Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | prosodyctl: check turn: always show debug info even if test fails | Matthew Wild | 2022-03-05 | 1 | -11/+15 |
| | |||||
* | prosodyctl: check turn: Clearer error when unable to resolve external ↵ | Matthew Wild | 2022-03-05 | 1 | -1/+1 |
| | | | | service host | ||||
* | prosodyctl: check: include TURN checks by default | Matthew Wild | 2022-03-05 | 1 | -2/+2 |
| | |||||
* | prosodyctl: check: Slightly improved argument handling | Matthew Wild | 2022-03-05 | 1 | -1/+11 |
| | |||||
* | prosodyctl: check turn: show relayed address(es) in verbose mode | Matthew Wild | 2022-03-05 | 1 | -0/+7 |
| | |||||
* | prosodyctl: check turn: Allow specifying port for the ping service | Matthew Wild | 2022-03-05 | 1 | -2/+9 |
| | |||||
* | prosodyctl: check turn: Add support for testing data relay with an external ↵ | Matthew Wild | 2022-03-05 | 1 | -4/+88 |
| | | | | STUN server via --ping | ||||
* | util.bit53: Support for more than 2 arguments, for compat with bit32 | Matthew Wild | 2022-03-04 | 1 | -3/+27 |
| | |||||
* | Merge config-updates+check-turn from timber | Matthew Wild | 2022-03-04 | 7 | -7/+174 |
|\ | |||||
| * | util.bit53: Add left- and right shift operations | Kim Alvefur | 2021-06-28 | 1 | -0/+2 |
| | | | | | | | | | | While not used by anything in Prosody, it is known to be used by some 3rd party modules. | ||||
| * | util.prosodyctl: check turn: New command to verify STUN/TURN service is ↵ | Matthew Wild | 2022-03-04 | 1 | -2/+163 |
| | | | | | | | | operational | ||||
| * | util.hex: Deprecate to/from in favour of encode/decode, for consistency! | Matthew Wild | 2022-03-04 | 4 | -4/+8 |
| | | |||||
| * | core.certmanager: Turn soft dependency on LuaSec into a hard | Kim Alvefur | 2022-02-10 | 1 | -1/+1 |
| | | | | | | | | | | | | The default network backend server_epoll already requires LuaSec so Prosody won't even start without it, so we can get rid of these lines here too. | ||||
* | | prosodyctl: check dns: Allow admin to specify undiscoverable external IPs in ↵ | Matthew Wild | 2022-03-02 | 1 | -0/+5 |
| | | | | | | | | config | ||||
* | | prosodyctl: check dns: List discovered addresses for diagnostic purposes | Matthew Wild | 2022-03-02 | 1 | -0/+16 |
| | | | | | | | | | | | | It is very common to get the "unknown address" warning with this command, but people do not always understand it, or know how to debug it. Now we clearly show the addresses that prosodyctl discovered. | ||||
* | | util.prosodyctl: check: warn about unreferenced components, suggest disco_items | Matthew Wild | 2022-03-02 | 1 | -0/+35 |
| | | |||||
* | | util.prosodyctl: Warn about enabled public registration in 'check config' | Matthew Wild | 2022-03-02 | 1 | -0/+28 |
| | | |||||
* | | util.async: Optionally allow too many 'done' callbacks | Kim Alvefur | 2022-02-22 | 1 | -2/+2 |
|/ | | | | | Sometimes, like in mod_c2s and mod_s2s during shutdown, all you want is to wait for the first done() and not complicate things. | ||||
* | prosody: Move last cleanup and shutdown code into util.startup | Kim Alvefur | 2019-01-01 | 1 | -0/+16 |
| | |||||
* | util.dns: Remove compat for pre-0.11 lack of inet_ntop binding | Kim Alvefur | 2022-02-15 | 1 | -32/+3 |
| | | | | The inet_ntop binding was added in 8b612ec00e4a and included in 0.11.0 | ||||
* | util.dns: Replace base16 implementation with util.hex | Kim Alvefur | 2022-02-15 | 1 | -10/+1 |
| | | | | Less code! | ||||
* | util.dependencies: Refer to 'apt' instead of 'apt-get' | Kim Alvefur | 2022-02-13 | 1 | -6/+6 |
| | | | | | The more modern and user friendly frontend, should be in every supported version of Debian and Ubuntu by now | ||||
* | util.startup: Enable DANE in http client library with use_dane | Kim Alvefur | 2022-02-05 | 1 | -0/+1 |
| | |||||
* | util.xml: Add an option to allow <?processing instructions?> | Kim Alvefur | 2022-02-04 | 1 | -1/+4 |
| | | | | | These should generally be safe to just ignore, which should be the default behavior of Expat and LuaExpat | ||||
* | util.format: Fix typo in comment [codespell] | Kim Alvefur | 2022-02-04 | 1 | -1/+1 |
| | |||||
* | Revert util.debug change accidentally committed in e157e5c79daa | Matthew Wild | 2022-02-04 | 1 | -1/+1 |
| | |||||
* | util.pluginloader: Fix method to return any module metadata (luacheck) | Matthew Wild | 2022-02-04 | 1 | -1/+1 |
| | |||||
* | util.pluginloader: Support for a per-file load filter | Matthew Wild | 2022-02-03 | 1 | -6/+14 |
| | | | | | Load filters can choose to block the loading of certain files, and optionally return some metadata about the loaded file. | ||||
* | util.pluginloader: Support for multiple pluginloader instances, and options | Matthew Wild | 2022-02-03 | 2 | -11/+29 |
| | |||||
* | util.startup: Teach prosodyctl to be completely --silent | Kim Alvefur | 2021-11-28 | 1 | -0/+3 |
| | |||||
* | util.startup: Teach prosodyctl to be --quiet as complement to --verbose | Kim Alvefur | 2021-11-28 | 1 | -1/+7 |
| | | | | | | | | Original motivation was tiresome warnings about Lua 5.4 not being supported yet. Can still be handy to tweak log level, e.g. to prevent logging to interfere with command output. | ||||
* | util.dns: Minor updates of SVCB parser | Kim Alvefur | 2022-02-02 | 1 | -1/+2 |
| | | | | Now based on draft-ietf-dnsop-svcb-https-08 | ||||
* | util.dns: Implement SVCB record parser | Kim Alvefur | 2020-10-04 | 1 | -0/+54 |
| | | | | Based on draft-ietf-dnsop-svcb-https-00 | ||||
* | util.dns: Fix returning read position after zero-length name | Kim Alvefur | 2020-10-04 | 1 | -1/+1 |
| | | | | | | Doesn't affect normal usage by Prosody since neither A nor AAAA records use this and SRV records has the host name last so the position is not needed. | ||||
* | util.dnsregistry: Regenerate from IANA registry | Kim Alvefur | 2022-02-02 | 1 | -57/+120 |
| | | | | | Note the duplicate 9 and 16 entries, neither of which are especially relevant for our resolver usage. | ||||
* | util.dns: Move DNS parameters details into util.dnsregistry | Kim Alvefur | 2020-10-04 | 2 | -56/+63 |
| | | | | | Goal is to regenerate this file from the IANA registry using a tool. Having it in a separate file will reduce vcs noise in util.dns | ||||
* | util.prosodyctl.check: Fix reset of libunbound before DNS checks | Kim Alvefur | 2022-02-01 | 1 | -1/+1 |
| | | | | | | | Probably worked anyway but settings might not always have been applied depending on what order things happens in. Error was hidden by the pcall, which was sorta intentional... | ||||
* | util.prosodyctl.check: Fix A/AAAA check for proxy65 and http | Kim Alvefur | 2022-01-30 | 1 | -2/+2 |
| | | | | | | When there are no records to return the return value from dns.lookup() might be nil or might be a table containing zero records, depending on which DNS library is used | ||||
* | util.prosodyctl.check: Include multiplexed ports in DNS checks #1704 | Kim Alvefur | 2022-01-30 | 1 | -0/+13 |
| | |||||
* | util.format: Expand explanation of purpose in comments | Kim Alvefur | 2022-01-27 | 1 | -1/+6 |
| | |||||
* | util.format: Skip control code escaping when doing full serialization | Kim Alvefur | 2022-01-27 | 1 | -1/+1 |
| | | | | | | Fixes that a multi-line string ended up "like\ \9this" instead of "like\nthis" as can be demonstrated by somehow initiating a connection to a HTTP server. | ||||
* | util.prosodyctl.cert: Look for certs matching 'http_host' | Kim Alvefur | 2022-01-27 | 1 | -0/+4 |
| | | | | | This should ensure any certificate needed for HTTP services will also be included in the certificate import. | ||||
* | util.prosodyctl.check: Fix use of LuaSocket URL parser | Kim Alvefur | 2022-01-27 | 1 | -1/+1 |
| | |||||
* | util.prosodyctl.check: Add HTTP related DNS checks | Kim Alvefur | 2022-01-27 | 1 | -8/+41 |
| | | | | | Since XEP-0363 is essentially mandatory now this will hopefully help diagnose some common issues. | ||||
* | util.prosodyctl.cert: Look for certificates in a consistent order | Kim Alvefur | 2022-01-26 | 1 | -0/+9 |
| | | | | | | | | | Shortest first, then alphabetically, so that it prefers the base domain over subdomains. Fixes that it might otherwise pick a random sub-domain for filename on each run, cluttering the certs directory and potentially tricking Prosody into using an older certificate that might be about to expire. | ||||
* | util.xtemplate: Yet another string template library | Kim Alvefur | 2022-01-24 | 1 | -0/+86 |
| | | | | | | This one takes a stanza as input Roughly based on util.interpolation | ||||
* | Merge 0.11->trunk | Kim Alvefur | 2022-01-20 | 1 | -13/+5 |
|\ | |||||
| * | util.xml: Deduplicate handlers for restricted XML0.11.13 | Kim Alvefur | 2022-01-20 | 1 | -12/+5 |
| | | | | | | | | | | Makes the code more like util.xmppstream, allowing easier comparisons if we ever need to apply fixes in the future. | ||||
| * | util.xml: Break reference to help the GC (fix #1711) | Kim Alvefur | 2022-01-20 | 1 | -5/+4 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | LuaExpat uses a registry reference to track handlers, which makes it so that an upvalue like this creates a reference loop that keeps the parser and its handlers from being garbage collected. The same issue has affected util.xmppstream in the past. Code for checking: local xml_parse = require"util.xml".parse; for i = 1, 10000 do xml_parse("<root/>") end collectgarbage(); collectgarbage(); print(collectgarbage("count"), "KiB"); A future release of LuaExpat may fix the underlying issue there. | ||||
| * | util.xml: Do not allow doctypes, comments or processing instructions0.11.12 | Jonas Schäfer | 2022-01-10 | 1 | -2/+23 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Yes. This is as bad as it sounds. CVE pending. In Prosody itself, this only affects mod_websocket, which uses util.xml to parse the <open/> frame, thus allowing unauthenticated remote DoS using Billion Laughs. However, third-party modules using util.xml may also be affected by this. This commit installs handlers which disallow the use of doctype declarations and processing instructions without any escape hatch. It, by default, also introduces such a handler for comments, however, there is a way to enable comments nontheless. This is because util.xml is used to parse human-facing data, where comments are generally a desirable feature, and also because comments are generally harmless. |