prosody

Commit Graph

Author	SHA1	Message	Date
Kim Alvefur	a3e0630ac4	Merge 13.0->trunk	8 months ago
Kim Alvefur	5192f0f312	mod_s2s: Fix log to use formatting instead of concatenation (fixes #1461 ) Somehow this escaped semgrep, probably because the (x or y)() syntax. Thanks Ge0rG	8 months ago
Kim Alvefur	db92b07211	MUC: Ensure room-creating join stanza includes nickname (fix #1934 ) Prevents a traceback when attempting to validate an absent nickname.	8 months ago
Kim Alvefur	2f6cba208f	MUC: Factor out identification of join stanza Makes it easier to extend this condition without the line growing too long.	8 months ago
Kim Alvefur	09359b7daf	make: Add mod_cron to Teal targets	8 months ago
Kim Alvefur	66a99f6aa1	mod_cron: Move changes to Teal source Yes, it's annoying to have generated output in version control, but not sure yet if we want to keep Teal. It seems to do breaking syntax changes somewhat often.	8 months ago
Kim Alvefur	19126b5410	teal: Regenerate Lua files	8 months ago
Kim Alvefur	83dc01250e	make: Inject comment explaining where Teal-generated files come from	8 months ago
Kim Alvefur	43f624d71a	teal: Tweak formatting of generated Lua	8 months ago
Kim Alvefur	8feb59adae	util.xtemplate: Fix wrongful teal warning It claims the value is a stanza but it's in a `is string` block? Reported as https://github.com/teal-language/tl/issues/994	8 months ago
Kim Alvefur	c1b820172d	util.datamapper: Fix some Teal warnings	8 months ago
Kim Alvefur	2265f65457	teal: Remove trailing semicolons after return Apparently illegal syntax now, the nothing after the semicolon counts as a statement, which is not allowed after return?	8 months ago
Kim Alvefur	189f210503	Merge 13.0->trunk	8 months ago
Kim Alvefur	f14f1b331f	mod_http_files: Fail if missing the required 'http_files_dir' setting	8 months ago
Kim Alvefur	36591d492e	mod_http_files: Replace public API with errors Modules wishing to serve files directly from the file system should be using net.http.files instead, as per the error.	8 months ago
Kim Alvefur	382d6fdea6	Merge 13.0->trunk	8 months ago
Kim Alvefur	d4a20e5748	util.jsonschema: Simplify retrieval of UTF-8 length function	8 months ago
Kim Alvefur	b439ad72f1	MUC: Fix nickname registration form error handling (fixes #1930 ) `dataform:data()` always returns the first table of collected values, even if there are errors, so checking for its absence did not detect when a required field (the only field, nickname) was missing.	8 months ago
Kim Alvefur	e7ebe86694	util.prosodyctl.check: Improve reporting of DNS lookup problems Closes #1931	8 months ago
Kim Alvefur	1db909804b	mod_admin_shell: Fix matching logic in s2s:close (Thanks Menel) It was matching 'from' on the wrong field and the boolean logic was wrong.	9 months ago
Kim Alvefur	d723c0a6dd	net.http.files: Fix #1927 Problem was type confusion where the `data` variable was expected to be a string later but ended up being the table stored in the cache. Here a different variable is used for the cache entry and the data.	9 months ago
Kim Alvefur	052d497dee	util.jsonschema: Fix handling of `false` as schema Schemas can be either a boolean or a table (object) but since it only checked for truthiness, the case of `false` would be handled incorrectly. There seems to be no tests that cover `then` and `else` being `false`, only a couple that check the `if` keyword.	9 months ago
Matthew Wild	ea99104f0a	mod_http_file_share: Add media-src 'self' to Content-Security-Policy header This allows certain media files to be loaded when navigated to directly in a web browser. Note that in some browsers (Chrome), the media gets transformed internally into a HTML page with some basic styles, but these are blocked due to our default-src policy of 'none' Although this could be unblocked with style-src unsafe-inline, it is not our plan to fix this, because this would have negative security implications. The reason for our CSP is to prevent the file share service from being used to host malicious HTML/CSS/JS. Yes, CSS can be malicious. Our file share service is for uploading and downloading files, it is not a substitute for website/content hosting.	9 months ago
Kim Alvefur	ea2f97e9ed	mod_storage_sql: Also retrieve all SQLite3 indices Missed this in 2558be2daaca	9 months ago
Kim Alvefur	82f3dc3616	mod_invites: Consider password reset a distinct type wrt invite page This should prevent returning an invite web page unless it supports password resets.	9 months ago
Matthew Wild	68f2229e78	mod_invites_register: Don't restrict username for roster invites (thanks lissine) The username field of roster invites is the username of the inviter. It is not possible for a roster invite to restrict the registration username.	9 months ago
Kim Alvefur	7e16a71be8	mod_storage_internal: Fix queries with only start returning extra items Queries with start > last item would return one item, because there's some boundary condition in binary_search(). This is here fixed by always applying filters that omit items outside the requested range. See also 2374c7665d0b	9 months ago
Kim Alvefur	7340c4e1f2	mod_storage_sql: Retrieve all indices to see if the new one exists Otherwise it warns about it being missing, even if it exists.	9 months ago
Matthew Wild	aa37a70850	mod_invites_register: Stricter validation of registration events This fixes two problems: 1) Account invites that were created with a specific username were not in fact restricted to that username. 2) Password reset invites were not restricted to resetting passwords, but could be used to create an arbitrary new account if the client or registration frontend (e.g. mod_invites_register_web) doesn't handle/enforce the username. This new validation ensures that registrations and resets are always for the username specified in the invitation.	9 months ago
Matthew Wild	ac77dc3db2	prosodyctl check config: add recommendation to switch from admin_telnet to shell	9 months ago
Matthew Wild	22acb5626f	configmanager: Emit config warning when referencing non-existent value	9 months ago
Kim Alvefur	dcd0d7ad1f	mod_storage_sql: Mark unused argument as such Make `make lint` happy again	9 months ago
Kim Alvefur	4eb0e47d07	mod_storage_sql: Handle failure to deploy new UNIQUE index Somehow a user ended up with duplicate data preventing creation of the new unique index needed for UPSERT (see 3ec48555b773). This should eventually self-heal #1918 if the duplicate data is replaced by the older DELETE + INSERT method. Without any index at all, it will be slower.	9 months ago
Kim Alvefur	629b5b10b5	mod_http: Log problems parsing IP addresses in X-Forwarded-For (Thanks Boris)	9 months ago
Kim Alvefur	3873c984a3	mod_http: Fix IP address normalization (Thanks Boris) This fixes the problem that an un-bracketed IPv6 address will not match the first pattern (since it matches brackets) and instead the first decimal digits will match the pattern meant to strip port numbers from IPv4 addresses, e.g. 2001:db8::1 --> 2000 This pattern instead matches enough of a regular IPv4 address to make an IPv6 address fall back to the last case.	9 months ago
Kim Alvefur	86bb005c57	mod_storage_sql: Add shell command to create tables and indices (again) This is meant as a way to diagnose e.g. issues creating indices. It would have been nice to capture e.g. PostgreSQL notices, but LuaDBI would need support for this first, see https://github.com/mwild1/luadbi/issues/62	9 months ago
Kim Alvefur	79d0d2591d	mod_storage_sql: Delay showing SQL library error until attempted load This should ensure that e.g. failure to load LuaSQLite3 is not logged unless it is needed, since module failures are very verbose. Closes #1919	9 months ago
Matthew Wild	775a4d3cf6	prosodyctl check config: List modules which Prosody cannot successfully load	9 months ago
Matthew Wild	6767e771ff	modulemanager, util.pluginloader: Improve error message when load fails but some candidates were filtered	9 months ago
Matthew Wild	d45bf0a820	mod_admin_shell: Add role:list() and role:show() commands	9 months ago
Matthew Wild	b08fa464dc	mod_authz_internal: Improve error message when invalid role specified	9 months ago
Matthew Wild	f81c17aead	Added tag 13.0.1 for changeset e78e79f1b5f5	9 months ago
Matthew Wild	db3735d974	mod_admin_shell: Visual tweaks to the output of debug:cert_index()	9 months ago
Matthew Wild	07c3ce955c	.luacheckrc: Ignore config files in spec/tls	9 months ago
Matthew Wild	8d281ac121	certmanager: Remove obsolete index log (replaced by shell command) This information can now be retrieved on-demand using the debug:cert_index() command, so we don't need to log it after every scan (it is rather verbose).	9 months ago
Matthew Wild	e23d50de10	mod_admin_shell: Add debug:cert_index() command	9 months ago
Matthew Wild	bc13ac7e71	certmanager: Improve logging for all cases where certs are skipped	9 months ago
Matthew Wild	e6849bb76e	spec/tls: Add TLS/certificate integration tests These tests help to verify that various configurations translate into the expected running TLS setups. Specifically right now we are checking the correct certificate is served.	9 months ago
Matthew Wild	3905dcae02	portmanager: Add debug log message to state which certificate we end up using	9 months ago
Matthew Wild	e4fa881601	portmanager: Take automatic cert selection into account when setting SNI cert This fixes (another) issue with the fix in 4ea7bd7325be, where it no longer checked the automatic cert index for an appropriate certificate.	9 months ago

1 2 3 4 5 ...

13887 Commits (master) All Branches Search

13887 Commits (master)

All Branches