Previously any error, or even a normal websocket close frame, would return early,
leaving potentially entire frames in the buffer unprocessed and then discarded.
This change stops processing new data, but returns an existing processed data up
to the point of the error/close.
Instead of using the string library, use methods from the passed object,
which are assumed to be equivalent.
This provides compatibility with objects from util.ringbuffer and
util.dbuffer, for example.
An earlier theory involved the bug being related to collapsing multiple
items, so it exercised that too.
Also correct the comment, it referred to the space in "hello world" in
an earlier version before the test string was changed to "foobar", which
was what was tested in a REPL
Similar to util.ringbuffer (and shares almost identical API). Differences:
- size limit is optional and dynamic
- does not allocate a fixed buffer of max_size bytes
- focus on simply storing references to existing string objects where possible,
avoiding unnecessary allocations
- references are still stored in a ring buffer to enable use as a fast FIFO
Optional second parameter to new() provides the number of ring buffer segments. On
Lua 5.2 on my laptop, a segment is ~19 bytes. If the ring buffer fills up, the next
write will compact all strings into a single item.
Partial backports of the following commits from trunk:
6c804b6b2ca2 net.http: Pass server name along for SNI (fixes#1408)
75d2874502c3 net.server_select: SNI support (#409)
9a905888b96c net.server_event: Add SNI support (#409)
adc0672b700e net.server_epoll: Add support for SNI (#409)
d4390c427a66 net.server: Handle server name (SNI) as extra argument
This is a new API that should be used in preference to http.destroy_request()
when possible, as it ensures the callback is always called (with an error of
course).
APIs that have edge-cases where they don't call callbacks have, from experience,
shown to be difficult to work with and often lead to unintentional leaks when
the callback was expected to free up certain resources.
The stanza-id added during archiving looks exactly like what should be
stripped, so the stripping must happen before archiving.
Getting priorities right is hard!
Also no test coverage yet.
27f5db07bec9 fixed this wrong. The code is supposed to check if the
stanza is NOT sent to your bare JID. A MUC PM is always sent to your
full JID. Hopefully nobody sends MUC invites to full JIDs, because those
would be skipped by this as well.
Backport of 94e341dee51c
The original intent of having kEDH before kEECDH was that if a `dhparam`
file was specified, this would be interpreted as a preference by the
admin for old and well-tested Diffie-Hellman key agreement over newer
elliptic curve ones. Otherwise the faster elliptic curve ciphersuites
would be preferred. This didn't really work as intended since this
affects the ClientHello on outgoing s2s connections, leading to some
servers using poorly configured kEDH.
With Debian shipping OpenSSL settings that enforce a higher security
level, this caused interoperability problems with servers that use DH
params smaller than 2048 bits. E.g. jabber.org at the time of this
writing has 1024 bit DH params.
MattJ says
> Curves have won, and OpenSSL is less weird about them now
This makes
`prosodyctl cert import example.com /path/to/example.com/fullchain.pem`
work. This was never intended to, yet users commonly tried this and got
problems.
