Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | util.dnsregistry: Remove unintentional 'Unassigned' record | Kim Alvefur | 2023-01-20 | 1 | -2/+1 |
| | |||||
* | mod_admin_socket: Fix typo in comments | Kim Alvefur | 2023-01-20 | 1 | -1/+1 |
| | | | | Introduced in 6966026262f4 | ||||
* | util.sqlite3: Skip prepared statements when no parameters are given | Kim Alvefur | 2022-08-01 | 1 | -0/+10 |
| | | | | | Seems CREATE INDEX is unhappy as a prepared statement. Perhaps because the table has not been COMMIT-ed yet? | ||||
* | util.sqlite3: Create util.error registry from headers | Kim Alvefur | 2021-10-01 | 1 | -35/+44 |
| | | | | The 'type' fields are a first guess. | ||||
* | util.sqlite3: SQLite3-only variant of util.sql using LuaSQLite3 | Kim Alvefur | 2022-08-01 | 1 | -0/+390 |
| | | | | http://lua.sqlite.org/ | ||||
* | Merge 0.12->trunk | Kim Alvefur | 2023-01-14 | 1 | -4/+8 |
|\ | |||||
| * | prosodyctl check dns: Check for Direct TLS SRV records even if not ↵ | Kim Alvefur | 2023-01-14 | 1 | -4/+8 |
| | | | | | | | | | | | | | | configured (fix #1793) Existing such records may cause timeouts or errors in clients and servers trying to connect, despite prosodyctl check saying all is well | ||||
* | | util.paseto: Add support for v3.local tokens | Matthew Wild | 2023-01-13 | 1 | -0/+98 |
| | | |||||
* | | util.paseto: Fix omitted parameter | Matthew Wild | 2023-01-13 | 1 | -1/+1 |
| | | |||||
* | | util.paseto: Stricter base64 decoding, as per spec | Matthew Wild | 2023-01-13 | 1 | -0/+11 |
| | | |||||
* | | util.openmetrics: Update tools.ietf.org URL to datatracker | Kim Alvefur | 2022-12-19 | 1 | -1/+1 |
| | | | | | | | | See bd9e006a7a74 for more context | ||||
* | | Revert unintentionally committed parts of 12bd40b8e105 | Kim Alvefur | 2022-12-21 | 1 | -1/+2 |
| | | |||||
* | | mod_c2s,mod_s2s: Adapt to XEP-xxxx: Stream Limits Advertisement | Kim Alvefur | 2022-10-20 | 1 | -2/+1 |
| | | | | | | | | Thanks MattJ | ||||
* | | Merge 0.12->trunk | Kim Alvefur | 2022-12-12 | 38 | -797/+729 |
|\ \ | |/ |/| | |||||
| * | util.hashring: Support associating arbitrary data with nodes | Matthew Wild | 2022-12-02 | 1 | -9/+23 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In this API, a 'node' is always a simple text string. Sometimes the caller may have a more complex structure representing a node, but the hash ring is really only concerned with the node's name. This API change allows :add_nodes() to take a table of `node_name = value` pairs, as well as the simple array of node names previously accepted. The 'value' of the selected node is returned as a new second result from :get_node(). If no value is passed when a node is added, it defaults to `true` (as before, but this was never previously exposed). | ||||
| * | Merge 0.12->trunk | Matthew Wild | 2022-11-04 | 1 | -5/+14 |
| |\ | |||||
| * | | util.prosodyctl.cert: Remove Lua 5.1 os.execute() return value compat | Kim Alvefur | 2022-10-20 | 1 | -1/+1 |
| | | | |||||
| * | | util.prosodyctl: Remove Lua 5.1 os.execute() return value compat | Kim Alvefur | 2022-10-20 | 1 | -2/+1 |
| | | | |||||
| * | | util.openssl: Remove Lua 5.1 os.execute() return value compat | Kim Alvefur | 2022-10-20 | 1 | -2/+1 |
| | | | |||||
| * | | util.human.io: Fix handling of os.execute() return values in Lua 5.2+ | Kim Alvefur | 2022-10-20 | 1 | -3/+3 |
| | | | | | | | | | | | | Wrong part of Lua 5.1 compat removed in 0f4feaf9ca64 | ||||
| * | | util.mathcompat: Module to ease reuse of math.type() | Kim Alvefur | 2022-10-20 | 4 | -10/+22 |
| | | | | | | | | | | | | | | | Mostly to ensure it is available during tests, as util.startup is not invoked there | ||||
| * | | util.startup: Provide a common Lua 5.3+ math.type() for Lua 5.2 | Kim Alvefur | 2022-10-19 | 4 | -9/+17 |
| | | | | | | | | | | | | Code deduplication | ||||
| * | | Merge 0.12->trunk | Kim Alvefur | 2022-10-20 | 1 | -1/+1 |
| |\ \ | |||||
| * | | | util.jid: Simplify boolean logic in conditionals | Matthew Wild | 2022-10-11 | 1 | -3/+3 |
| | | | | |||||
| * | | | util.jid: Remove redundant check from split() (micro-optimization?) | Matthew Wild | 2022-10-11 | 1 | -2/+1 |
| | | | | |||||
| * | | | util.dbuffer: Add efficient shortcuts for discard() in certain cases | Matthew Wild | 2022-10-11 | 1 | -2/+6 |
| | | | | | | | | | | | | | | | | | | | | | | | | If the buffer is already empty, nothing to do. If we're throwing away the whole buffer, we can just empty it and avoid read_chunk() (which in turn may collapse()). These shortcuts are much more efficient. | ||||
| * | | | util.dbuffer: Remove redundant code (read_chunk() cannot fail at this point) | Matthew Wild | 2022-10-11 | 1 | -7/+3 |
| | | | | |||||
| * | | | Merge 0.12->trunk | Kim Alvefur | 2022-10-09 | 1 | -3/+3 |
| |\ \ \ | |||||
| * | | | | util.promise: Remove line that was supposed to be removed in eb9814372c54 | Matthew Wild | 2022-10-07 | 1 | -1/+0 |
| | | | | | |||||
| * | | | | util.promise: Remove some redundant checks, add tests confirming redundancy | Matthew Wild | 2022-10-07 | 1 | -4/+0 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This lines don't appear to do anything useful, and all tests pass when they are removed. Discovered via mutation testing. I added extra tests to exercise this code, because I wasn't certain that there were no side-effects caused by removal. Everything appears to be fine, thanks to the "pending" check at the start of promise_settle(). | ||||
| * | | | | util.roles: Add a :policies() method to iterate through available policies | Matthew Wild | 2022-10-07 | 1 | -0/+10 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We don't expose the policies directly, to force people to go through :may(). However, there are times when we really just need to know what policies a role has inside it (e.g. for reporting or debugging purposes). | ||||
| * | | | | util.roles: Return nil if the role has no explicit policy (fixes inheritance) | Matthew Wild | 2022-10-07 | 1 | -1/+1 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, if the first inherited role had no opinion, it returned false and prevented further consultation of other inherited roles. This bug was found thanks to the implementation of missing test cases identified through mutation testing. | ||||
| * | | | | util.iterators: join: Work even with only a single iterator in the chain | Matthew Wild | 2022-10-06 | 1 | -1/+2 |
| | | | | | |||||
| * | | | | prosodyctl: check turn: More clearly indicate the error is from TURN server | Matthew Wild | 2022-10-06 | 1 | -1/+1 |
| | | | | | |||||
| * | | | | util.jwt: More robust ECDSA signature parsing, fail early on unexpected length | Matthew Wild | 2022-09-30 | 1 | -1/+5 |
| | | | | | |||||
| * | | | | util.jwt: Add support for ES512 (+ tests) | Matthew Wild | 2022-09-29 | 1 | -0/+1 |
| | | | | | |||||
| * | | | | util.crypto, util.jwt: Generate consistent signature sizes (via padding) | Matthew Wild | 2022-09-29 | 1 | -4/+4 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This fixes the signature parsing and building to work correctly. Sometimes a signature was one or two bytes too short, and needed to be padded. OpenSSL can do this for us. | ||||
| * | | | | Merge 0.12->trunk | Kim Alvefur | 2022-09-15 | 1 | -0/+5 |
| |\ \ \ \ | |||||
| * | | | | | util.paseto: Do strict type check in pae() function | Kim Alvefur | 2022-07-11 | 1 | -0/+3 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes a test failure on Lua 5.4 where ipairs("") does not produce an error. | ||||
| * | | | | | util.paseto: Drop custom wrappers around key objects | Matthew Wild | 2022-07-11 | 1 | -46/+5 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The PASETO spec recommends - no, *requires* - that implementations enforce type safety for keys, and e.g. do not pass them around as arbitrary byte strings. Typed wrapper objects are recommended. I originally followed this advice when starting the lib. However, key wrapping and type safety is now also a feature of util.crypto. All we're doing is duplicating it unnecessarily with this additional wrapper code. | ||||
| * | | | | | util.paseto: Export similar API to new util.jwt for ease and consistency | Matthew Wild | 2022-07-11 | 1 | -0/+21 |
| | | | | | | |||||
| * | | | | | util.paseto: Error early on invalid keys | Matthew Wild | 2022-07-11 | 1 | -0/+2 |
| | | | | | | |||||
| * | | | | | util.paseto: Fix to decode footer before comparison | Matthew Wild | 2022-07-11 | 1 | -0/+1 |
| | | | | | | |||||
| * | | | | | util.jwt: Add new init() convenience method to obtain both signer and verifier | Matthew Wild | 2022-07-11 | 1 | -0/+6 |
| | | | | | | |||||
| * | | | | | util.jwt: Consolidate payload parsing, ensure it's always a valid object | Matthew Wild | 2022-07-11 | 1 | -11/+13 |
| | | | | | | |||||
| * | | | | | util.jwt: Provide built-in token expiry support (defaults to 3600s lifetime) | Matthew Wild | 2022-07-11 | 1 | -3/+28 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | To avoid every user of the library needing to add and verify expiry info, this is now handled by util.jwt itself (if not overridden or disabled). Issuing tokens that are valid forever is bad practice and rarely desired, and the default token lifetime is now 3600s (1 hour). | ||||
| * | | | | | util.jwt: All the algorithms (+ all the tests!) | Matthew Wild | 2022-07-02 | 1 | -5/+12 |
| | | | | | | | | | | | | | | | | | | | | | | | | Except 'none'. Not implementing that one. | ||||
| * | | | | | util.crypto: More digests for sign/verify, use macros for clarity/consistency | Matthew Wild | 2022-07-02 | 1 | -2/+2 |
| | | | | | | |||||
| * | | | | | util.jwt: Add support for RSA-based algorithms (RS256, PS256) | Matthew Wild | 2022-07-02 | 1 | -14/+35 |
| | | | | | | |||||
| * | | | | | util.jwt: Add support/tests for ES256 via improved API and using util.crypto | Matthew Wild | 2022-07-01 | 1 | -19/+121 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In many cases code will be either signing or verifying. With asymmetric algorithms it's clearer and more efficient to just state that once, instead of passing keys (and possibly other parameters) with every sign/verify call. This also allows earlier validation of the key used. The previous (HS256-only) sign/verify methods continue to be exposed for backwards-compatibility. |