From 4b105e01bb7e2ff414c622b775c9facca35cf80f Mon Sep 17 00:00:00 2001
From: Kim Alvefur <zash@zash.se>
Date: Wed, 3 Apr 2013 15:38:18 +0200
Subject: configure: Add RUNWITH to --help

---
 configure | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/configure b/configure
index 5c6439fc..4a268385 100755
--- a/configure
+++ b/configure
@@ -41,6 +41,8 @@ Configure Prosody prior to building.
                             Default is "$LUA_SUFFIX" (lua$LUA_SUFFIX...)
 --with-lua=PREFIX           Use Lua from given prefix.
                             Default is $LUA_DIR
+--runwith=BINARY            What Lua binary to set as runtime environment.
+                            Default is $RUNWITH
 --with-lua-include=DIR      You can also specify Lua's includes dir.
                             Default is \$LUA_DIR/include
 --with-lua-lib=DIR          You can also specify Lua's libraries dir.
-- 
cgit v1.2.3


From 901b5981d04e5a8232536ce4386e0bd87f14a120 Mon Sep 17 00:00:00 2001
From: Kim Alvefur <zash@zash.se>
Date: Wed, 3 Apr 2013 15:48:49 +0200
Subject: configure: Replaces tabs with spaces in --help

---
 configure | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/configure b/configure
index 4a268385..ecf77a86 100755
--- a/configure
+++ b/configure
@@ -49,9 +49,9 @@ Configure Prosody prior to building.
                             Default is \$LUA_DIR/lib
 --with-idn=LIB              The name of the IDN library to link with.
                             Default is $IDN_LIB
---idn-library=(idn|icu)		 Select library to use for IDNA functionality.
-									 idn: use GNU libidn (default)
-									 icu: use ICU from IBM
+--idn-library=(idn|icu)     Select library to use for IDNA functionality.
+                            idn: use GNU libidn (default)
+                            icu: use ICU from IBM
 --with-ssl=LIB              The name of the SSL to link with.
                             Default is $OPENSSL_LIB
 --cflags=FLAGS              Flags to pass to the compiler
-- 
cgit v1.2.3


From 28f67a802231d1daa8dfe046064d61c3fdbb6a88 Mon Sep 17 00:00:00 2001
From: Kim Alvefur <zash@zash.se>
Date: Thu, 4 Apr 2013 19:21:47 +0200
Subject: mod_s2s: Add COMPAT cahin verification code for older LuaSec versions

---
 plugins/mod_s2s/mod_s2s.lua | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/plugins/mod_s2s/mod_s2s.lua b/plugins/mod_s2s/mod_s2s.lua
index 639f464b..1547345d 100644
--- a/plugins/mod_s2s/mod_s2s.lua
+++ b/plugins/mod_s2s/mod_s2s.lua
@@ -15,6 +15,7 @@ local core_process_stanza = prosody.core_process_stanza;
 local tostring, type = tostring, type;
 local t_insert = table.insert;
 local xpcall, traceback = xpcall, debug.traceback;
+local NULL = {};
 
 local add_task = require "util.timer".add_task;
 local st = require "util.stanza";
@@ -226,11 +227,19 @@ local function check_cert_status(session)
 	end
 
 	if cert then
-		local chain_valid, errors = conn:getpeerverification()
+		local chain_valid, errors;
+		if conn.getpeerverification then
+			chain_valid, errors = conn:getpeerverification();
+		elseif conn.getpeerchainvalid then -- COMPAT mw/luasec-hg
+			chain_valid, errors = conn:getpeerchainvalid();
+			errors = (not chain_valid) and { { errors } } or nil;
+		else
+			chain_valid, errors = false, { { "Chain verification not supported by this version of LuaSec" } };
+		end
 		-- Is there any interest in printing out all/the number of errors here?
 		if not chain_valid then
 			(session.log or log)("debug", "certificate chain validation result: invalid");
-			for depth, t in ipairs(errors) do
+			for depth, t in ipairs(errors or NULL) do
 				(session.log or log)("debug", "certificate error(s) at depth %d: %s", depth-1, table.concat(t, ", "))
 			end
 			session.cert_chain_status = "invalid";
-- 
cgit v1.2.3


From bd72dc3f8816eba31da05ade9c5ed8478571515b Mon Sep 17 00:00:00 2001
From: Kim Alvefur <zash@zash.se>
Date: Thu, 4 Apr 2013 20:05:35 +0200
Subject: util.stanza: Add stanza:find(), a light weight XPath-like method

---
 util/stanza.lua | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/util/stanza.lua b/util/stanza.lua
index 213ed506..59c88c4e 100644
--- a/util/stanza.lua
+++ b/util/stanza.lua
@@ -18,6 +18,7 @@ local pairs         =         pairs;
 local ipairs        =        ipairs;
 local type          =          type;
 local s_gsub        =   string.gsub;
+local s_sub         =    string.sub;
 local s_find        =   string.find;
 local os            =            os;
 
@@ -174,6 +175,31 @@ function stanza_mt:maptags(callback)
 	return self;
 end
 
+function stanza_mt:find(path)
+	local pos = 1;
+	local len = #path + 1;
+
+	repeat
+		local xmlns, name, text;
+		local char = s_sub(path, pos, pos);
+		if char == "@" then
+			return self.attr[s_sub(path, pos + 1)];
+		elseif char == "{" then
+			xmlns, pos = s_match(path, "^([^}]+)}()", pos + 1);
+		end
+		name, text, pos = s_match(path, "^([^@/#]*)([/#]?)()", pos);
+		name = name ~= "" and name or nil;
+		if pos == len then
+			if text == "#" then
+				return self:get_child_text(name, xmlns);
+			end
+			return self:get_child(name, xmlns);
+		end
+		self = self:get_child(name, xmlns);
+	until not self
+end
+
+
 local xml_escape
 do
 	local escape_table = { ["'"] = "&apos;", ["\""] = "&quot;", ["<"] = "&lt;", [">"] = "&gt;", ["&"] = "&amp;" };
-- 
cgit v1.2.3


From 7cd207a8f6309b151c99970c46888a7bb3360f76 Mon Sep 17 00:00:00 2001
From: Marco Cirillo <maranda@lightwitch.org>
Date: Thu, 4 Apr 2013 23:36:30 +0000
Subject: portmanager: add logic to allow specification of service default
 values for ssl config and / or overrides.

---
 core/portmanager.lua | 31 ++++++++++++++++++++++++++++---
 1 file changed, 28 insertions(+), 3 deletions(-)

diff --git a/core/portmanager.lua b/core/portmanager.lua
index 68c7617a..1b3740cf 100644
--- a/core/portmanager.lua
+++ b/core/portmanager.lua
@@ -70,6 +70,16 @@ prosody.events.add_handler("item-removed/net-provider", function (event)
 	unregister_service(item.name, item);
 end);
 
+local function duplicate_ssl_config(ssl_config)
+	local ssl_config = type(ssl_config) == "table" and ssl_config or {};
+
+	local _config = {};
+	for k, v in pairs(ssl_config) do
+		_config[k] = v;
+	end
+	return _config;
+end
+
 --- Public API
 
 function activate(service_name)
@@ -114,9 +124,24 @@ function activate(service_name)
 				local err;
 				-- Create SSL context for this service/port
 				if service_info.encryption == "ssl" then
-					local ssl_config = config.get("*", config_prefix.."ssl");
-					ssl, err = certmanager.create_context(service_info.name.." port "..port, "server", ssl_config and (ssl_config[port_number]
-						or (ssl_config.certificate and ssl_config)));
+					local ssl_config = duplicate_ssl_config((config.get("*", config_prefix.."ssl") and config.get("*", config_prefix.."ssl")[interface])
+								or (config.get("*", config_prefix.."ssl") and config.get("*", config_prefix.."ssl")[port])
+								or config.get("*", config_prefix.."ssl")
+								or (config.get("*", "ssl") and config.get("*", "ssl")[interface])
+								or (config.get("*", "ssl") and config.get("*", "ssl")[port])
+								or config.get("*", "ssl"));
+					-- add default entries for, or override ssl configuration
+					if ssl_config and service_info.ssl_config then
+						for key, value in pairs(service_info.ssl_config) do
+							if not service_info.ssl_config_override and not ssl_config[key] then
+								ssl_config[key] = value;
+							elseif service_info.ssl_config_override then
+								ssl_config[key] = value;
+							end
+						end
+					end
+
+					ssl, err = certmanager.create_context(service_info.name.." port "..port, "server", ssl_config);
 					if not ssl then
 						log("error", "Error binding encrypted port for %s: %s", service_info.name, error_to_friendly_message(service_name, port_number, err) or "unknown error");
 					end
-- 
cgit v1.2.3


From 622306813b8b60b3f574d122f14a9f1b8051797d Mon Sep 17 00:00:00 2001
From: Marco Cirillo <maranda@lightwitch.org>
Date: Thu, 4 Apr 2013 23:41:36 +0000
Subject: mod_http: disable ssl peer verification by default.

---
 plugins/mod_http.lua | 1 +
 1 file changed, 1 insertion(+)

diff --git a/plugins/mod_http.lua b/plugins/mod_http.lua
index 2fa87421..0689634e 100644
--- a/plugins/mod_http.lua
+++ b/plugins/mod_http.lua
@@ -139,6 +139,7 @@ module:provides("net", {
 	listener = server.listener;
 	default_port = 5281;
 	encryption = "ssl";
+	ssl_config = { verify = "none" };
 	multiplex = {
 		pattern = "^[A-Z]";
 	};
-- 
cgit v1.2.3


From 23fdba8f6bd0d7a0b98d6b8b61fdf6207e6785e2 Mon Sep 17 00:00:00 2001
From: Marco Cirillo <maranda@lightwitch.org>
Date: Fri, 5 Apr 2013 04:49:32 +0000
Subject: prosody: load rostermanager after usermanager during environment
 initialization.

---
 prosody | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/prosody b/prosody
index 875140de..9a88eac0 100755
--- a/prosody
+++ b/prosody
@@ -290,12 +290,12 @@ function load_secondary_libraries()
 	--- Load and initialise core modules
 	require "util.import"
 	require "util.xmppstream"
-	require "core.rostermanager"
 	require "core.stanza_router"
 	require "core.hostmanager"
 	require "core.portmanager"
 	require "core.modulemanager"
 	require "core.usermanager"
+	require "core.rostermanager"
 	require "core.sessionmanager"
 	package.loaded['core.componentmanager'] = setmetatable({},{__index=function()
 		log("warn", "componentmanager is deprecated: %s", debug.traceback():match("\n[^\n]*\n[ \t]*([^\n]*)"));
-- 
cgit v1.2.3


From 123fef628e6b8ba0da52a05d9186cddcc265ccec Mon Sep 17 00:00:00 2001
From: Marco Cirillo <maranda@lightwitch.org>
Date: Fri, 5 Apr 2013 04:52:11 +0000
Subject: rostermanager: do not save rosters for unexistant users.

---
 core/rostermanager.lua | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/core/rostermanager.lua b/core/rostermanager.lua
index f14bb435..5e06e3f7 100644
--- a/core/rostermanager.lua
+++ b/core/rostermanager.lua
@@ -18,6 +18,7 @@ local hosts = hosts;
 local bare_sessions = bare_sessions;
 
 local datamanager = require "util.datamanager"
+local um_user_exists = require "core.usermanager".user_exists;
 local st = require "util.stanza";
 
 module "rostermanager"
@@ -105,6 +106,11 @@ function load_roster(username, host)
 end
 
 function save_roster(username, host, roster)
+	if not um_user_exists(username, host) then
+		log("debug", "not saving roster for %s@%s: the user doesn't exist", username, host);
+		return nil;
+	end
+
 	log("debug", "save_roster: saving roster for %s@%s", username, host);
 	if not roster then
 		roster = hosts[host] and hosts[host].sessions[username] and hosts[host].sessions[username].roster;
-- 
cgit v1.2.3


From 35c29e6177000d7adc28fbc35e48293fc958a63b Mon Sep 17 00:00:00 2001
From: Matthew Wild <mwild1@gmail.com>
Date: Fri, 5 Apr 2013 10:01:02 +0100
Subject: mod_storage_none: A null-like storage provider that returns all
 stores as empty, and fails to save anything to them

---
 plugins/mod_storage_none.lua | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)
 create mode 100644 plugins/mod_storage_none.lua

diff --git a/plugins/mod_storage_none.lua b/plugins/mod_storage_none.lua
new file mode 100644
index 00000000..8f2d2f56
--- /dev/null
+++ b/plugins/mod_storage_none.lua
@@ -0,0 +1,23 @@
+local driver = {};
+local driver_mt = { __index = driver };
+
+function driver:open(store)
+	return setmetatable({ store = store }, driver_mt);
+end
+function driver:get(user)
+	return {};
+end
+
+function driver:set(user, data)
+	return nil, "Storage disabled";
+end
+
+function driver:stores(username)
+	return { "roster" };
+end
+
+function driver:purge(user)
+	return true;
+end
+
+module:provides("storage", driver);
-- 
cgit v1.2.3