apitech
/
prosody
mirror of https://github.com/bjc/prosody
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
5786 Commits
12 Branches
101 Tags
54 MiB
Tag: Branch: Tree: 51549fe050
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '51549fe050'
${ noResults }
Commit Graph

53 Commits (51549fe050a1aec00284d1e2599c93010bc763c2)

Author SHA1 Message Date
Florian Zeitz 1d833bb807 Remove all trailing whitespace
13 years ago
Kim Alvefur a316833b30 mod_admin_telnet, mod_s2s: Fix reporting of certificate chain validation details
13 years ago
Kim Alvefur bb9aa809b1 mod_s2s: Improve policy check
13 years ago
Kim Alvefur 47ec51ca07 mod_s2s: Log certificate identity validation result
13 years ago
Kim Alvefur 0c6c0e9c29 mod_c2s, mod_s2s: Log a message that stream encryption has been enabled with some details
13 years ago
Kim Alvefur 74d66c5aef mod_s2s: Add missing global hook for read-timeout
13 years ago
Kim Alvefur 4c9866805e mod_c2s, mod_s2s: Fire an event on read timeouts
13 years ago
Kim Alvefur a6d4b7ca4d mod_s2s: Set s2s_session.ip
13 years ago
Kim Alvefur 8d85647c37 mod_c2s, mod_c2s: Send a whitespace on read timeout, to prod TCP into detecting if the connection died
13 years ago
Matthew Wild 2e3f198799 mod_s2s: Remove unnecessary debug message
13 years ago
Matthew Wild bca009fef4 mod_s2s: Fix interaction between s2s_secure_auth and s2s_require_encryption, in particular ensure that when s2s_require_encryption is NOT set, do not require encryption on s2s_insecure_domains.
13 years ago
Matthew Wild c596e86388 mod_s2s: Ensure that to/from on stream headers are always correct, fixes #338
13 years ago
Matthew Wild de337196d4 mod_s2s: Obey tcp_keepalives option for s2s too, and make it individually configurable through s2s_tcp_keepalives (thanks yeled)
13 years ago
Matthew Wild c178786878 mod_c2s, mod_s2s, net.http, net.http.server: Improve tracebacks (omit traceback function), to make it clearer where an error occured
13 years ago
Matthew Wild 4602591c38 mod_c2s, mod_s2s, net.http, net.http.server: Improve tracebacks (omit traceback function), to make it clearer where an error occured
13 years ago
Kim Alvefur 001f4a7c75 mod_s2s: Add missing space
13 years ago
Kim Alvefur dc7aae81cd mod_s2s: Adjust priority of route/remote hooks to negative values (like most other internal hooks)
13 years ago
Kim Alvefur 28f67a8022 mod_s2s: Add COMPAT cahin verification code for older LuaSec versions
13 years ago
Matthew Wild 25bb94216d mod_s2s: Close incoming s2s with stream error when secure and we don't trust their certificate
13 years ago
Kim Alvefur cfbd9d02e2 mod_s2s: Prevent s2s to and from hosts we serve locally
13 years ago
Kim Alvefur fee52c7341 mod_s2s: Prevent traceback when replying to incoming connection to a host we don't serve
13 years ago
Kim Alvefur 5c16f18d72 mod_s2s: session.from_host does not allways exist on incoming connections, true and nil or "our hostname" does not evaluate to what we want here
13 years ago
Matthew Wild 68a7de369b mod_s2s: Fix variable usage in check_auth_policy (thanks Florob)
13 years ago
Matthew Wild 4ceaa9d2f2 mod_s2s: Remove unused variable
13 years ago
Matthew Wild b8efb428ea mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout)
13 years ago
Matthew Wild 339e74b1b9 s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
13 years ago
Kim Alvefur ee9ef878c4 mod_s2s, mod_saslauth, mod_compression: Refactor to have common code for opening streams
13 years ago
Matthew Wild 740e6e69a2 mod_s2s: Do not include xmlns:db declaration in stream header if mod_dialback is not loaded
13 years ago
Kim Alvefur 404b1966b1 mod_s2s: Make sure host variable is reachable
13 years ago
Matthew Wild a32c615bc8 mod_s2s: Fire s2s-check-certificate event after validating a certificate, to allow plugins to override standard procedure
13 years ago
Matthew Wild f936068a62 mod_s2s, mod_dialback: Rename s2s-authenticate-legacy event to s2sout-authenticate-legacy for clarity. Also, hello!
13 years ago
Kim Alvefur 255bd1e311 mod_s2s: Don't try to close sessions that were destroyed before timeout
13 years ago
Kim Alvefur 3e2a8fbe1c prosody, mod_c2s, mod_s2s: Move closing of c2s and s2s sessions to respective plugins
13 years ago
Matthew Wild b9ac1b8b07 mod_s2s: Remove connection from sessions table as soon as we learn it is disconnected. Fixes a connection/session leak.
13 years ago
Kim Alvefur b7219c57f4 mod_s2s: Detect TLS compression
13 years ago
Waqas Hussain d9d38ef125 mod_{admin_telnet,c2s,component,http,net_multiplex,s2s}: Use module:provides() instead of module:add_item().
14 years ago
Kim Alvefur 9114e88ee0 mod_admin_adhoc, mod_admin_telnet, mod_bosh, mod_c2s, mod_component, mod_pep, mod_presence, mod_roster, mod_s2s: Import core_post_stanza from the global prosody table.
14 years ago
Matthew Wild be56306272 mod_s2s: Bump s2s_timeout to 90, to allow for the TCP timeout (in most cases) - this allows us to continue to try other targets
14 years ago
Matthew Wild 9931497619 mod_c2s, mod_s2s: Lower 'Disconnecting X' log messages from 'info' to 'debug'
14 years ago
Matthew Wild e89b006f03 Hopefully inert commit to clean up logging across a number of modules, removing all cases of concatenation when building log messages
14 years ago
Matthew Wild 0771b51658 mod_s2s: Adjust session:close() in line with mod_c2s's - fixes waiting for </stream:stream> if it has already been sent by the peer
14 years ago
Matthew Wild 6aa575f09b mod_s2s: Don't call ondisconnect manually, don't call conn:close() 3 times (!) and merge its logic and streamdisconnected into session_close - including now waiting for a reply </stream:stream> if there is the chance of further stanzas requiring delivery arriving. session.sends2s() on a half-closed stream returns false.
14 years ago
Matthew Wild 900a0add21 mod_s2s: Don't treat a stanza as delivered if session.sends2s() returns false
14 years ago
Matthew Wild 2057401904 mod_s2s: Make unauthed session timeout a little more aggressive... otherwise it's possible for sessions to slip under the net and never get killed off
14 years ago
Matthew Wild 81cbf8c7d4 mod_s2s, s2sout.lib: Send stream header in onconnect()
14 years ago
Matthew Wild 417defb2ed mod_s2s: Only try next target if the stream didn't open
14 years ago
Matthew Wild 4a958b8611 mod_s2s: Remove TODO comment for SASL/TLS on s2s (thanks Florob)
14 years ago
Matthew Wild 0b4567a6f1 mod_s2s, mod_auth_anonymous, hostmanager: Remove disallow_s2s flag, deprecate the config option of the same name (disable mod_s2s instead), and add 'allow_anonymous_s2s' to separately control s2s for anonymous users
14 years ago
Matthew Wild 75d9d9e997 mod_s2s, s2smanager, mod_dialback: Move addition of session.send() on s2sin to after they are authenticated (thus from mod_s2s to s2smanager). Update mod_dialback to fire route/remote directly, as session.send() is no longer available for s2sin_unauthed. Fixes #291.
14 years ago
Matthew Wild 8128ac8052 mod_s2s: Cache to_host and from_host in local variables, and use these instead of repeated lookups
14 years ago