Matthew Wild [Fri, 29 Nov 2013 20:10:13 +0000 (20:10 +0000)]
Tagging 0.9.2
Kim Alvefur [Thu, 28 Nov 2013 15:12:40 +0000 (16:12 +0100)]
util.pposix: Verify that file handle is open
Kim Alvefur [Fri, 22 Nov 2013 14:27:21 +0000 (15:27 +0100)]
Makefile, certs: Generate example certificates on build, remove the old static one
Matthew Wild [Thu, 21 Nov 2013 02:11:09 +0000 (02:11 +0000)]
certmanager: Further cipher string tweaking. Re-enable ciphers required for DSA and ECDH certs/keys.
Matthew Wild [Tue, 12 Nov 2013 02:13:01 +0000 (02:13 +0000)]
Back out
1b0ac7950129, as SSLv3 appears to still be in moderate use on the network. Also, although obsolete, SSLv3 isn't documented to have any weaknesses that TLS 1.0 (the most common version used today) doesn't also have. Get your act together clients!
Matthew Wild [Sun, 10 Nov 2013 18:46:48 +0000 (18:46 +0000)]
certmanager: Update default cipher string to prefer forward-secrecy over cipher strength and to disable triple-DES (weaker and much slower than AES)
Matthew Wild [Sun, 10 Nov 2013 16:43:10 +0000 (16:43 +0000)]
util.set: Remove unused variable
Matthew Wild [Sat, 9 Nov 2013 17:54:21 +0000 (17:54 +0000)]
certmanager: Fix order of options, so that the dynamic option is at the end of the array
Matthew Wild [Sat, 9 Nov 2013 17:50:19 +0000 (17:50 +0000)]
certmanager: Default to using the server's cipher preference order by default, as clients have been shown to commonly select weak and insecure ciphers even when they support stronger ones
Kim Alvefur [Thu, 31 Oct 2013 18:00:36 +0000 (19:00 +0100)]
certmanager: Disable SSLv3 by default
Waqas Hussain [Thu, 10 Oct 2013 21:18:16 +0000 (17:18 -0400)]
util.windows: Incorrect output buffer size passed to ReadConsoleOutputAttribute (fixes issue#362, thanks yanjun).
Paul [Sat, 5 Oct 2013 16:11:16 +0000 (17:11 +0100)]
muc.lib.lua: Fix Spark jabber client not displaying conference room lists, seemingly due to a missing value tag for the room description if the description has not been set
Kim Alvefur [Mon, 30 Sep 2013 19:51:42 +0000 (21:51 +0200)]
util.filters: Fix inserting items so that higher priority filters run first
Matthew Wild [Mon, 9 Sep 2013 10:32:03 +0000 (11:32 +0100)]
Tagging 0.9.1
Kim Alvefur [Tue, 3 Sep 2013 11:40:29 +0000 (13:40 +0200)]
certmanager: Fix dhparam callback, missing imports (Testing, pfft)
Kim Alvefur [Tue, 3 Sep 2013 11:13:31 +0000 (13:13 +0200)]
certmanager: Allow for specifying the dhparam option as a path to a file instead of a callback
Matthew Wild [Tue, 3 Sep 2013 11:11:11 +0000 (12:11 +0100)]
certmanager: Fix for working around a bug with LuaSec 0.4.1 that causes it to not honour the 'ciphers' option. This change will apply 0.9's default cipher string for LuaSec 0.4.1 users.
Matthew Wild [Mon, 2 Sep 2013 19:52:19 +0000 (20:52 +0100)]
util.set: Fix :include() and :exclude() methods to iterate the input set correctly
Kim Alvefur [Mon, 2 Sep 2013 16:19:38 +0000 (18:19 +0200)]
util.pposix: Fix building on non-Linux with glibc
Kim Alvefur [Fri, 30 Aug 2013 16:51:55 +0000 (18:51 +0200)]
configmanager: Fix checking of absolute paths on Windows
Kim Alvefur [Fri, 30 Aug 2013 14:14:31 +0000 (16:14 +0200)]
util.net: Fix s2sout on Windows (return 0.0.0.0 and :: instead of an empty list)
Matthew Wild [Sat, 24 Aug 2013 22:15:24 +0000 (23:15 +0100)]
mod_pep: Update COMPAT comment, it seems Asterisk 1.8 also suffers from this issue (thanks Lonnie Abelbeck)
Matthew Wild [Mon, 19 Aug 2013 19:36:04 +0000 (20:36 +0100)]
Added tag 0.9.0 for changeset
6ef79af0c445
Kim Alvefur [Fri, 9 Aug 2013 14:03:17 +0000 (16:03 +0200)]
util.hashes: Silence compiler warning about pointer signedness
Kim Alvefur [Tue, 6 Aug 2013 12:32:31 +0000 (14:32 +0200)]
mod_admin_telnet, mod_s2s: Fix reporting of certificate chain validation details
Kim Alvefur [Tue, 6 Aug 2013 12:31:20 +0000 (14:31 +0200)]
util.hashes: Correct argument order
Kim Alvefur [Mon, 5 Aug 2013 18:47:38 +0000 (20:47 +0200)]
mod_s2s: Improve policy check
Kim Alvefur [Sun, 4 Aug 2013 15:33:00 +0000 (17:33 +0200)]
mod_s2s: Log certificate identity validation result
Kim Alvefur [Wed, 24 Jul 2013 19:49:36 +0000 (21:49 +0200)]
adhoc.lib: Don't build error reply from reply stanza
Kim Alvefur [Wed, 24 Jul 2013 13:28:36 +0000 (15:28 +0200)]
mod_c2s: Change default of tcp_keepalives to true, and make it individually configurable through c2s_tcp_keepalives
Kim Alvefur [Mon, 22 Jul 2013 16:17:30 +0000 (18:17 +0200)]
net.server_event: Pass ondrain handler from listener
Kim Alvefur [Mon, 22 Jul 2013 15:28:37 +0000 (17:28 +0200)]
net.http.server: Fix Keep-Alive requests with HTTP 1.0
Matthew Wild [Mon, 15 Jul 2013 22:43:20 +0000 (23:43 +0100)]
util.net: Fix compilation on Windows (outputs an empty list of addresses for now) (tested only in my head)
Matthew Wild [Mon, 15 Jul 2013 22:34:59 +0000 (23:34 +0100)]
util.net: Include missing header needed for successful compiltion on FreeBSD
Matthew Wild [Sat, 13 Jul 2013 12:15:24 +0000 (13:15 +0100)]
certmanager: Set our own default cipher string, which includes only ciphers regarded as 'HIGH' strength (by OpenSSL). In particular this disables RC4.
Matthew Wild [Thu, 11 Jul 2013 14:08:47 +0000 (15:08 +0100)]
mod_storage_sql2: Remove from 0.9
Kim Alvefur [Wed, 10 Jul 2013 05:45:10 +0000 (07:45 +0200)]
net.dns, net.adns: Make sure errors from net.server are propagated (thanks asterix)
Matthew Wild [Mon, 8 Jul 2013 22:59:51 +0000 (23:59 +0100)]
mod_component: Local imports for some functions, including xpcall
Matthew Wild [Mon, 8 Jul 2013 22:59:27 +0000 (23:59 +0100)]
mod_bosh: pcall() core_process_stanza per stanza, to bring in line with other listeners. This ensures that stanzas following a traceback-causing stanza in a request will still be processed (as would happen on normal c2s).
Matthew Wild [Mon, 8 Jul 2013 22:42:54 +0000 (23:42 +0100)]
mod_bosh: Only pass stanza to core_process_stanza if it wasn't dropped by filters
Matthew Wild [Mon, 8 Jul 2013 20:38:08 +0000 (21:38 +0100)]
mod_component: xpcall() stanza processing, as per other listeners, preventing potentially harmful 'top-level errors'
Florian Zeitz [Sat, 29 Jun 2013 20:40:10 +0000 (22:40 +0200)]
mod_admin_adhoc: Fix node of the "Get List of Online Users" command
Matthew Wild [Fri, 28 Jun 2013 19:16:43 +0000 (20:16 +0100)]
util.pposix: setrlimit(): Add missing return on error when an incorrect number of arguments are passed
Kim Alvefur [Fri, 28 Jun 2013 17:34:57 +0000 (19:34 +0200)]
mod_http_files: Put the MIME type map in a global shared table instead of per-host
Matthew Wild [Wed, 26 Jun 2013 20:40:01 +0000 (21:40 +0100)]
net.http: Include port number (when non-standard) in the Host header of outgoing requests, as per the HTTP RFC
Kim Alvefur [Sun, 23 Jun 2013 17:27:49 +0000 (19:27 +0200)]
mod_storage_sql2: Use correct variable (Thanks SkyBlue and Florob)
Matthew Wild [Tue, 18 Jun 2013 11:14:46 +0000 (12:14 +0100)]
mod_s2s/s2sout.lib: Remove unused variables and imports
Matthew Wild [Tue, 18 Jun 2013 11:12:49 +0000 (12:12 +0100)]
mod_s2s/s2sout.lib: Remove reference to undefined global
Matthew Wild [Tue, 18 Jun 2013 11:12:12 +0000 (12:12 +0100)]
mod_s2s/s2sout.lib: Use new util.net.local_addresses() to fetch local interface addresses
Matthew Wild [Tue, 18 Jun 2013 11:11:40 +0000 (12:11 +0100)]
mod_s2s/s2sout.lib: Only attempt to create an IPv6 socket if LuaSocket supports IPv6
Matthew Wild [Tue, 18 Jun 2013 08:04:44 +0000 (09:04 +0100)]
util.net: Add util.net, containing local_addresses() (removed from LuaSocket 3.0)
Florian Zeitz [Thu, 13 Jun 2013 22:07:57 +0000 (00:07 +0200)]
util.dataforms: Return nil for empty list-mutli responses, to be consistent with other readers
Florian Zeitz [Thu, 13 Jun 2013 12:56:35 +0000 (13:56 +0100)]
mod_pep: When a client supplies no id on a published item, reflect our generated id back to it
Matthew Wild [Tue, 21 May 2013 09:10:28 +0000 (10:10 +0100)]
mod_muc: Fix incorrect variable name
Matthew Wild [Wed, 12 Jun 2013 23:45:41 +0000 (00:45 +0100)]
certmanager: Add single_dh_use and single_ecdh_use to default options
Matthew Wild [Wed, 12 Jun 2013 23:04:04 +0000 (00:04 +0100)]
certmanager: Set ssl.curve to 'secp384r1' by default, to enable ECC ciphers
Florian Zeitz [Wed, 12 Jun 2013 14:53:51 +0000 (16:53 +0200)]
util.pubsub: Check whether node exists, when deleting
Matthew Wild [Tue, 11 Jun 2013 20:44:53 +0000 (21:44 +0100)]
certmanager: Use 'curve' and 'dhparam' options from ssl config if present
Matthew Wild [Thu, 16 May 2013 09:47:22 +0000 (10:47 +0100)]
mod_admin_telnet: Add server:memory() command to view details of Prosody's memory usage
Matthew Wild [Fri, 7 Jun 2013 16:47:49 +0000 (17:47 +0100)]
mod_bosh: Remove Connection: keep-alive header (conflicts with new net.http.server)
Matthew Wild [Fri, 7 Jun 2013 16:47:27 +0000 (17:47 +0100)]
mod_bosh: Fix global write
Kim Alvefur [Mon, 10 Jun 2013 12:35:35 +0000 (14:35 +0200)]
mod_admin_telnet: Fix another wrong boolean expression
Kim Alvefur [Sun, 9 Jun 2013 15:00:26 +0000 (17:00 +0200)]
net.server_select: Make sure there is a server to pause when hitting maxfd (Thanks elghinn)
Matthew Wild [Fri, 7 Jun 2013 12:22:13 +0000 (13:22 +0100)]
mod_bosh: Remove logging of request.id, it doesn't exist in the new HTTP server API (thanks Mikael Nordfeldth)
Matthew Wild [Wed, 5 Jun 2013 20:35:50 +0000 (21:35 +0100)]
mod_bosh: Reset creating_session to prevent putting unnecessary attributes into every BOSH response
Kim Alvefur [Tue, 4 Jun 2013 17:35:41 +0000 (19:35 +0200)]
mod_admin_telnet: Fix inverted boolean logic
Waqas Hussain [Sun, 2 Jun 2013 20:23:19 +0000 (16:23 -0400)]
net.server_select: Ensure _maxfd = math.huge on Windows, always.
Kim Alvefur [Sun, 2 Jun 2013 17:25:53 +0000 (19:25 +0200)]
mod_bosh: Fix traceback in case session is destroyed during the stream-features event (thanks Biszkopcik)
Kim Alvefur [Sun, 26 May 2013 20:58:13 +0000 (22:58 +0200)]
mod_admin_telnet: Make the muc:create() command complain if the room already exists
Kim Alvefur [Sun, 26 May 2013 14:01:09 +0000 (16:01 +0200)]
util.pubsub: Fix get_subscriptions to not pass a boolean as node name (thanks jonas)
Matthew Wild [Wed, 22 May 2013 13:32:02 +0000 (14:32 +0100)]
certmanager: Disable SSL compression if possible (LuaSec 0.5 or 0.4.1+OpenSSL 1.x)
Kim Alvefur [Sat, 18 May 2013 11:19:31 +0000 (13:19 +0200)]
mod_admin_telnet: Verify that the host exists in user commands (Thanks SkyBlue)
Kim Alvefur [Sat, 18 May 2013 11:14:19 +0000 (13:14 +0200)]
util.ip: Convert IPv4 mapped addresses to hex.
Kim Alvefur [Sat, 18 May 2013 11:11:44 +0000 (13:11 +0200)]
mod_admin_telnet: Don't rely on getpeerchain returning an empty list
Matthew Wild [Sat, 18 May 2013 11:02:25 +0000 (12:02 +0100)]
mod_s2s: Fix interaction between s2s_secure_auth and s2s_require_encryption, in particular ensure that when s2s_require_encryption is NOT set, do not require encryption on s2s_insecure_domains.
Matthew Wild [Tue, 14 May 2013 08:38:54 +0000 (09:38 +0100)]
mod_muc: Fire muc-room-created and muc-room-destroyed events (thanks nik)
Waqas Hussain [Mon, 13 May 2013 19:52:01 +0000 (15:52 -0400)]
util.hashes: inttypes.h not available with MS Windows SDK, use MS specific __int32 instead.
Matthew Wild [Sat, 11 May 2013 12:54:02 +0000 (13:54 +0100)]
prosody.cfg.lua.dist: Fix my s2s_secure(_auth) mess
Kim Alvefur [Fri, 10 May 2013 20:29:03 +0000 (22:29 +0200)]
mod_c2s: Fix session:close() when a stanza is passed as reason
Kim Alvefur [Thu, 9 May 2013 09:13:18 +0000 (11:13 +0200)]
mod_pubsub: Remove nodeid check added in
989acb4ad1de that wasn't needed
Kim Alvefur [Tue, 7 May 2013 15:17:32 +0000 (17:17 +0200)]
mod_admin_telnet: Add some DNS commands.
Kim Alvefur [Tue, 7 May 2013 14:51:25 +0000 (16:51 +0200)]
net.dns: Add nicer API to cached records
Waqas Hussain [Tue, 7 May 2013 14:42:44 +0000 (10:42 -0400)]
util.json: New, faster, stricter, more compliant JSON decoder. Now returns nil,err instead of throwing errors on invalid input.
Waqas Hussain [Tue, 7 May 2013 14:41:03 +0000 (10:41 -0400)]
util.array: Wrap tostring() output in {} (otherwise empty arrays print as "").
Waqas Hussain [Mon, 6 May 2013 23:43:59 +0000 (19:43 -0400)]
util.json: Make setmetatable local.
Waqas Hussain [Mon, 6 May 2013 23:42:54 +0000 (19:42 -0400)]
util.json: Fix variable name typo which broke util.json when util.array was missing.
Waqas Hussain [Sun, 5 May 2013 19:02:33 +0000 (15:02 -0400)]
util.json: Optimize long string parsing.
Matthew Wild [Wed, 1 May 2013 12:45:05 +0000 (13:45 +0100)]
Merge with Florob
Florian Zeitz [Tue, 30 Apr 2013 16:34:03 +0000 (18:34 +0200)]
util.rfc{3484,6724}: Update to RFC 6724
Kim Alvefur [Mon, 29 Apr 2013 17:40:39 +0000 (19:40 +0200)]
portmanager: Also include the interface the service is listening on
Waqas Hussain [Mon, 29 Apr 2013 17:03:17 +0000 (22:03 +0500)]
portmanager: Include port numbers the service is listening on in the info logs.
Waqas Hussain [Mon, 29 Apr 2013 15:26:48 +0000 (20:26 +0500)]
net.server_select: Don't limit max file descriptor number on Windows.
Kim Alvefur [Mon, 29 Apr 2013 12:01:19 +0000 (14:01 +0200)]
prosodyctl: Guess the country from the TLD for the cert config
Kim Alvefur [Mon, 29 Apr 2013 12:00:44 +0000 (14:00 +0200)]
prosodyctl: Ask about the distinguished name in a in a consistent order
Kim Alvefur [Mon, 29 Apr 2013 11:59:39 +0000 (13:59 +0200)]
prosodyctl: Add message describing the distinguished name input expected
Kim Alvefur [Mon, 29 Apr 2013 11:30:59 +0000 (13:30 +0200)]
util.openssl: Write the distinguished_name part of the config in a consistent order
Matthew Wild [Mon, 29 Apr 2013 10:25:12 +0000 (11:25 +0100)]
MUC: Allow actor == true to set roles (like affiliations)
Matthew Wild [Mon, 29 Apr 2013 10:21:37 +0000 (11:21 +0100)]
MUC: Allow plugins to add and handle options in the MUC config form
Matthew Wild [Mon, 29 Apr 2013 09:52:23 +0000 (10:52 +0100)]
Merge with Florob
Matthew Wild [Mon, 29 Apr 2013 09:43:44 +0000 (10:43 +0100)]
mod_saslauth, mod_compression: Fix some cases where open_stream() was not being passed to/from (see
df3c78221f26 and issue #338)