mirrors/prosody
1
0
Fork 0
mirror of https://github.com/bjc/prosody.git synced 2025-04-04 05:37:39 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions
13744 commits 12 branches 101 tags 40 MiB
Commit graph

115 commits

Author SHA1 Message Date
Kim Alvefur
e06c97ca52 util.prosodyctl.check: Disable https cert check if http_external_url set 
This would indicate that a reverse proxy is used, which gets to be
responsible for that since it probably holds the actual cert.
 2023-11-13 09:58:56 +01:00
Kim Alvefur
8dcd20725a util.prosodyctl.check: Check cert for HTTPS if http module enabled 2023-11-13 09:50:06 +01:00
Kim Alvefur
5146db2da0 util.prosodyctl.check: Update conditions for s2s cert checks 
The 'anonymous_login' setting is deprecated and prosodyctl check config
will tell you to change it to 'authentication = "internal_hashed"', so
we shouldn't need to care about here anymore.
 2023-11-13 09:44:40 +01:00
Kim Alvefur
8d137609a4 util.prosodyctl.check: Simplify conditions for c2s and s2s cert checks 
This code is hard to follow and in need of some refactoring.
 2023-11-13 09:43:54 +01:00
Kim Alvefur
99d2ebb731 util.prosodyctl.check: Try to clarify check for misplaced k=v in modules_enabled (thanks aab and Menel) 2023-11-11 21:33:53 +01:00
Kim Alvefur
717ea33160 util.prosodyctl.check: Print DANE TLSA records for certificates 
Not the prosodyctl check dane I wanted to make but a start.
 2023-11-03 23:08:07 +01:00
Kim Alvefur
ab2dcd8007 util.prosodyctl.check: Wrap each check in a function 
One small refactor but one huge step in the right direction

Mostly because adding another check would make the line checking for a
valid check exceed the column limit.
 2023-11-03 22:16:53 +01:00
Kim Alvefur
c6b9037235 Merge 0.12->trunk 2023-08-30 11:09:12 +02:00
Kim Alvefur
a9eddf59a5 Merge 0.12->trunk 2023-07-17 14:57:27 +02:00
Kim Alvefur
1459e9cae9 Merge 0.12->trunk 2023-07-17 14:47:39 +02:00
Kim Alvefur
180daf56a1 Merge 0.12->trunk 2023-05-31 14:20:45 +02:00
Kim Alvefur
43531740f9 util: Prefix module imports with prosody namespace 2023-03-17 16:23:16 +01:00
Kim Alvefur
5a3f0becf8 Merge 0.12->trunk 2023-02-22 22:29:53 +01:00
Kim Alvefur
564054677f Merge 0.12->trunk 2023-01-14 14:09:33 +01:00
Matthew Wild
bfa6d5634a prosodyctl: check turn: More clearly indicate the error is from TURN server 2022-10-06 11:12:57 +01:00
Kim Alvefur
4973762abb util.prosodyctl.check: Fix reset of libunbound before DNS checks 
Probably worked anyway but settings might not always have been applied
depending on what order things happens in.

Error was hidden by the pcall, which was sorta intentional...
 2022-02-01 14:46:42 +01:00
Kim Alvefur
26e4b84130 util.prosodyctl.check: Fix A/AAAA check for proxy65 and http 
When there are no records to return the return value from dns.lookup()
might be nil or might be a table containing zero records, depending on
which DNS library is used
 2022-01-30 16:04:22 +01:00
Kim Alvefur
8ebfaefcbb util.prosodyctl.check: Include multiplexed ports in DNS checks #1704 2022-01-30 13:16:30 +01:00
Kim Alvefur
cde551332e util.prosodyctl.check: Fix use of LuaSocket URL parser 2022-01-27 12:52:01 +01:00
Kim Alvefur
0448e82513 util.prosodyctl.check: Add HTTP related DNS checks 
Since XEP-0363 is essentially mandatory now this will hopefully help
diagnose some common issues.
 2022-01-27 12:36:50 +01:00
Kim Alvefur
2cb9d62b2b util.prosodyctl.check: Parameterize replacement instructions 
This ought to make it easier to translate in the future.
And easier to reword, now!
 2022-01-08 18:02:32 +01:00
Kim Alvefur
540364a054 util.prosodyctl.check: Move word to ease future translations 
Recent experience with translations in the context of Snikket
highlighted that sentences spread across concatenated strings like this
makes the experience less than pleasant for translators.

We don't have translation yet, but it is a future goal and why not?

The duplication can be solved with a parameterized function for the
common cases.
 2022-01-08 17:01:10 +01:00
Kim Alvefur
a0dbd1fc24 util.prosodyctl.check: Use same wording about 'daemonize' and 'no_daemonize' 
Why would they use different wording?
 2022-01-08 22:55:49 +01:00
Kim Alvefur
5e4844806a util.prosodyctl.check: Remove obsolete settings from known globals 2021-12-25 13:02:48 +01:00
Kim Alvefur
eaa1d6bed4 util.prosodyctl.check: Add some more obsolete settings 2021-12-25 13:00:23 +01:00
Kim Alvefur
46a6dafd28 core.certmanager: Rename preset option to 'tls_preset' 
TLS good, SSL bad.
 2021-12-22 14:24:26 +01:00
Kim Alvefur
0a4923938a util.prosodyctl.check: Support direct TLS connectivity checks 
Currently only supported with OJN

Assumption: the direct_tls_ports are not empty when set.
 2021-11-28 22:51:50 +01:00
Kim Alvefur
b9f7f40d6e util.prosodyctl.check: Add mod_http_openmetrics settings to known globals 2021-11-25 12:14:44 +01:00
Kim Alvefur
8756adf72b util.prosodyctl.check: Highlight inconsistency of AAAA records and use_ipv6=false 2021-11-20 18:58:09 +01:00
Kim Alvefur
555740dd96 util.prosodyctl.check: Respect use_ipv4/v6 in proxy65 check 
Previously it would complain about lack of an AAAA record for
proxy65_target even in an IPv6-less environment.

Thanks to libertas for unintentionally calling attention to this.
 2021-11-20 17:05:32 +01:00
Kim Alvefur
40ca2839e0 util.prosodyctl.check: Take IPv6 support in LuaSocket into account 
Shouldn't really matter these days, but portmanager checks this way.
 2021-11-20 17:04:15 +01:00
Kim Alvefur
841384e7be util.prosodyctl.check: Add two known globals from mod_http 2021-10-03 19:05:15 +02:00
Kim Alvefur
3841a9187c prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check 
Reduces the reliance on observe.jabber.network and enables alternatives
for those who wish to have that.
 2021-09-30 17:37:05 +02:00
Kim Alvefur
08524a071e prosodyctl: Use HTTP client in promise mode for connectivity check 
Feels a bit cleaner to hide away the async.waiter() and return value
handling. Also line count reduction!
 2021-09-30 17:33:49 +02:00
Kim Alvefur
20a7b158ed mod_register_limits: Reword some options 
Remember to remove the compatibility things in some future version
 2021-09-19 15:52:07 +02:00
Kim Alvefur
5940c38b24 util.prosodyctl.check: Suggest replacing 'use_libevent' with 'network_backend' 
It's basically deprecated
 2021-09-14 14:19:05 +02:00
Kim Alvefur
2f7189e8ff util.prosodyctl.check: Nudge towards plural port options 
The singulars are supposed to be deprecated
 2021-09-14 02:03:50 +02:00
Kim Alvefur
bf228a8a7a util.prosodyctl.check: Fix to not treat some options as misplaced 
All 'net' providers generate a _port option which must be in the global
section, but this mistakenly also warns about these options as well.
 2021-09-14 01:41:59 +02:00
Kim Alvefur
51991185e1 util.prosodyctl.check: Suggest replacements for deprecated options #1684 2021-09-14 01:34:30 +02:00
Kim Alvefur
a281376b37 util.prosodyctl.check: Remove stray debug print() 2021-09-12 11:46:32 +02:00
Kim Alvefur
c340f18381 util.prosodyctl.check: Ignore unused "ok" variable [luacheck] 2021-09-12 01:48:51 +02:00
Kim Alvefur
97aa610a42 util.prosodyctl.check: Refuse to do ojn test unless prosody is running 
Other tests don't require a running prosody and I forgot to start it
when testing.
 2021-09-11 22:24:34 +02:00
Jonas Schäfer
0d7d6b628c prosodyctl: Add external connectivity check based on observe.jabber.network 
This uses the (experimental) observe.jabber.network API to
perform external connectivity checks. The idea is to complement
the checks prosodyctl can already do with a (nearly) complete
s2s/c2s handshake from a remote party to test the entire stack.
 2020-05-06 18:20:33 +02:00
Kim Alvefur
f24aba7b19 mod_c2s: Rename Direct TLS listener 'c2s_direct_tls' for clarity 
And to follow existing naming practices better than 'legacy_ssl' did.
 2021-09-09 22:14:43 +02:00
Kim Alvefur
4f520714ce util.prosodyctl.check: Add TODO about replacements for deprecated settings 2021-09-09 22:10:12 +02:00
Kim Alvefur
6da2329559 util.prosodyctl.check: Check for server-to-server Direct TLS records 2021-09-09 22:09:41 +02:00
Kim Alvefur
6f60a98b16 util.prosodyctl.check: Normalize away trailing dot in some messages too 2021-07-04 02:33:15 +02:00
Kim Alvefur
37395dfb23 util.prosodyctl.check: Normalize potential to form without trailing '.' 
In some cases you might end up with both 'xmpp.example.com' and
'xmpp.example.com.', which are the same thing so no point in doing the
same checks twice.
 2021-07-04 01:33:53 +02:00
Kim Alvefur
57ac866905 util.prosodyctl.check: Point out if A/AAAA exists despite disabled IPvX 
Clients would try to connect and receive an error or timeout, increasing
the time it takes to establish a connection. Probably not what you want.
If you really want IPv6 or IPv4 disabled, best remove the A or AAAA record.
 2021-07-04 01:32:04 +02:00
Kim Alvefur
0409851d74 util.prosodyctl.check: Warn if both use_ipv4 and use_ipv6 are set to false 
Why would you do this?!
 2021-07-04 01:29:47 +02:00