From cbb1f06088661f0cdbaa04d26175f29613e9d57f Mon Sep 17 00:00:00 2001
From: Kim Alvefur <zash@zash.se>
Date: Mon, 9 Nov 2015 14:16:39 +0100
Subject: cert/openssl.cnf: Split CSR and self-signed extensions into separate
 sections (see d2d7ad2563f9)

---
 certs/openssl.cnf | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/certs/openssl.cnf b/certs/openssl.cnf
index 091409c4..ee17b1cf 100644
--- a/certs/openssl.cnf
+++ b/certs/openssl.cnf
@@ -13,8 +13,8 @@ SRVName  = 1.3.6.1.5.5.7.8.7
 default_bits       = 4096
 default_keyfile    = example.com.key
 distinguished_name = distinguished_name
-req_extensions     = v3_extensions
-x509_extensions    = v3_extensions
+req_extensions     = certrequest
+x509_extensions    = selfsigned
 
 # ask about the DN?
 prompt = no
@@ -28,16 +28,22 @@ organizationName       = Your Organisation
 organizationalUnitName = XMPP Department
 emailAddress           = xmpp@example.com
 
-[ v3_extensions ]
+[ certrequest ]
 
 # for certificate requests (req_extensions)
-# and self-signed certificates (x509_extensions)
 
 basicConstraints = CA:FALSE
 keyUsage         = digitalSignature,keyEncipherment
 extendedKeyUsage = serverAuth,clientAuth
 subjectAltName   = @subject_alternative_name
 
+[ selfsigned ]
+
+# and self-signed certificates (x509_extensions)
+
+basicConstraints = CA:TRUE
+subjectAltName = @subject_alternative_name
+
 [ subject_alternative_name ]
 
 # See http://tools.ietf.org/html/rfc6120#section-13.7.1.2 for more info.
-- 
cgit v1.2.3


From cb6f7a82c99c6956c5cd44f35d603343aa4c17db Mon Sep 17 00:00:00 2001
From: Kim Alvefur <zash@zash.se>
Date: Mon, 16 Nov 2015 15:24:36 +0100
Subject: prosody: Fix sleep call that relied on the no longer existing socket
 global

---
 prosody | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/prosody b/prosody
index 61be6c2e..47998583 100755
--- a/prosody
+++ b/prosody
@@ -372,8 +372,10 @@ function loop()
 		prosody.events.fire_event("very-bad-error", {error = err, traceback = traceback});
 	end
 	
+	local sleep = require"socket".sleep;
+
 	while select(2, xpcall(server.loop, catch_uncaught_error)) ~= "quitting" do
-		socket.sleep(0.2);
+		sleep(0.2);
 	end
 end
 
-- 
cgit v1.2.3


From 1bb13d90dded966c20d69af42ad1928c01b82332 Mon Sep 17 00:00:00 2001
From: Matthew Wild <mwild1@gmail.com>
Date: Tue, 17 Nov 2015 17:01:25 +0000
Subject: muc.lib: Fix pattern so that it doesn't match hashes containing null
 bytes, causing dropped stanzas (thanks Jitsi folk!)

---
 plugins/muc/muc.lib.lua | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/plugins/muc/muc.lib.lua b/plugins/muc/muc.lib.lua
index 8028f5ae..d42fb2eb 100644
--- a/plugins/muc/muc.lib.lua
+++ b/plugins/muc/muc.lib.lua
@@ -361,7 +361,7 @@ local function construct_stanza_id(room, stanza)
 end
 local function deconstruct_stanza_id(room, stanza)
 	local from_jid_possiblybare, to_nick = stanza.attr.from, stanza.attr.to;
-	local from_jid, id, to_jid_hash = (base64.decode(stanza.attr.id) or ""):match("^(.+)%z(.*)%z(.+)$");
+	local from_jid, id, to_jid_hash = (base64.decode(stanza.attr.id) or ""):match("^(%Z+)%z(%Z*)%z(.+)$");
 	local from_nick = room._jid_nick[from_jid];
 
 	if not(from_nick) then return; end
-- 
cgit v1.2.3