prosody

Commit Graph

Author	SHA1	Message	Date
Matthew Wild	3905dcae02	portmanager: Add debug log message to state which certificate we end up using	9 months ago
Matthew Wild	e4fa881601	portmanager: Take automatic cert selection into account when setting SNI cert This fixes (another) issue with the fix in 4ea7bd7325be, where it no longer checked the automatic cert index for an appropriate certificate.	9 months ago
Matthew Wild	c384aeca79	portmanager: Use alternate host (if any) for SNI (many thanks Zaak!) This was an oversight in the fix for #1915 in commit 4ea7bd7325be (though it seems commit 7e9ebdc75ce4 was the first to introduce this bug).	9 months ago
Kim Alvefur	96aadab60b	core.portmanager: Restore use of per-host 'ssl' for SNI hosts. Fixes #1915 . This was an unintentional regression, as per-host 'ssl' options became valid in 0.12 when SNI support was added for direct TLS ports. While we encourage most people to use the simpler automatic certificate selection (and it seems most do, given the overlooking of this bug), there are likely always going to be use cases for manually-configured certificates. The issue was introduced in commit 7e9ebdc75ce4 which inadvertently removed the per-host option checking for SNI.	10 months ago
Kim Alvefur	c460117e3c	core.portmanager: Fix traceback on attempt to get non-existent service If there's no such interface:port then `data` is nil and `data.service` errors.	4 years ago
Matthew Wild	b4ed120963	portmanager: Expose API to get at SSL/TLS config for a given interface/port	3 years ago
Kim Alvefur	f8a2c4d7ab	core.portmanager: Join strings broken into multiple lines Improves readability. Reduces line count. What's not to like? The code style and luacheck rules allows longer lines, and these strings aren't long enough to need breaking into multiple lines like this.	2 years ago
Kim Alvefur	1ff9661412	core.portmanager: Hint at HTTP servers for conflicts over port 443 Since 443 is just as much a web port as port 80 these days, if not more. What's with port 81 here?	2 years ago
Kim Alvefur	d47a7bb3bd	core: Prefix module imports with prosody namespace	3 years ago
Jonas Schäfer	38346dd6f1	net: isolate LuaSec-specifics For this, various accessor functions are now provided directly on the sockets, which reach down into the LuaSec implementation to obtain the information. While this may seem of little gain at first, it hides the implementation detail of the LuaSec+LuaSocket combination that the actual socket and the TLS layer are separate objects. The net gain here is that an alternative implementation does not have to emulate that specific implementation detail and "only" has to expose LuaSec-compatible data structures on the new functions.	4 years ago
Kim Alvefur	cf5c477c8f	core.portmanager: Also reload per-SNI certificates	5 years ago
Kim Alvefur	b665846031	core.portmanager: Reload direct TLS certificates after config reload This should re-create all contexts the same way as when the service was activated, which reloads certificates.	5 years ago
Kim Alvefur	cdb0bff7d2	core.portmanager: Factor out base TLS context creation for reuse Thinking I can use this to reload certificates after config reload	5 years ago
Kim Alvefur	01c869407d	core.portmanager: Fix race condition in initialization of SNI cert map Under some circumstances when hosts and modules are loaded in some certain order, entries end up missing from the SNI map. This manifests in e.g. `curl https://localhost:5281/` giving an error about "unrecognized name". The `service` argument is `nil` when invoked from the "host-activated" event, leading it to iterating over every service. And then it would not be fetching e.g. `http_host` from the config, which explains why https would sometimes not work due to the missing name entry. Because when `service` is included, this limits the iteration to matching entries, while also returning the same value as the `name` loop variable. Because `name == service when service != nil` we can use name instead in the body of the loop.	5 years ago
Kim Alvefur	4cd3fcfb0b	core.portmanager: Use existing http_host for https SNI mapping	5 years ago
Kim Alvefur	10fc065796	core.portmanager: Allow overriding expected SNI name per service E.g. VirtualHost"example.com" https_name = "xmpp.example.com"	5 years ago
Kim Alvefur	f638628c08	core.portmanager: Log SNI hosts, services looked for To highlight how many these are	5 years ago
Matthew Wild	e4f830812f	portmanager: Don't auto-start network services under prosodyctl	6 years ago
Kim Alvefur	c4c6a44c30	core.portmanager: Ignore unused return variable [luacheck]	6 years ago
Kim Alvefur	4614213216	core.portmanager: Complete error message for SNI TLS context problems	6 years ago
Kim Alvefur	1f33d9c6bb	core.portmanager: Fix TLS context inheritance for SNI hosts (completes SNI support)	6 years ago
Kim Alvefur	b65b591c7a	core.portmanager: Don't set the first TLS context with a cert as main context Don't think this works and it's apparently acceptable to require SNI these days.	6 years ago
Kim Alvefur	06cf2e641a	core.portmanager: Log debug message for each kind of TLS context created	7 years ago
Kim Alvefur	e3276738b3	core.portmanager: Remove unused local [luacheck]	7 years ago
Kim Alvefur	73beabd065	core.portmanager: Remove tostring call from logging Taken care of by loggingmanager now	7 years ago
Kim Alvefur	43b814a83b	vairious: Add annotation when an empty environment is set [luacheck]	8 years ago
Kim Alvefur	1ecc3a7918	core: Split some very long lines [luacheck]	9 years ago
Kim Alvefur	47fb0705f6	portmanager: Set default read size back to 4K	10 years ago
Kim Alvefur	14d035cf43	core: Increase default read size to "all of it", in practice 8K (size of LuaSockets buffer)	10 years ago
Kim Alvefur	2458f50dca	portmanager: Lower the priority of module-supplied TLS options	10 years ago
Matthew Wild	b925d6f580	portmanager: Remove unused argument from function [luacheck]	11 years ago
Matthew Wild	36c0cf5d9d	portmanager: Rename variable to avoid name conflict [luacheck]	11 years ago
Matthew Wild	4e5f5c41ae	portmanager: Add luacheck annotations	11 years ago
Matthew Wild	7b3df2bae6	portmanager, s2smanager, sessionmanager, stanza_router, storagemanager, usermanager, util.xml: Add luacheck annotations	11 years ago
Kim Alvefur	db2152e888	portmanager: Add forward declarations	11 years ago
Kim Alvefur	27265c20e2	core.*: Remove use of module() function	11 years ago
Matthew Wild	322aa3c9c3	portmanager: Remove unused import of pairs()	11 years ago
Kim Alvefur	c24bed529f	core.portmanager: Simplify and take advantage of new ssl config merging in certmanager	12 years ago
Matthew Wild	5273af7c22	portmanager: Make maximum read size configurable, and default to 4KB	12 years ago
Florian Zeitz	1d833bb807	Remove all trailing whitespace	13 years ago
Kim Alvefur	99c908e11a	portmanager: Also include the interface the service is listening on	13 years ago
Waqas Hussain	372de588be	portmanager: Include port numbers the service is listening on in the info logs.	13 years ago
Matthew Wild	4624a05183	portmanager: import pairs() (thanks Maranda)	13 years ago
Marco Cirillo	7cd207a8f6	portmanager: add logic to allow specification of service default values for ssl config and / or overrides.	13 years ago
Matthew Wild	3e788bfa6e	portmanager: Log error and fail to bind when port is invalid (not a number)	13 years ago
Kim Alvefur	077cfbe8a4	portmanager: Add use_ipv4 option, default to true.	13 years ago
Kim Alvefur	45fa794da0	portmanager: use_ipv6 defaults to true if luasocket has ipv6 support	13 years ago
Kim Alvefur	9f39499470	portmanager: Make sure foo_ports is a table	13 years ago
Matthew Wild	193b00e1ff	portmanager: Return first service with the specified name from get_service() (instead of the array of possible services) (thanks xnyhps)	13 years ago
Matthew Wild	c6fcddc614	portmanager: Support 'local_interfaces' config option (default for private listeners like components, telnet, etc.) (thanks mva)	14 years ago

1 2

88 Commits (ea2f97e9ed8317dc9a62e45d9a807dca7e3700a5)