aboutsummaryrefslogtreecommitdiffstats
path: root/util
Commit message (Collapse)AuthorAgeFilesLines
* util.promise: Remove line that was supposed to be removed in eb9814372c54Matthew Wild2022-10-071-1/+0
|
* util.promise: Remove some redundant checks, add tests confirming redundancyMatthew Wild2022-10-071-4/+0
| | | | | | | | | This lines don't appear to do anything useful, and all tests pass when they are removed. Discovered via mutation testing. I added extra tests to exercise this code, because I wasn't certain that there were no side-effects caused by removal. Everything appears to be fine, thanks to the "pending" check at the start of promise_settle().
* util.roles: Add a :policies() method to iterate through available policiesMatthew Wild2022-10-071-0/+10
| | | | | | We don't expose the policies directly, to force people to go through :may(). However, there are times when we really just need to know what policies a role has inside it (e.g. for reporting or debugging purposes).
* util.roles: Return nil if the role has no explicit policy (fixes inheritance)Matthew Wild2022-10-071-1/+1
| | | | | | | | Previously, if the first inherited role had no opinion, it returned false and prevented further consultation of other inherited roles. This bug was found thanks to the implementation of missing test cases identified through mutation testing.
* util.iterators: join: Work even with only a single iterator in the chainMatthew Wild2022-10-061-1/+2
|
* prosodyctl: check turn: More clearly indicate the error is from TURN serverMatthew Wild2022-10-061-1/+1
|
* util.jwt: More robust ECDSA signature parsing, fail early on unexpected lengthMatthew Wild2022-09-301-1/+5
|
* util.jwt: Add support for ES512 (+ tests)Matthew Wild2022-09-291-0/+1
|
* util.crypto, util.jwt: Generate consistent signature sizes (via padding)Matthew Wild2022-09-291-4/+4
| | | | | | This fixes the signature parsing and building to work correctly. Sometimes a signature was one or two bytes too short, and needed to be padded. OpenSSL can do this for us.
* Merge 0.12->trunkKim Alvefur2022-09-151-0/+5
|\
| * util.stanza: Return nil instead of nothing (fix test with luassert >=1.9)Kim Alvefur2022-09-151-0/+5
| | | | | | | | | | Due to a change in luassert, a dependency luassert of the Busted test framework, returning nothing is no longer treated as not falsy.
| * luacheck: Shut up (backports 3caff1f93520, ignores module deleted in trunk)Kim Alvefur2022-05-301-2/+2
| |
* | util.paseto: Do strict type check in pae() functionKim Alvefur2022-07-111-0/+3
| | | | | | | | | | Fixes a test failure on Lua 5.4 where ipairs("") does not produce an error.
* | util.paseto: Drop custom wrappers around key objectsMatthew Wild2022-07-111-46/+5
| | | | | | | | | | | | | | | | | | | | The PASETO spec recommends - no, *requires* - that implementations enforce type safety for keys, and e.g. do not pass them around as arbitrary byte strings. Typed wrapper objects are recommended. I originally followed this advice when starting the lib. However, key wrapping and type safety is now also a feature of util.crypto. All we're doing is duplicating it unnecessarily with this additional wrapper code.
* | util.paseto: Export similar API to new util.jwt for ease and consistencyMatthew Wild2022-07-111-0/+21
| |
* | util.paseto: Error early on invalid keysMatthew Wild2022-07-111-0/+2
| |
* | util.paseto: Fix to decode footer before comparisonMatthew Wild2022-07-111-0/+1
| |
* | util.jwt: Add new init() convenience method to obtain both signer and verifierMatthew Wild2022-07-111-0/+6
| |
* | util.jwt: Consolidate payload parsing, ensure it's always a valid objectMatthew Wild2022-07-111-11/+13
| |
* | util.jwt: Provide built-in token expiry support (defaults to 3600s lifetime)Matthew Wild2022-07-111-3/+28
| | | | | | | | | | | | | | | | To avoid every user of the library needing to add and verify expiry info, this is now handled by util.jwt itself (if not overridden or disabled). Issuing tokens that are valid forever is bad practice and rarely desired, and the default token lifetime is now 3600s (1 hour).
* | util.jwt: All the algorithms (+ all the tests!)Matthew Wild2022-07-021-5/+12
| | | | | | | | Except 'none'. Not implementing that one.
* | util.crypto: More digests for sign/verify, use macros for clarity/consistencyMatthew Wild2022-07-021-2/+2
| |
* | util.jwt: Add support for RSA-based algorithms (RS256, PS256)Matthew Wild2022-07-021-14/+35
| |
* | util.jwt: Add support/tests for ES256 via improved API and using util.cryptoMatthew Wild2022-07-011-19/+121
| | | | | | | | | | | | | | | | | | | | | | In many cases code will be either signing or verifying. With asymmetric algorithms it's clearer and more efficient to just state that once, instead of passing keys (and possibly other parameters) with every sign/verify call. This also allows earlier validation of the key used. The previous (HS256-only) sign/verify methods continue to be exposed for backwards-compatibility.
* | util.paseto: Implementation of PASETO v4.public tokensMatthew Wild2022-06-241-0/+123
| | | | | | | | | | | | | | | | | | | | | | | | PASETO provides an alternative to JWT with the promise of fewer implementation pitfalls. The v4.public algorithm allows asymmetric cryptographically-verified token issuance and validation. In summary, such tokens can be issued by one party and securely verified by any other party independently using the public key of the issuer. This has a number of potential applications in a decentralized network and ecosystem such as XMPP. For example, such tokens could be combined with XEP-0317 to allow hats to be verified even in the context of a third-party MUC service.
* | util.stanza: Add add_error() to simplify adding error tags to existing stanzasMatthew Wild2022-08-291-25/+31
| | | | | | | | | | Some fiddling is required now in error_reply() to ensure the cursor is in the same place as before this change (a lot of code apparently uses that feature).
* | util.roles: Add new utility module to consolidate role objects and methodsMatthew Wild2022-07-191-0/+100
| |
* | util.session: Add role management methodsMatthew Wild2022-06-151-0/+6
| |
* | util.stanza: Add method for extracting a single attribute valueKim Alvefur2022-08-171-0/+8
| | | | | | | | | | | | | | | | | | Sometimes you only care about a single attribute, but the child tag itself may be optional, leading to needing `tag and tag.attr.foo` or `stanza:find("tag@foo")`. The `:find()` method is fairly complex, so avoiding it for this kind of simpler use case is a win.
* | util.datetime: Remove a lineKim Alvefur2022-08-171-2/+1
| | | | | | | | | | | | | | | | No idea why the locals were declared on a line by itself. Perhaps line length considerations? But saving 6 characters in width by adding a whole line with 47 characters seems excessive. This is still within the 150 character limit set by .luacheckrc
* | util.datetime: Add support for sub-second precision timestampsKim Alvefur2022-08-141-7/+19
| | | | | | | | | | | | Lua since 5.3 raises a fuss when time functions are handed a number with a fractional part and the underlying C functions are all based on integer seconds without support for more precision.
* | doap: Update XEP versions for which no code changes appear neededKim Alvefur2022-08-081-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | XEP-0004: Partial forms are handled XEP-0045: We're already strict with GC 1.0 XEP-0060: Change in semantics wrt 'pubsub#type', but not in code XEP-0115: No protocol change XEP-0138: Specification moved to Obsolete XEP-0163: Editorial only change XEP-0215: Minor schema change XEP-0280: Editorial change XEP-0297: Had the wrong version number XEP-0106: Note missing piece for version 1.1 XEP-0313: Editorial change XEP-0363: Editorial clarification, no code change required XEP-0380: Registry additions, no code change needed XEP-0384: Not directly supported, only here because people will ask otherwise XEP-0445: Broken out of XEP-0401
* | various: Update IETF RFC URLs for tools.ietf.org transitionKim Alvefur2022-08-051-6/+6
| | | | | | | | | | | | See https://www.ietf.org/blog/finalizing-ietf-tools-transition/ Already done in various other places.
* | util.sasl.scram: Add 'tls-exporter' as recognised channel binding methodKim Alvefur2022-07-271-1/+1
| | | | | | | | | | The last missing piece of #1760, otherwise SCRAM-SHA-*-PLUS is not actually advertised.
* | compat: Use table.pack (there since Lua 5.2) over our util.tableKim Alvefur2022-07-113-3/+3
| | | | | | | | | | Added in d278a770eddc avoid having to deal with its absence in Lua 5.1. No longer needed when Lua 5.1 support is dropped.
* | compat: Remove handling of Lua 5.1 location of 'unpack' functionKim Alvefur2022-07-117-7/+7
| |
* | Merge 0.12->trunkKim Alvefur2022-07-082-145/+168
|\|
| * util.datamapper: Improve handling of schemas with non-obvious "type"Kim Alvefur2022-07-081-10/+27
| | | | | | | | | | | | | | | | | | | | | | | | The JSON Schema specification says that schemas are objects or booleans, and that the 'type' property is optional and can be an array. This module previously allowed bare type names as schemas and did not really handle booleans. It now handles missing 'type' properties and boolean 'true' as a schema. Objects and arrays are guessed based on the presence of 'properties' or 'items' field.
| * util.jsonschema: Fix validation to not assume presence of "type" fieldKim Alvefur2022-07-081-135/+141
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | MattJ reported a curious issue where validation did not work as expected. Primarily that the "type" field was expected to be mandatory, and thus leaving it out would result in no checks being performed. This was likely caused by misreading during initial development. Spent some time testing against https://github.com/json-schema-org/JSON-Schema-Test-Suite.git and discovered a multitude of issues, far too many to bother splitting into separate commits. More than half of them fail. Many because of features not implemented, which have been marked NYI. For example, some require deep comparisons e.g. when objects or arrays are present in enums fields. Some because of quirks with how Lua differs from JavaScript, e.g. no distinct array or object types. Tests involving fractional floating point numbers. We're definitely not going to follow references to remote resources. Or deal with UTF-16 sillyness. One test asserted that 1.0 is an integer, where Lua 5.3+ will disagree.
* | util.envload: Remove Lua 5.1 methodKim Alvefur2022-07-051-29/+10
| | | | | | | | | | | | Part of #1600 Is this module even needed anymore?
* | util: Remove various Lua 5.1 compatibility hacksKim Alvefur2022-07-025-31/+2
| | | | | | | | Part of #1600
* | util.dependencies: Reject Lua 5.1, Lua 5.2 or later is now required (see #1600)Kim Alvefur2022-07-021-2/+2
| |
* | util.dependencies: Deprecate support for Lua 5.1, this is your final warningKim Alvefur2022-06-301-1/+1
| |
* | util.hashes: Bind BLAKE2 algoritms supported by OpenSSLKim Alvefur2020-09-101-0/+2
| |
* | util.hashes: Expose sha224 and sha384 HMAC functionsKim Alvefur2020-11-291-0/+2
| | | | | | | | For completeness and consistency with set of plain hash functions
* | Merge 0.12->trunkKim Alvefur2022-06-141-1/+5
|\|
| * util.startup: Fix async waiting for last shutdown stepsKim Alvefur2022-06-141-1/+5
| | | | | | | | | | | | | | | | | | | | | | Observed problem: When shutting down prosody would immediately exit after waiting for s2s connections to close, skipping the last cleanup events and reporting the exit reason and code. This happens because prosody.main_thread is in a waiting state and queuing startup.shutdown is dispatched trough the main loop via nexttick, but since the main loop was no longer running at that point it proceeded to the end of the prosody script and exited there.
* | util.watchdog: Allow passing a new timeout to :reset()Matthew Wild2022-06-111-1/+4
| |
* | util.watchdog: Allow :reset() to restart a cancelled watchdogMatthew Wild2022-06-111-5/+6
| |
* | util.watchdog: Update to use "new" util.timer APIMatthew Wild2022-06-111-13/+16
| | | | | | | | | | | | | | | | | | | | | | | | When this module was written, it wasn't possible to cancel or reschedule a timer. Times have changed, and we should take advantage of those new methods. This module becomes a very thin wrapper around util.timer now, but I'd argue it's still a very common and useful concept/abstraction to have around. Possible API change: this removes the 'last_reset' field of the watchdog. This was never really intended as a public thing, and I can't find any code that uses it, so I consider removal to be safe.