From c2c1bc2a973b35f843589f3ccf98c334a780c3bf Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Sun, 18 Nov 2018 14:57:29 +0000 Subject: prosody.cfg.lua.dist: Add https_certificate option --- prosody.cfg.lua.dist | 3 +++ 1 file changed, 3 insertions(+) diff --git a/prosody.cfg.lua.dist b/prosody.cfg.lua.dist index b6ea2ecb..f1329729 100644 --- a/prosody.cfg.lua.dist +++ b/prosody.cfg.lua.dist @@ -183,6 +183,9 @@ log = { -- Location of directory to find certificates in (relative to main config file): certificates = "certs" +-- HTTPS currently only supports a single certificate, specify it here: +--https_certificate = "certs/localhost.crt" + ----------- Virtual hosts ----------- -- You need to add a VirtualHost entry for each domain you wish Prosody to serve. -- Settings under each VirtualHost entry apply *only* to that host. -- cgit v1.2.3 From b1afa0042962756df029eaad97a5e1e6fae43238 Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Sun, 18 Nov 2018 15:05:15 +0000 Subject: prosody.cfg.lua.dist: Tidy up some comments --- prosody.cfg.lua.dist | 12 +----------- 1 file changed, 1 insertion(+), 11 deletions(-) diff --git a/prosody.cfg.lua.dist b/prosody.cfg.lua.dist index f1329729..f7f7b731 100644 --- a/prosody.cfg.lua.dist +++ b/prosody.cfg.lua.dist @@ -102,16 +102,10 @@ c2s_require_encryption = true -- Force servers to use encrypted connections? This option will -- prevent servers from authenticating unless they are using encryption. --- Note that this is different from authentication s2s_require_encryption = true - -- Force certificate authentication for server-to-server connections? --- This provides ideal security, but requires servers you communicate --- with to support encryption AND present valid, trusted certificates. --- NOTE: Your version of LuaSec must support certificate verification! --- For more information see https://prosody.im/doc/s2s#security s2s_secure_auth = false @@ -122,17 +116,13 @@ s2s_secure_auth = false --s2s_insecure_domains = { "insecure.example" } --- Even if you leave s2s_secure_auth disabled, you can still require valid +-- Even if you disable s2s_secure_auth, you can still require valid -- certificates for some domains by specifying a list here. --s2s_secure_domains = { "jabber.org" } -- Select the authentication backend to use. The 'internal' providers -- use Prosody's configured data storage to store the authentication data. --- To allow Prosody to offer secure authentication mechanisms to clients, the --- default provider stores passwords in plaintext. If you do not trust your --- server please see https://prosody.im/doc/modules/mod_auth_internal_hashed --- for information about using the hashed backend. authentication = "internal_hashed" -- cgit v1.2.3 From 6af619e67b64862ea07897393f8da618bd135a2b Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Sun, 18 Nov 2018 14:52:53 +0000 Subject: CHANGES: Update with release date --- CHANGES | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGES b/CHANGES index a5c185cc..136b7d2b 100644 --- a/CHANGES +++ b/CHANGES @@ -1,7 +1,7 @@ 0.11.0 ====== -**YYYY-MM-DD** (not yet) +**2018-11-18** New features ------------ -- cgit v1.2.3 -- cgit v1.2.3 From 38498588b43c93cbc2bc5de9f21cf8975b8169a1 Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Sun, 25 Nov 2018 13:04:37 +0100 Subject: MUC: Fix traceback on muc#admin query with missing child (#1242) Caused by a missing return statement introduced in 494938dec5d8 --- plugins/muc/muc.lib.lua | 1 + 1 file changed, 1 insertion(+) diff --git a/plugins/muc/muc.lib.lua b/plugins/muc/muc.lib.lua index 4060535a..7a7ddf41 100644 --- a/plugins/muc/muc.lib.lua +++ b/plugins/muc/muc.lib.lua @@ -904,6 +904,7 @@ function room_mt:handle_admin_query_set_command(origin, stanza) local item = stanza.tags[1].tags[1]; if not item then origin.send(st.error_reply(stanza, "cancel", "bad-request")); + return true; end if item.attr.jid then -- Validate provided JID item.attr.jid = jid_prep(item.attr.jid); -- cgit v1.2.3