prosody

Commit Graph

Author	SHA1	Message	Date
Kim Alvefur	d1420d641f	core.portmanager: Complete error message for SNI TLS context problems	7 years ago
Kim Alvefur	b1338d27ac	core.portmanager: Fix TLS context inheritance for SNI hosts (completes SNI support)	7 years ago
Kim Alvefur	af05495fa2	core.portmanager: Don't set the first TLS context with a cert as main context Don't think this works and it's apparently acceptable to require SNI these days.	7 years ago
Kim Alvefur	6a5c40e1ca	core.modulemanager: Disable mod_vcard if mod_vcard_legacy is enabled to prevent conflict (#1469 )	7 years ago
Kim Alvefur	4a9bb8c321	s2s: Allow passing a custom error for bouncing queued stanzas (#770 ) Since stream errors and stanza errors are different	7 years ago
Kim Alvefur	625b06a9cb	core.sessionmanager: Require that client-requested resources pass strict resourceprep	7 years ago
Kim Alvefur	00cf4fcf14	core.configmanager: Handle nameprep validation errors	7 years ago
Kim Alvefur	20226a9804	core.configmanager: Ensure Hosts are given names Prevents traceback from nameprep(nil)	7 years ago
Kim Alvefur	b480791da9	core.sessionmanager: Fix traceback from passing nil to resourceprep	7 years ago
Kim Alvefur	95f7ce5e3d	Backed out changeset 64ddcbc9a328 as it would prevent communicating with valid remote JIDs that aren't valid under STRINGPREP / Unicode 3.2	7 years ago
Kim Alvefur	ef60c12bef	core.stanza_router: Do strict jidprep on c2s Be conservative in what you let your clients send, be liberal in what you let in via s2s. Being strict on s2s leads to interop problems and poor experiences, ie users being ejected from MUCs if something invalid enters. By starting with tightening up input into the network, we may be able to gradually approach a point where no invalid JIDs are allowed.	7 years ago
Kim Alvefur	70f9952d37	core.s2smanager: Fix traceback due to mixup with to/from Forgot to swap to and from in 3123a13cf577	7 years ago
Kim Alvefur	37d4260349	core.s2smanager: Remove bidi-enabled s2sin from outgoing routing table Caused creation of new s2sout instead of proper bidi-enabled s2sin.	7 years ago
Kim Alvefur	5ea3c0e758	core.modulemanager: Split lists across multiple lines for improved readability Patches will also be easier to read.	7 years ago
Kim Alvefur	852c0e837d	mod_s2s_bidi: Enables bi-directional streams via XEP-0288	7 years ago
Kim Alvefur	4f1f69ca55	core.stanza_router: Handle s2s in more direction-agnostic way	7 years ago
Kim Alvefur	b2c215307e	core.s2smanager: Add map of names authenticate for remote on s2sout for parity with s2sin Making s2sin and -out look more alike in preparation for bidi support	7 years ago
Kim Alvefur	e20cc123da	core.s2smanager: Add [direction] boolean flags to s2s connections This will allow representing connections that go both directions	7 years ago
Kim Alvefur	4e4e344d73	core.certmanager: Lower severity for tls config not having cert This is needed for SNI where certificates are in separate per-hostname contexts, not the main one. If there is a cert, it will still require a corresponding key.	7 years ago
Kim Alvefur	60733a4006	core.certmanager: Remove unused import [luacheck]	7 years ago
Kim Alvefur	47625cfc95	Remove COMPAT with temporary luasec fork The changes in the temporary fork were merged into mainline luasec ca 2013 and included in the 0.5 release in 2014.	7 years ago
Kim Alvefur	7cd3955aa0	core.certmanager: Move EECDH ciphers before EDH in default cipherstring The original intent of having kEDH before kEECDH was that if a `dhparam` file was specified, this would be interpreted as a preference by the admin for old and well-tested Diffie-Hellman key agreement over newer elliptic curve ones. Otherwise the faster elliptic curve ciphersuites would be preferred. This didn't really work as intended since this affects the ClientHello on outgoing s2s connections, leading to some servers using poorly configured kEDH. With Debian shipping OpenSSL settings that enforce a higher security level, this caused interoperability problems with servers that use DH params smaller than 2048 bits. E.g. jabber.org at the time of this writing has 1024 bit DH params. MattJ says > Curves have won, and OpenSSL is less weird about them now	7 years ago
Kim Alvefur	7c01e612b7	core.portmanager: Log debug message for each kind of TLS context created	7 years ago
Kim Alvefur	bd3c389d48	core.moduleapi: Restructure send_iq method for more atomic cleanup All cleanup in one spot instead of two, and at the end which fits with cleanup happening afterwards.	7 years ago
Kim Alvefur	790a10f47d	core.moduleapi: Uppercase "IQ stanza" for consistency It's written like that elsewhere in the send_iq method	7 years ago
Jo?o Duarte	5191643f99	core.configmanager: Removed code related to complement_lua_path	7 years ago
Jo?o Duarte	a55f24139e	core.configmanager: Added support to 'complement_lua_path'	7 years ago
Maxime ?pep? Buquet	cd4878033f	core/sessionmanager: Remove unnecessary fallback in make_authenticated	7 years ago
Kim Alvefur	680d10732b	core.portmanager: Remove unused local [luacheck]	7 years ago
Kim Alvefur	f1296c621d	core.portmanager: Remove tostring call from logging Taken care of by loggingmanager now	7 years ago
Kim Alvefur	814e344000	core.sessionmanager: Remove tostring call from logging Taken care of by loggingmanager now	7 years ago
Kim Alvefur	151dccede1	core.stanza_router: Remove tostring call from logging Taken care of by loggingmanager now	7 years ago
Kim Alvefur	a0c37efd1f	core.s2smanager: Rewrite log line to use formatting instead of concatenation Makes it more in line with logging elsewhere. Potentially avoids or at least delays creation of new string.	7 years ago
Kim Alvefur	ad89e20a7c	core.s2smanager: Remove use of tostring in logging This is now performed by loggingmanager	7 years ago
Matthew Wild	ced9754f5b	modulemanager: Fix issues introduced in previous commit acf74ad0b795 [thanks luacheck, scansion]	8 years ago
Matthew Wild	9b5c6c4d9d	Many things: switch from hacky multi-arg xpcall implementations to a standard util.xpcall	8 years ago
Kim Alvefur	5336659f02	moduleapi: Prevent loading disabled module as dependency of enabled one Explicitly disabled module should stay disabled.	8 years ago
Kim Alvefur	2b989c9429	stanza_router: Remove deprecation warning for core routing functions from global scope (deprecated in 0.9)	8 years ago
Kim Alvefur	22839913a5	core.moduleapi: Remove redundant condition	8 years ago
Kim Alvefur	b93089dd57	sessionmanager, mod_s2s: Bring debug line for outgoing stanzas in line with that for incoming	8 years ago
Kim Alvefur	d91846dcc9	core.stanza_router: Reduce logging of common routing (#776 )	8 years ago
Kim Alvefur	ac6ffd2a99	sessionmanager: Log top tag of outgoing stanzas on c2s (#776 )	8 years ago
Kim Alvefur	5b0c75379e	core.certmanager: Allow all non-whitespace in service name (fixes #1019 )	8 years ago
Matthew Wild	fae3c34ef6	rostermanager: Use util.id to generate ids for roster pushed	8 years ago
Matthew Wild	55a6e42c64	configmanager: Allow referencing environment variables in the config as as ENV_<name>	8 years ago
Kim Alvefur	65752fde14	hostmanager: Add a logging close method in case something tries to close the origin of local-originated stanzas (see #1084 )	8 years ago
Kim Alvefur	f6efb7e00f	rostermanager: Explicitly remove old-style 'pending' table from rosters (or it stays forever due to map stores)	9 years ago
Kim Alvefur	fe36378134	certmanager: Check for missing certificate before key in configuration (should be marginally less confusing)	9 years ago
Kim Alvefur	9690a86204	certmanager: Set single curve conditioned on LuaSec advertising EC crypto support	9 years ago
Kim Alvefur	aa6ed63bd8	certmanager: Filter out curves not supported by LuaSec	9 years ago

1 2 3 4 5 ...

1726 Commits (0ec577b5dfed46586ff329e531bcc18a4cd5ec00)