mirrors/prosody
1
0
Fork 0
mirror of https://github.com/bjc/prosody.git synced 2025-04-05 22:27:38 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions
5802 commits 12 branches 101 tags 40 MiB
Commit graph

55 commits

Author SHA1 Message Date
Kim Alvefur
938d568ac4 mod_c2s, mod_s2s: Log cipher and encryption info in a more compact and (hopefully) less confusing way 2013-08-14 15:00:36 +02:00
Kim Alvefur
1764b9fba3 mod_s2s: Captitalize log messages that begin with a stream direction 2013-08-14 14:53:50 +02:00
Florian Zeitz
1d833bb807 Remove all trailing whitespace 2013-08-09 17:48:21 +02:00
Kim Alvefur
132f38d70a Merge 0.9->trunk 2013-08-06 14:35:03 +02:00
Kim Alvefur
a316833b30 mod_admin_telnet, mod_s2s: Fix reporting of certificate chain validation details 2013-08-06 14:32:31 +02:00
Kim Alvefur
bb9aa809b1 mod_s2s: Improve policy check 2013-08-05 20:47:38 +02:00
Kim Alvefur
47ec51ca07 mod_s2s: Log certificate identity validation result 2013-08-04 17:33:00 +02:00
Kim Alvefur
0c6c0e9c29 mod_c2s, mod_s2s: Log a message that stream encryption has been enabled with some details 2013-08-02 15:12:24 +02:00
Kim Alvefur
74d66c5aef mod_s2s: Add missing global hook for read-timeout 2013-06-26 13:35:38 +02:00
Kim Alvefur
4c9866805e mod_c2s, mod_s2s: Fire an event on read timeouts 2013-06-11 21:36:15 +02:00
Kim Alvefur
a6d4b7ca4d mod_s2s: Set s2s_session.ip 2013-06-09 12:54:10 +02:00
Kim Alvefur
8d85647c37 mod_c2s, mod_c2s: Send a whitespace on read timeout, to prod TCP into detecting if the connection died 2013-05-30 14:32:40 +02:00
Matthew Wild
2e3f198799 mod_s2s: Remove unnecessary debug message 2013-05-28 16:10:22 +01:00
Matthew Wild
bca009fef4 mod_s2s: Fix interaction between s2s_secure_auth and s2s_require_encryption, in particular ensure that when s2s_require_encryption is NOT set, do not require encryption on s2s_insecure_domains. 2013-05-18 12:02:25 +01:00
Matthew Wild
c596e86388 mod_s2s: Ensure that to/from on stream headers are always correct, fixes #338 2013-04-29 00:33:39 +01:00
Matthew Wild
de337196d4 mod_s2s: Obey tcp_keepalives option for s2s too, and make it individually configurable through s2s_tcp_keepalives (thanks yeled) 2013-04-26 12:25:25 +01:00
Matthew Wild
4602591c38 mod_c2s, mod_s2s, net.http, net.http.server: Improve tracebacks (omit traceback function), to make it clearer where an error occured 2013-04-22 12:35:52 +01:00
Kim Alvefur
001f4a7c75 mod_s2s: Add missing space 2013-04-15 19:37:15 +02:00
Kim Alvefur
dc7aae81cd mod_s2s: Adjust priority of route/remote hooks to negative values (like most other internal hooks) 2013-04-08 22:42:38 +02:00
Kim Alvefur
28f67a8022 mod_s2s: Add COMPAT cahin verification code for older LuaSec versions 2013-04-04 19:21:47 +02:00
Matthew Wild
25bb94216d mod_s2s: Close incoming s2s with stream error when secure and we don't trust their certificate 2013-04-01 14:45:59 +01:00
Kim Alvefur
cfbd9d02e2 mod_s2s: Prevent s2s to and from hosts we serve locally 2013-03-27 23:09:47 +01:00
Kim Alvefur
fee52c7341 mod_s2s: Prevent traceback when replying to incoming connection to a host we don't serve 2013-03-26 09:25:20 +01:00
Kim Alvefur
5c16f18d72 mod_s2s: session.from_host does not allways exist on incoming connections, true and nil or "our hostname" does not evaluate to what we want here 2013-03-25 08:18:49 +01:00
Matthew Wild
68a7de369b mod_s2s: Fix variable usage in check_auth_policy (thanks Florob) 2013-03-22 15:16:22 +00:00
Matthew Wild
4ceaa9d2f2 mod_s2s: Remove unused variable 2013-03-22 14:31:14 +00:00
Matthew Wild
b8efb428ea mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout) 2013-03-22 14:21:02 +00:00
Matthew Wild
339e74b1b9 s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event 2013-03-22 14:18:23 +00:00
Kim Alvefur
ee9ef878c4 mod_s2s, mod_saslauth, mod_compression: Refactor to have common code for opening streams 2013-03-16 17:46:43 +01:00
Matthew Wild
740e6e69a2 mod_s2s: Do not include xmlns:db declaration in stream header if mod_dialback is not loaded 2013-03-12 12:30:08 +00:00
Kim Alvefur
404b1966b1 mod_s2s: Make sure host variable is reachable 2013-03-11 21:39:15 +01:00
Matthew Wild
a32c615bc8 mod_s2s: Fire s2s-check-certificate event after validating a certificate, to allow plugins to override standard procedure 2013-03-10 17:49:07 +00:00
Matthew Wild
f936068a62 mod_s2s, mod_dialback: Rename s2s-authenticate-legacy event to s2sout-authenticate-legacy for clarity. Also, hello! 2013-03-10 11:25:05 +00:00
Kim Alvefur
255bd1e311 mod_s2s: Don't try to close sessions that were destroyed before timeout 2013-01-24 00:59:32 +01:00
Kim Alvefur
3e2a8fbe1c prosody, mod_c2s, mod_s2s: Move closing of c2s and s2s sessions to respective plugins 2012-12-28 14:33:47 +01:00
Matthew Wild
b9ac1b8b07 mod_s2s: Remove connection from sessions table as soon as we learn it is disconnected. Fixes a connection/session leak. 2012-12-28 12:47:44 +00:00
Kim Alvefur
b7219c57f4 mod_s2s: Detect TLS compression 2012-10-24 19:05:56 +02:00
Waqas Hussain
d9d38ef125 mod_{admin_telnet,c2s,component,http,net_multiplex,s2s}: Use module:provides() instead of module:add_item(). 2012-09-12 22:22:31 +05:00
Kim Alvefur
9114e88ee0 mod_admin_adhoc, mod_admin_telnet, mod_bosh, mod_c2s, mod_component, mod_pep, mod_presence, mod_roster, mod_s2s: Import core_post_stanza from the global prosody table. 2012-07-26 04:33:17 +02:00
Matthew Wild
be56306272 mod_s2s: Bump s2s_timeout to 90, to allow for the TCP timeout (in most cases) - this allows us to continue to try other targets 2012-07-23 18:57:28 +01:00
Matthew Wild
9931497619 mod_c2s, mod_s2s: Lower 'Disconnecting X' log messages from 'info' to 'debug' 2012-07-23 18:28:14 +01:00
Matthew Wild
e89b006f03 Hopefully inert commit to clean up logging across a number of modules, removing all cases of concatenation when building log messages 2012-07-23 17:32:33 +01:00
Matthew Wild
0771b51658 mod_s2s: Adjust session:close() in line with mod_c2s's - fixes waiting for </stream:stream> if it has already been sent by the peer 2012-07-23 13:31:26 +01:00
Matthew Wild
6aa575f09b mod_s2s: Don't call ondisconnect manually, don't call conn:close() 3 times (!) and merge its logic and streamdisconnected into session_close - including now waiting for a reply </stream:stream> if there is the chance of further stanzas requiring delivery arriving. session.sends2s() on a half-closed stream returns false. 2012-07-22 17:07:21 +01:00
Matthew Wild
900a0add21 mod_s2s: Don't treat a stanza as delivered if session.sends2s() returns false 2012-07-22 17:04:02 +01:00
Matthew Wild
2057401904 mod_s2s: Make unauthed session timeout a little more aggressive... otherwise it's possible for sessions to slip under the net and never get killed off 2012-07-22 16:45:27 +01:00
Matthew Wild
81cbf8c7d4 mod_s2s, s2sout.lib: Send stream header in onconnect() 2012-05-24 03:08:42 +01:00
Matthew Wild
417defb2ed mod_s2s: Only try next target if the stream didn't open 2012-05-13 16:03:05 +01:00
Matthew Wild
4a958b8611 mod_s2s: Remove TODO comment for SASL/TLS on s2s (thanks Florob) 2012-05-11 02:17:20 +01:00
Matthew Wild
0b4567a6f1 mod_s2s, mod_auth_anonymous, hostmanager: Remove disallow_s2s flag, deprecate the config option of the same name (disable mod_s2s instead), and add 'allow_anonymous_s2s' to separately control s2s for anonymous users 2012-05-11 00:56:18 +01:00