This allows certain session-specific code that needs to run in the async
context, but is itself triggered outside of that context (e.g. timers), to
be queued.
An example of this is the session destruction code of mod_smacks, when the
hibernation timeout is reached.
Attempt to fix a bug where connections are somehow closed twice, leading
to bad things happening elsewhere.
With LuaSec, closed connections are generally already too closed to
write anything to anyway since it does not support unidirectional
shutdown.
Attributes are strings. That definitely is a number. So we
tostring() it. This is important when the API becomes stricter,
for whatever reason that might happen.
Practically, this moves the overhead of converting to a string
to a place where it is visible.
This queue is used to buffer stanzas while waiting for an outgoing s2s
connection to be established.
Limit it to prevent excessive memory usage.
Default chosen to approximate how many average stanzas fits in the
server_epoll default max_send_buffer_size of 32 MiB
Returns a custom error instead of the default core.stanza_router
"Communication with remote domains is not enabled" from is sent back,
which does not describe what is happening here.
Closes#1106
Prevent Bad Things from happening when the buffer gets full.
This of course opens up the possibility of intentionally killing
connections by sending much stuff, which need to be mitigated with rate
limits elsewhere.
Problem: The string slice operations when a lot of data gets buffered
ends up being expensive and memory-consuming. We have util.dbuffer for
precisely this kind of thing.
I want to keep the behavior of writebuffer being upgraded from nil to a
string to full buffer since the last step involves three table
allocations, where the previous buffer method only used one. Avoiding
those allocations for simple writes like white space keep alive feels
like it would keep memory churn down.
This work was started in 2020
Previously the error messages said that it failed to "publish" to PEP, but
sometimes a sync involves removing items, which can be confusing.
The log was also the same for both legacy PEP and private XML bookmarks.
Having different log messages makes it easier to debug the cause and location
of any sync errors.
It appears that when:
1) The user has no bookmarks 2 node in PEP
2) The client publishes an empty bookmark set to a legacy bookmarks location
3) mod_bookmarks will attempt to purge items from the non-existent node and
log an error about the failure (item-not-found).
This new code will suppress an item-not-found error from the purge operation
in the empty-bookmarks case, and adds a log message for any other error (this
is helpful because the existing log message confusingly says it was an error
*publishing* to the node, which isn't always accurate).
Allows granting read only access to other sets of users using a separate
access control capability, which makes sense as some properties may be
intended to be public but read-only.
Prevents ASYNC-01 due to storage interactions in a timer.
Also considered modifying mod_c2s to allow passing arbitrary closures
into its runner thread but this seems like a big step away from the
current code for just this module.
Also considered creating a dedicated runner in mod_smacks, but ensuring
continuity across module reloads might be tricky.
We could further improve this in the next major version.
pkey_meth_derive: to derive a shared symmetric key from two ECC keys
pkey_meth_public_raw: to get the raw form of the public key
import_public_ec_raw: to import the raw form of the public key
generate_p256_keypair: key generation for the P-256 curve
Removes dependency on util.error from util.pubsub which was only used
for this one special case.
Line count reduction!
Would be even nicer if templating could be done by util.error itself.
This is what util.error was made for!
This replaces the custom error stanza builder with common code in
util.stanza that knows enough about util.error and namespaced errors.
Some awkwardness remains in the way util.pubsub returns conflicting
form fields.
XEP-0004: Changes <reported> which is not implemented
XEP-0030: A note on some implementations not advertising disco#info
XEP-0106: Now references PRECIS which we don't have access to
XEP-0107: Editorial fixing of a typo
XEP-0133: Removal of 'Get User Password' already done in 21a1b9fb08a1, editorial changes
XEP-0153: Editorial changes
XEP-0198: Editorial changes and clarifications
XEP-0223: Updated security considerations
XEP-0292: The difference is that the iq syntax implemented in mod_vcard4 is removed. To become compliant, simply unload this module.
XEP-0313: Editorial and minor changes
XEP-0398: Advanced to Stable, no other changes
XEP-0398: Now mentions the implementation method used in mod_vcard_legacy
XEP-0402: Changes only affecting clients
XEP-0421: Added requirements we already satisfy
XEP-0440: Editorial changes
XEP-0478: Editorial changes
Due to their size, review of changes to XEP-0045 and XEP-0060 has been left for later.
To support cases where the admin does not have easy access to the
command line to generate a password reset invite for someone who forgot
their password.
