aboutsummaryrefslogtreecommitdiffstats
path: root/util
Commit message (Collapse)AuthorAgeFilesLines
...
* | util.sasl.oauthbearer: Return username from callback instead using authzid (BC)Kim Alvefur2023-03-161-33/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | RFC 6120 states that > If the initiating entity does not wish to act on behalf of another > entity, it MUST NOT provide an authorization identity. Thus it seems weird to require it here. We can instead expect an username from the token data passed back from the profile. This follows the practice of util.sasl.external where the profile callback returns the selected username, making the authentication module responsible for extracting the username from the token.
* | util.sasl.oauthbearer: Fix syntax error in b796e08e6376Matthew Wild2023-03-151-1/+1
| |
* | util.sasl.oauthbearer: Attach token_info to sasl handlerMatthew Wild2023-03-151-0/+2
| | | | | | | | | | | | This allows token-aware things to access extra information about the authentication, such as when the token is due to expire and the attached custom 'data'.
* | util.ip: Add ip.truncate() to return a new IP with only the prefix of anotherMatthew Wild2023-03-141-0/+12
| |
* | util.ip: Add is_ip() helper method to detect if an object is an ip objectMatthew Wild2023-03-141-0/+5
| |
* | util.sasl.oauthbearer: Fix traceback on authz in unexpected formatKim Alvefur2023-03-021-0/+4
| | | | | | | | | | | | E.g. if you were to just pass "username" without @hostname, the split will return nil, "username" and the nil gets passed to saslprep() and it does not like that.
* | util.sasl: Add SASL OAUTHBEARER mechanism (RFC 7628)Matthew Wild2023-03-012-4/+88
| |
* | Merge 0.12->trunkKim Alvefur2023-02-221-2/+2
|\|
| * util.prosodyctl.check: Suggest 'http_cors_override' instead of older CORS ↵Kim Alvefur2023-02-221-2/+2
| | | | | | | | | | | | | | | | settings The cross_domain_* settings were added here prior to http_cors_override being added back in 17d87fb2312a, so for a time there was no replacement, but now there is.
* | mod_storage_sql: Record connection to database as module statusKim Alvefur2023-01-302-4/+12
| | | | | | | | | | | | Allows retrieving this in e.g. a health reporting module Thanks pfak
* | Merge 0.12->trunkKim Alvefur2023-01-222-3/+3
|\|
| * util.startup: Close state on exit to ensure GC finalizers are calledKim Alvefur2023-01-221-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | Ensures a last round of garbage collection and that finalizers are called. Fixes things like proper closing of SQLite3 state. There are more calls to os.exit() but most of them exit with an error or in a case where a final GC sweep might not matter as much. It would be nice if this was the default. Calling util.statup.exit() everywhere may be sensible, but would be more involved, requiring imports everywhere.
| * util.prosodyctl.shell: Close state on exit to fix saving shell historyKim Alvefur2023-01-221-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This ensures a last round of garbage collection and finalizers, which should include flushing the readline history file. Test procedure: ``` $ ./prosodyctl shell prosody> s2s:show() -- any command that is not the last in history ... output prosody> bye $ ./prosodyctl shell prosody> ^P ``` After this, the shell prompt should contain the last command from before the "bye". Before this patch, recent history is gone most of the time.
* | util.dnsregistry: Remove unintentional 'Unassigned' recordKim Alvefur2023-01-201-2/+1
| |
* | mod_admin_socket: Fix typo in commentsKim Alvefur2023-01-201-1/+1
| | | | | | | | Introduced in 6966026262f4
* | util.sqlite3: Skip prepared statements when no parameters are givenKim Alvefur2022-08-011-0/+10
| | | | | | | | | | Seems CREATE INDEX is unhappy as a prepared statement. Perhaps because the table has not been COMMIT-ed yet?
* | util.sqlite3: Create util.error registry from headersKim Alvefur2021-10-011-35/+44
| | | | | | | | The 'type' fields are a first guess.
* | util.sqlite3: SQLite3-only variant of util.sql using LuaSQLite3Kim Alvefur2022-08-011-0/+390
| | | | | | | | http://lua.sqlite.org/
* | Merge 0.12->trunkKim Alvefur2023-01-141-4/+8
|\|
| * prosodyctl check dns: Check for Direct TLS SRV records even if not ↵Kim Alvefur2023-01-141-4/+8
| | | | | | | | | | | | | | configured (fix #1793) Existing such records may cause timeouts or errors in clients and servers trying to connect, despite prosodyctl check saying all is well
* | util.paseto: Add support for v3.local tokensMatthew Wild2023-01-131-0/+98
| |
* | util.paseto: Fix omitted parameterMatthew Wild2023-01-131-1/+1
| |
* | util.paseto: Stricter base64 decoding, as per specMatthew Wild2023-01-131-0/+11
| |
* | util.openmetrics: Update tools.ietf.org URL to datatrackerKim Alvefur2022-12-191-1/+1
| | | | | | | | See bd9e006a7a74 for more context
* | Revert unintentionally committed parts of 12bd40b8e105Kim Alvefur2022-12-211-1/+2
| |
* | mod_c2s,mod_s2s: Adapt to XEP-xxxx: Stream Limits AdvertisementKim Alvefur2022-10-201-2/+1
| | | | | | | | Thanks MattJ
* | Merge 0.12->trunkKim Alvefur2022-12-1238-797/+729
|\ \ | |/ |/|
| * util.hashring: Support associating arbitrary data with nodesMatthew Wild2022-12-021-9/+23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In this API, a 'node' is always a simple text string. Sometimes the caller may have a more complex structure representing a node, but the hash ring is really only concerned with the node's name. This API change allows :add_nodes() to take a table of `node_name = value` pairs, as well as the simple array of node names previously accepted. The 'value' of the selected node is returned as a new second result from :get_node(). If no value is passed when a node is added, it defaults to `true` (as before, but this was never previously exposed).
| * Merge 0.12->trunkMatthew Wild2022-11-041-5/+14
| |\
| * | util.prosodyctl.cert: Remove Lua 5.1 os.execute() return value compatKim Alvefur2022-10-201-1/+1
| | |
| * | util.prosodyctl: Remove Lua 5.1 os.execute() return value compatKim Alvefur2022-10-201-2/+1
| | |
| * | util.openssl: Remove Lua 5.1 os.execute() return value compatKim Alvefur2022-10-201-2/+1
| | |
| * | util.human.io: Fix handling of os.execute() return values in Lua 5.2+Kim Alvefur2022-10-201-3/+3
| | | | | | | | | | | | Wrong part of Lua 5.1 compat removed in 0f4feaf9ca64
| * | util.mathcompat: Module to ease reuse of math.type()Kim Alvefur2022-10-204-10/+22
| | | | | | | | | | | | | | | Mostly to ensure it is available during tests, as util.startup is not invoked there
| * | util.startup: Provide a common Lua 5.3+ math.type() for Lua 5.2Kim Alvefur2022-10-194-9/+17
| | | | | | | | | | | | Code deduplication
| * | Merge 0.12->trunkKim Alvefur2022-10-201-1/+1
| |\ \
| * | | util.jid: Simplify boolean logic in conditionalsMatthew Wild2022-10-111-3/+3
| | | |
| * | | util.jid: Remove redundant check from split() (micro-optimization?)Matthew Wild2022-10-111-2/+1
| | | |
| * | | util.dbuffer: Add efficient shortcuts for discard() in certain casesMatthew Wild2022-10-111-2/+6
| | | | | | | | | | | | | | | | | | | | | | | | If the buffer is already empty, nothing to do. If we're throwing away the whole buffer, we can just empty it and avoid read_chunk() (which in turn may collapse()). These shortcuts are much more efficient.
| * | | util.dbuffer: Remove redundant code (read_chunk() cannot fail at this point)Matthew Wild2022-10-111-7/+3
| | | |
| * | | Merge 0.12->trunkKim Alvefur2022-10-091-3/+3
| |\ \ \
| * | | | util.promise: Remove line that was supposed to be removed in eb9814372c54Matthew Wild2022-10-071-1/+0
| | | | |
| * | | | util.promise: Remove some redundant checks, add tests confirming redundancyMatthew Wild2022-10-071-4/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This lines don't appear to do anything useful, and all tests pass when they are removed. Discovered via mutation testing. I added extra tests to exercise this code, because I wasn't certain that there were no side-effects caused by removal. Everything appears to be fine, thanks to the "pending" check at the start of promise_settle().
| * | | | util.roles: Add a :policies() method to iterate through available policiesMatthew Wild2022-10-071-0/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We don't expose the policies directly, to force people to go through :may(). However, there are times when we really just need to know what policies a role has inside it (e.g. for reporting or debugging purposes).
| * | | | util.roles: Return nil if the role has no explicit policy (fixes inheritance)Matthew Wild2022-10-071-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, if the first inherited role had no opinion, it returned false and prevented further consultation of other inherited roles. This bug was found thanks to the implementation of missing test cases identified through mutation testing.
| * | | | util.iterators: join: Work even with only a single iterator in the chainMatthew Wild2022-10-061-1/+2
| | | | |
| * | | | prosodyctl: check turn: More clearly indicate the error is from TURN serverMatthew Wild2022-10-061-1/+1
| | | | |
| * | | | util.jwt: More robust ECDSA signature parsing, fail early on unexpected lengthMatthew Wild2022-09-301-1/+5
| | | | |
| * | | | util.jwt: Add support for ES512 (+ tests)Matthew Wild2022-09-291-0/+1
| | | | |
| * | | | util.crypto, util.jwt: Generate consistent signature sizes (via padding)Matthew Wild2022-09-291-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This fixes the signature parsing and building to work correctly. Sometimes a signature was one or two bytes too short, and needed to be padded. OpenSSL can do this for us.