Alvefur | 2020-11-11 | 1 | -1/+9 |
| | |||||
* | util.dbuffer: Optimize :sub() and :byte() | Matthew Wild | 2020-10-28 | 1 | -4/+26 |
| | |||||
* | util.debug: Fix locals being reported under wrong stack frame in some cases ↵ | Matthew Wild | 2020-10-16 | 1 | -1/+1 |
| | | | | (+tests!!) | ||||
* | util.dbuffer: Expose length as :len() method, like strings | Kim Alvefur | 2020-10-12 | 1 | -0/+1 |
| | | | | Ref #1598 | ||||
* | util.dependencies: Check for bitop library same way as net.websocket.frames ↵ | Kim Alvefur | 2020-10-05 | 1 | -1/+1 |
| | | | | (fixes #1594) | ||||
* | Merge | Matthew Wild | 2020-09-30 | 2 | -0/+183 |
|\ | |||||
| * | util.dbuffer: Fix :sub() not working with partially-consumed chunks (thanks ↵ | Matthew Wild | 2020-08-24 | 1 | -0/+176 |
| | | | | | | | | | | | | Zash for test case) This also appears to fix some bugs with chunk-encoded streams in net.http.parser. | ||||
| * | util.dbuffer: dynamic string buffer | Matthew Wild | 2020-06-26 | 1 | -0/+7 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Similar to util.ringbuffer (and shares almost identical API). Differences: - size limit is optional and dynamic - does not allocate a fixed buffer of max_size bytes - focus on simply storing references to existing string objects where possible, avoiding unnecessary allocations - references are still stored in a ring buffer to enable use as a fast FIFO Optional second parameter to new() provides the number of ring buffer segments. On Lua 5.2 on my laptop, a segment is ~19 bytes. If the ring buffer fills up, the next write will compact all strings into a single item. | ||||
* | | util.indexedbheap: Fix heap datastructure corruption in ↵ | Waqas Hussain | 2020-09-29 | 1 | -1/+1 |
|/ | | | | :reschedule(smaller_value) | ||||
* | util.startup: Configure the GC on startup, using the config or built-in defaults | Matthew Wild | 2020-06-15 | 1 | -0/+17 |
| | |||||
* | util.gc: Linter fixes [luacheck] | Matthew Wild | 2020-06-15 | 1 | -2/+1 |
| | |||||
* | util.gc: New module for configuring the Lua garbage collector | Matthew Wild | 2020-06-15 | 1 | -0/+50 |
| | |||||
* | util.startup: Remove duplicated initialization of logging (fix #1527) | Kim Alvefur | 2020-06-22 | 1 | -1/+0 |
| | |||||
* | util.sasl.plain: Apply saslprep to stored password | Kim Alvefur | 2020-05-22 | 1 | -1/+1 |
| | | | | | | Fixes something like #1560 here too. The password sent by the user already had saslprep applied. | ||||
* | util.sasl.scram: Apply saslprep before hashing password, fixes #1560 | Kim Alvefur | 2020-05-22 | 1 | -0/+4 |
| | |||||
* | util.prosodyctl: Tell prosody do daemonize via command line flag (fixes #1514) | Kim Alvefur | 2020-01-26 | 1 | -2/+2 |
| | | | | Backport of 88be11e9f9b9 | ||||
* | util.datamanager: Fix iterating over "users" (thanks marc0s) | Kim Alvefur | 2020-02-24 | 1 | -1/+1 |
| | | | | | | | | | The 'store' path componend used to be unescaped until 756a2a00e7e7 added escaping to address issues with characters like '/' used in PEP, but with a special case for '_' which was already in common use in 'store' path components. Missed adding this escaping here. | ||||
* | util.startup: Ensure prosody.opts exists even when no options provided0.11.5 | Matthew Wild | 2020-01-19 | 1 | -1/+1 |
| | |||||
* | util.startup: Remove accidentally-committed debugging | Matthew Wild | 2020-01-19 | 1 | -1/+0 |
| | |||||
* | util.startup: Fix logic to make --config work again | Matthew Wild | 2020-01-19 | 1 | -37/+39 |
| | |||||
* | prosody/util.startup: Switch to parse_args() for --root and --config | Matthew Wild | 2020-01-19 | 1 | -6/+6 |
| | |||||
* | util.startup: Add startup step for parsing command-line options | Matthew Wild | 2020-01-19 | 1 | -0/+54 |
| | |||||
* | util.pubsub: Pass subscribers trough a filter callback | Kim Alvefur | 2019-06-06 | 1 | -0/+2 |
| | |||||
* | util.pubsub: Factor out calling of broadcaster | Kim Alvefur | 2019-06-06 | 1 | -4/+8 |
| | | | | This will simplify doing things along with broadcasting. | ||||
* | util.startup: Ensure prosody.paths are absolute (see #1430) | Kim Alvefur | 2019-11-04 | 1 | -1/+7 |
| | | | | | | | | Normally these paths are injected into the installed 'prosody' executable as absolute paths, but it is possible to override at least the config path via environment variable or command line argument. This makes sure a path relative to pwd stays relative to that instead of the data directory. | ||||
* | util.startup: Update config path (fixes #1430) | Kim Alvefur | 2019-11-03 | 1 | -1/+2 |
| | |||||
* | util.interpolation: Support unescaped variables with more modifiers (fixes ↵ | Kim Alvefur | 2019-10-20 | 1 | -3/+3 |
| | | | | | | #1452) Tests will be added in trunk. | ||||
* | util.serialization: Cache default serialization instance (fixes #1389) | Kim Alvefur | 2019-07-08 | 1 | -1/+6 |
| | | | | | | Most serialization uses still use the default serialize() and thus duplicate much of the setup, which negates some of the performance improvements of the rewrite. | ||||
* | util.sql: Ignore if tables and indices already exist on creation (fixes #1064) | Kim Alvefur | 2019-05-30 | 1 | -0/+6 |
| | | | | | | Tested with SQLite3 3.16.2 and 3.27.2 and Postgres 11. MySQL does not support IF NOT EXISTS for indices so not handled here. | ||||
* | util.random: Throw different error for EOL condition | Kim Alvefur | 2019-05-21 | 1 | -1/+5 |
| | |||||
* | util.random: Coerce error to string (thanks waqas) | Kim Alvefur | 2019-05-18 | 1 | -1/+1 |
| | | | | | In theory this could happen in an EOF condition, which should be impossible with a read from /dev/urandom. | ||||
* | util.random: Handle unlikely read errors from /dev/urandom (see #1313) | Kim Alvefur | 2019-05-18 | 1 | -1/+5 |
| | |||||
* | util.ip: Add missing netmask for 192.168/16 range (fixes #1343) | Kim Alvefur | 2019-04-14 | 1 | -1/+1 |
| | |||||
* | util.pubsub: Validate node configuration on node creation (fixes #1328) | Kim Alvefur | 2019-03-03 | 1 | -1/+10 |
| | |||||
* | util.pubsub: Add support for requesting multiple specific items (needed for ↵ | Kim Alvefur | 2019-01-28 | 1 | -8/+13 |
| | | | | #1305) | ||||
* | util.startup: Always reload logging after config (fixes #1284) | Kim Alvefur | 2019-01-06 | 1 | -0/+3 |
| | | | | | This chancged in 6e24a69b03af likely because of confusion about the `reopen-log-files` event which was fired but never hooked. | ||||
* | util.pubsub: Restore subscription index from stored data (fixes #1281) | Kim Alvefur | 2018-12-29 | 1 | -0/+14 |
| |