Changeset

1325:b21236b6b8d8

Backed out changeset 853a382c9bd6
author Kim Alvefur <zash@zash.se>
date Fri, 28 Feb 2014 15:37:55 +0100
parents 1324:853a382c9bd6
children 1326:afae347928d8
files mod_auth_ccert/mod_auth_ccert.lua mod_auth_dovecot/auth_dovecot/sasl_dovecot.lib.lua mod_block_strangers/mod_block_strangers.lua mod_carbons/mod_carbons.lua mod_default_bookmarks/mod_default_bookmarks.lua mod_firewall/mod_firewall.lua mod_http_altconnect/mod_http_altconnect.lua mod_http_dir_listing/http_dir_listing/resources/style.css mod_http_dir_listing/http_dir_listing/resources/template.html mod_mam/mod_mam.lua mod_mam_muc/mod_mam_muc.lua mod_manifesto/mod_manifesto.lua mod_muc_log/mod_muc_log.lua mod_pubsub_feeds/mod_pubsub_feeds.lua mod_pubsub_hub/mod_pubsub_hub.lua mod_s2s_auth_dane/mod_s2s_auth_dane.lua mod_s2s_auth_fingerprint/mod_s2s_auth_fingerprint.lua mod_s2s_blacklist/mod_s2s_blacklist.lua mod_s2s_keysize_policy/mod_s2s_keysize_policy.lua mod_smacks/mod_smacks.lua mod_srvinjection/mod_srvinjection.lua mod_storage_mongodb/mod_storage_mongodb.lua mod_turncredentials/mod_turncredentials.lua mod_websocket/mod_websocket.lua
diffstat 24 files changed, 86 insertions(+), 280 deletions(-) [+]
line wrap: on
line diff
--- a/mod_auth_ccert/mod_auth_ccert.lua	Fri Feb 28 15:36:06 2014 +0100
+++ b/mod_auth_ccert/mod_auth_ccert.lua	Fri Feb 28 15:37:55 2014 +0100
@@ -60,7 +60,7 @@
 function get_sasl_handler(session)
 	return new_sasl(module.host, {
 		external = session.secure and function(authz)
-			if not session.secure or not session.conn:ssl() then
+			if not session.secure then
 				-- getpeercertificate() on a TCP connection would be bad, abort!
 				(session.log or log)("error", "How did you manage to select EXTERNAL without TLS?");
 				return nil, false;
--- a/mod_auth_dovecot/auth_dovecot/sasl_dovecot.lib.lua	Fri Feb 28 15:36:06 2014 +0100
+++ b/mod_auth_dovecot/auth_dovecot/sasl_dovecot.lib.lua	Fri Feb 28 15:37:55 2014 +0100
@@ -62,8 +62,8 @@
 	end
 
 	if not ok then
-		log("error", "error connecting to dovecot %s socket at '%s'. error was '%s'", socket_type, socket_path or socket_info, err);
-		return false;
+		return false, "error connecting to dovecot "..tostring(socket_type).." socket at '"
+			..tostring(socket_path or socket_info).."'. error was '"..tostring(err).."'";
 	end
 
 	-- Send our handshake
@@ -95,7 +95,6 @@
 			local major_version = parts();
 
 			if major_version ~= "1" then
-				log("error", "dovecot server version is not 1.x. it is %s.x", major_version);
 				conn:close();
 				return false, "dovecot server version is not 1.x. it is "..tostring(major_version)..".x";
 			end
--- a/mod_block_strangers/mod_block_strangers.lua	Fri Feb 28 15:36:06 2014 +0100
+++ b/mod_block_strangers/mod_block_strangers.lua	Fri Feb 28 15:37:55 2014 +0100
@@ -2,7 +2,6 @@
 local jid_split = require "util.jid".split;
 local jid_bare = require "util.jid".bare;
 local is_contact_subscribed = require "core.rostermanager".is_contact_subscribed;
-local error_reply = require "util.stanza".error_reply;
 
 function check_subscribed(event)
 	local stanza = event.stanza;
@@ -12,7 +11,7 @@
 		if to_resource and stanza.attr.type == "groupchat" then
 			return nil; -- Pass through
 		end
-		return error_reply("auth", "forbidden", "Subscription required"); -- Bounce with error
+		return true; -- Drop stanza
 	end
 end
 
--- a/mod_carbons/mod_carbons.lua	Fri Feb 28 15:36:06 2014 +0100
+++ b/mod_carbons/mod_carbons.lua	Fri Feb 28 15:37:55 2014 +0100
@@ -62,11 +62,10 @@
 		return -- No use in sending carbons to an offline user
 	end
 
-	local private_tag = stanza:child_with_name("private");
-	if private_tag and private.attr.xmlns == xmlns_carbons or private.attr.xmlns == xmlns_carbons_old then
+	if stanza:get_child("private", xmlns_carbons) then
 		if not c2s then
 			stanza:maptags(function(tag)
-				if tag ~= private_tag then
+				if not ( tag.attr.xmlns == xmlns_carbons and tag.name == "private" ) then
 					return tag;
 				end
 			end);
--- a/mod_default_bookmarks/mod_default_bookmarks.lua	Fri Feb 28 15:36:06 2014 +0100
+++ b/mod_default_bookmarks/mod_default_bookmarks.lua	Fri Feb 28 15:37:55 2014 +0100
@@ -13,34 +13,37 @@
 local dm_load = require "util.datamanager".load
 local jid_split = require "util.jid".split
 
-local private_bookmarks_ns = "storage:storage:bookmarks";
-
-local bookmarks = module:get_option("default_bookmarks");
-
-module:hook("iq-get/self/jabber:iq:private:query", function(event)
+module:hook("iq/self/jabber:iq:private:query", function(event)
 	local origin, stanza = event.origin, event.stanza;
+	local typ = stanza.attr.type;
 	local from = stanza.attr.from;
-	if not stanza.tags[1]:get_child("storage", "storage:bookmarks") then return end
-	local data, err = dm_load(origin.username, origin.host, "private");
-	if data and data[private_bookmarks_ns] then return end
-
-	local reply = st.reply(stanza):tag("query", {xmlns = "jabber:iq:private"})
-		:tag("storage", { xmlns = "storage:bookmarks" });
-
-	local nick = jid_split(from);
-
-	local bookmark;
-	for i=1,#bookmarks do
-		bookmark = bookmarks[i];
-		if type(bookmark) ~= "table" then -- assume it's only a jid
-			bookmark = { jid = bookmark, name = jid_split(bookmark) };
+	local query = stanza.tags[1];
+	if #query.tags == 1 and typ == "get" then
+		local tag = query.tags[1];
+		local key = tag.name..":"..tag.attr.xmlns;
+		if key == "storage:storage:bookmarks" then
+			local data, err = dm_load(origin.username, origin.host, "private");
+			if not(data and data[key]) then
+				local bookmarks = module:get_option("default_bookmarks");
+				if bookmarks and #bookmarks > 0 then
+					local reply = st.reply(stanza):tag("query", {xmlns = "jabber:iq:private"})
+						:tag("storage", { xmlns = "storage:bookmarks" });
+					local nick = jid_split(from);
+					for i=1,#bookmarks do
+						local bookmark = bookmarks[i];
+						if type(bookmark) ~= "table" then -- assume it's only a jid
+							bookmark = { jid = bookmark, name = jid_split(bookmark) };
+						end
+						reply:tag("conference", {
+							jid = bookmark.jid,
+							name = bookmark.name,
+							autojoin = "1",
+						}):tag("nick"):text(nick):up():up();
+					end
+					origin.send(reply);
+					return true;
+				end
+			end
 		end
-		reply:tag("conference", {
-			jid = bookmark.jid,
-			name = bookmark.name,
-			autojoin = "1",
-		}):tag("nick"):text(nick):up():up();
 	end
-	origin.send(reply);
-	return true;
 end, 1);
--- a/mod_firewall/mod_firewall.lua	Fri Feb 28 15:36:06 2014 +0100
+++ b/mod_firewall/mod_firewall.lua	Fri Feb 28 15:37:55 2014 +0100
@@ -27,10 +27,6 @@
 		type = "event"; "route/remote";
 		priority = 0.1;
 	};
-	send_remote = { -- FIXME name
-		type = "filter"; "s2sout";
-		priority = 0.1;
-	};
 };
 
 local function idsafe(name)
@@ -376,13 +372,9 @@
 					module:log("error", "Compilation error for %s: %s", script, err);
 				else
 					local chain_definition = chains[chain];
-					if chain_definition then
-						if chain_definition.type == "event" then
-							for _, event_name in ipairs(chain_definition) do
-								module:hook(event_name, handler, chain_definition.priority);
-							end
-						elseif chain_definition.type == "filter" then
-							-- TODO
+					if chain_definition and chain_definition.type == "event" then
+						for _, event_name in ipairs(chain_definition) do
+							module:hook(event_name, handler, chain_definition.priority);
 						end
 					elseif not chain:match("^user/") then
 						module:log("warn", "Unknown chain %q", chain);
--- a/mod_http_altconnect/mod_http_altconnect.lua	Fri Feb 28 15:36:06 2014 +0100
+++ b/mod_http_altconnect/mod_http_altconnect.lua	Fri Feb 28 15:37:55 2014 +0100
@@ -6,20 +6,16 @@
 local json = require"util.json";
 local st = require"util.stanza";
 local array = require"util.array";
-local it = require"util.iterators";
 
 local host_modules = hosts[module.host].modules;
 
 local function get_supported()
-	local uris = array(it.values(module:get_host_items("alt-conn-method")));
-	if #uris == 0 then
-		-- COMPAT for with before item array was added
-		if host_modules["bosh"] then
-			uris:push({ rel = "urn:xmpp:alt-connections:xbosh", href = module:http_url("bosh", "/http-bind") });
-		end
-		if host_modules["websocket"] then
-			uris:push({ rel = "urn:xmpp:alt-connections:websocket", href = module:http_url("websocket", "xmpp-websocket"):gsub("^http", "ws") });
-		end
+	local uris = array();
+	if host_modules["bosh"] then
+		uris:push({ rel = "urn:xmpp:alt-connections:xbosh", href = module:http_url("bosh", "/http-bind") });
+	end
+	if host_modules["websocket"] then
+		uris:push({ rel = "urn:xmpp:alt-connections:websocket", href = module:http_url("websocket", "xmpp-websocket"):gsub("^http", "ws") });
 	end
 	return uris;
 end
--- a/mod_http_dir_listing/http_dir_listing/resources/style.css	Fri Feb 28 15:36:06 2014 +0100
+++ b/mod_http_dir_listing/http_dir_listing/resources/style.css	Fri Feb 28 15:37:55 2014 +0100
@@ -5,12 +5,6 @@
 a:link:hover,a:visited:hover{color:#3465a4;}
 .filelist{background-color:white;padding:1em;list-style-position:inside;-moz-column-width:20em;-webkit-column-width:20em;-ms-column-width:20em;column-width:20em;}
 .file{list-style-image:url(text-x-generic.png);}
-.file.image{list-style-image:url(image-x-generic.png);}
-.file.video{list-style-image:url(video-x-generic.png);}
-.file.audio{list-style-image:url(audio-x-generic.png);}
-.file.vcf{list-style-image:url(x-office-address-book.png);}
-.file.text.html{list-style-image:url(text-html.png);}
-.file.application{list-style-image:url(application-x-executable.png);}
 .directory{list-style-image:url(folder.png);}
 .parent{list-style-image:url(user-home.png);}
 footer{margin-top:1ex;font-size:smaller;color:#babdb6;}
--- a/mod_http_dir_listing/http_dir_listing/resources/template.html	Fri Feb 28 15:36:06 2014 +0100
+++ b/mod_http_dir_listing/http_dir_listing/resources/template.html	Fri Feb 28 15:37:55 2014 +0100
@@ -6,9 +6,9 @@
   </head>
   <body>
     <h1>Index of {path}</h1>
-      <article>
-        {filelist}
-      </article>
+
+		{filelist}
+
     <footer>{footer}</footer>
   </body>
 </html>
--- a/mod_mam/mod_mam.lua	Fri Feb 28 15:36:06 2014 +0100
+++ b/mod_mam/mod_mam.lua	Fri Feb 28 15:37:55 2014 +0100
@@ -1,9 +1,9 @@
 -- XEP-0313: Message Archive Management for Prosody
--- Copyright (C) 2011-2014 Kim Alvefur
+-- Copyright (C) 2011-2012 Kim Alvefur
 --
 -- This file is MIT/X11 licensed.
 
-local xmlns_mam     = "urn:xmpp:mam:0" or ":1";
+local xmlns_mam     = "urn:xmpp:mam:tmp";
 local xmlns_delay   = "urn:xmpp:delay";
 local xmlns_forward = "urn:xmpp:forward:0";
 
@@ -16,7 +16,6 @@
 local jid_bare = require "util.jid".bare;
 local jid_split = require "util.jid".split;
 local jid_prep = require "util.jid".prep;
-local dataform = require "util.dataforms".new;
 local host = module.host;
 
 local rm_load_roster = require "core.rostermanager".load_roster;
@@ -62,37 +61,18 @@
 	end
 end);
 
-local query_form = dataform {
-	{ name = "FORM_TYPE"; type = "hidden"; value = "urn:xmpp:mam:0"; };
-	{ name = "with"; type = "jid-single"; };
-	{ name = "start"; type = "text-single" };
-	{ name = "end"; type = "text-single"; };
-};
-
--- Serve form
+-- Handle archive queries
 module:hook("iq-get/self/"..xmlns_mam..":query", function(event)
 	local origin, stanza = event.origin, event.stanza;
-	return origin.send(st.reply(stanza):add_child(query_form:form()));
-end);
-
--- Handle archive queries
-module:hook("iq-set/self/"..xmlns_mam..":query", function(event)
-	local origin, stanza = event.origin, event.stanza;
 	local query = stanza.tags[1];
 	local qid = query.attr.queryid;
 
 	-- Search query parameters
-	local qwith, qstart, qend;
-	local form = query:get_child("x", "jabber:x:data");
-	if form then
-		local err;
-		form, err = query_form:data(form);
-		if err then
-			return origin.send(st.error_reply(stanza, "modify", "bad-request", select(2, next(err))))
-		end
-		qwith, qstart, qend = form["with"], form["start"], form["end"];
-		qwith = qwith and jid_bare(qwith);
-	end
+	local qwith = query:get_child_text("with");
+	local qstart = query:get_child_text("start");
+	local qend = query:get_child_text("end");
+	module:log("debug", "Archive query, id %s with %s from %s until %s)",
+		tostring(qid), qwith or "anyone", qstart or "the dawn of time", qend or "now");
 
 	if qstart or qend then -- Validate timestamps
 		local vstart, vend = (qstart and timestamp_parse(qstart)), (qend and timestamp_parse(qend))
@@ -103,8 +83,14 @@
 		qstart, qend = vstart, vend;
 	end
 
-	module:log("debug", "Archive query, id %s with %s from %s until %s)",
-		tostring(qid), qwith or "anyone", qstart or "the dawn of time", qend or "now");
+	if qwith then -- Validate the 'with' jid
+		local pwith = qwith and jid_prep(qwith);
+		if pwith and not qwith then -- it failed prepping
+			origin.send(st.error_reply(stanza, "modify", "bad-request", "Invalid JID"))
+			return true
+		end
+		qwith = jid_bare(pwith);
+	end
 
 	-- RSM stuff
 	local qset = rsm.get(query);
@@ -130,7 +116,7 @@
 	local count = err;
 
 	-- Wrap it in stuff and deliver
-	local first_id, last_id, first_time, last_time;
+	local first, last;
 	for id, item, when in data do
 		local fwd_st = st.message{ to = origin.full_jid }
 			:tag("result", { xmlns = xmlns_mam, queryid = qid, id = id })
@@ -143,27 +129,18 @@
 		item.attr.xmlns = "jabber:client";
 		fwd_st:add_child(item);
 
-		if not first_id then
-			first_id = id;
-			first_time = when;
-		end
-		last_id = id;
-		last_time = when;
+		if not first then first = id; end
+		last = id;
 
 		origin.send(fwd_st);
 	end
 	-- That's all folks!
 	module:log("debug", "Archive query %s completed", tostring(qid));
 
-	if reverse then
-		first_id, last_id, first_time, last_time =
-		last_id, first_id, last_time, first_time;
-	end
+	if reverse then first, last = last, first; end
 	return origin.send(st.reply(stanza)
-		:query(xmlns_mam)
-			:add_child(query_form:form({ start = timestamp(first_time), ["end"] = timestamp(last_time), with = qwith  }))
-			:add_child(rsm.generate {
-				first = first_id, last = last_id, count = count }));
+		:query(xmlns_mam):add_child(rsm.generate {
+			first = first, last = last, count = count }));
 end);
 
 local function has_in_roster(user, who)
--- a/mod_mam_muc/mod_mam_muc.lua	Fri Feb 28 15:36:06 2014 +0100
+++ b/mod_mam_muc/mod_mam_muc.lua	Fri Feb 28 15:37:55 2014 +0100
@@ -111,36 +111,6 @@
 	end);
 end
 
-module:hook("muc-config-form", function(event)
-	local room, form = event.room, event.form;
-	local mam_query = room._data.mam_query or 'anyone';
-	table.insert(form, {
-		name = muc_form_allow_who,
-		type = 'list-single',
-		label = 'Who may query the archive?',
-		value = {
-			{ value = 'moderators', label = 'Moderators Only',     default = mam_query == 'moderators' },
-			{ value = 'members',    label = 'Members',             default = mam_query == 'members' },
-			{ value = 'anyone',     label = 'Anyone who can join', default = mam_query == 'anyone' },
-		}
-	}
-	);
-end);
-
-module:hook("muc-config-submitted", function(event)
-	local room, fields, changed = event.room, event.fields, event.changed;
-	local new = fields[muc_form_allow_who];
-	if new ~= room._data.mam_query then
-		room._data.mam_query = new;
-		if type(changed) == "table" then
-			changed[muc_form_allow_who] = true;
-		else
-			event.changed = true;
-		end
-	end
-end);
-
-
 -- Handle archive queries
 module:hook("iq-get/bare/"..xmlns_mam..":query", function(event)
 	local origin, stanza = event.origin, event.stanza;
@@ -156,11 +126,8 @@
 
 	-- Banned or not a member of a members-only room?
 	local from_affiliation = room_obj:get_affiliation(from);
-	local allowed_to_query = room_obj._data.mam_query or "anyone";
 	if from_affiliation == "outcast" -- banned
-		or room_obj:get_members_only() and not from_affiliation -- members-only, not a member
-		or allowed_to_query == "moderators" and not (from_affiliation == "owner" or from_affiliation == "admin" )
-		or allowed_to_query ~= "anyone" then
+		or room_obj:get_members_only() and not from_affiliation then -- members-only, not a member
 		return origin.send(st.error_reply(stanza, "auth", "forbidden"))
 	end
 
--- a/mod_manifesto/mod_manifesto.lua	Fri Feb 28 15:36:06 2014 +0100
+++ b/mod_manifesto/mod_manifesto.lua	Fri Feb 28 15:37:55 2014 +0100
@@ -57,18 +57,14 @@
 
 module:hook("resource-bind", function (event)
 	local session = event.session;
-	module:log("debug", "mod_%s sees that %s logged in", module.name, session.username);
 
 	local now = time();
 	local last_notify = notified[session.username] or 0;
 	if last_notify > ( now - 86400 * 7 ) then
-		module:log("debug", "Already notified %s", session.username);
 		return
 	end
 
-	module:log("debug", "Waiting 15 seconds");
 	timer.add_task(15, function ()
-		module:log("debug", "15 seconds later... session.type is %q", session.type);
 		if session.type ~= "c2s" then return end -- user quit already
 		local bad_contacts, bad_hosts = {}, {};
 		for contact_jid, item in pairs(session.roster or {}) do
@@ -100,7 +96,6 @@
 				end
 			end
 		end
-		module:log("debug", "%s has %d bad contacts", session.username, #bad_contacts);
 		if #bad_contacts > 0 then
 			local vars = {
 				HOST = host;
@@ -108,7 +103,6 @@
 				SERVICES = "    "..table.concat(bad_hosts, "\n    ");
 				CONTACTVIA = contact_method, CONTACT = contact;
 			};
-			module:log("debug", "Sending notification to %s", session.username);
 			session.send(st.message({ type = "headline", from = host }):tag("body"):text(message:gsub("$(%w+)", vars)));
 			notified[session.username] = now;
 		end
@@ -165,7 +159,7 @@
 		config_set(host, "s2s_require_encryption", true);
 
 		for _, session in pairs(s2s_sessions) do
-			if session.type == "s2sin" or session.type == "s2sout" and not session.secure then
+			if not session.secure then
 				(session.close or s2s_destroy_session)(session);
 			end
 		end
--- a/mod_muc_log/mod_muc_log.lua	Fri Feb 28 15:36:06 2014 +0100
+++ b/mod_muc_log/mod_muc_log.lua	Fri Feb 28 15:37:55 2014 +0100
@@ -96,7 +96,6 @@
 							end
 						end
 					end
-					datamanager.getpath(node, host, datastore, nil, true); -- create the datastore dir
 					data_store(node, host, datastore .. "/" .. today, data);
 				end
 			end
--- a/mod_pubsub_feeds/mod_pubsub_feeds.lua	Fri Feb 28 15:36:06 2014 +0100
+++ b/mod_pubsub_feeds/mod_pubsub_feeds.lua	Fri Feb 28 15:37:55 2014 +0100
@@ -17,8 +17,8 @@
 
 local pubsub = module:depends"pubsub";
 
-local date, time = import("os", "date", "time");
-local dt_parse, dt_datetime = import("util.datetime", "parse", "datetime");
+local date, time = os.date, os.time;
+local dt_parse, dt_datetime = require "util.datetime".parse, require "util.datetime".datetime;
 local uuid = require "util.uuid".generate;
 local hmac_sha1 = require "util.hashes".hmac_sha1;
 local parse_feed = require "feeds".feed_from_string;
--- a/mod_pubsub_hub/mod_pubsub_hub.lua	Fri Feb 28 15:36:06 2014 +0100
+++ b/mod_pubsub_hub/mod_pubsub_hub.lua	Fri Feb 28 15:37:55 2014 +0100
@@ -2,14 +2,15 @@
 --
 -- This file is MIT/X11 licensed.
 
-local http_request, formdecode, formencode = import("net.http", "request", "formdecode", "formencode");
+local http = require "net.http";
+local formdecode = http.formdecode;
+local formencode = http.formencode;
 local uuid = require "util.uuid".generate;
 local hmac_sha1 = require "util.hmac".sha1;
 local json_encode = require "util.json".encode;
 local time = os.time;
 local m_min, m_max = math.min, math.max;
 local tostring = tostring;
-
 local xmlns_pubsub = "http://jabber.org/protocol/pubsub";
 local xmlns_pubsub_event = xmlns_pubsub .. "#event";
 local subs_by_topic = module:shared"subscriptions";
@@ -90,7 +91,7 @@
 			module:log("debug", require"util.serialization".serialize(verify_modes));
 			if verify_modes["async"] then
 				module:log("debug", "Sending async verification request to %s for %s", tostring(callback_url), tostring(subscription));
-				http_request(callback_url, nil, function(body, code)
+				http.request(callback_url, nil, function(body, code)
 					if body == challenge and code > 199 and code < 300 then
 						if not subscription.want_state then
 							module:log("warn", "Verification of already verified request, probably");
@@ -108,7 +109,7 @@
 				end)
 				return 202;
 			elseif verify_modes["sync"] then
-				http_request(callback_url, nil, function(body, code)
+				http.request(callback_url, nil, function(body, code)
 					if body == challenge and code > 199 and code < 300 then
 						if not subscription.want_state then
 							module:log("warn", "Verification of already verified request, probably");
@@ -160,7 +161,7 @@
 						["hub.lease_seconds"] = subscription.lease_seconds,
 						["hub.verify_token"] = subscription.verify_token,
 					}
-					http_request(callback_url, nil, function(body, code)
+					http.request(callback_url, nil, function(body, code)
 						if body == challenge and code > 199 and code < 300 then
 							subscription.expires = now + subscription.lease_seconds;
 						end
@@ -200,7 +201,7 @@
 	if subscription.secret then
 		headers["X-Hub-Signature"] = "sha1="..hmac_sha1(subscription.secret, body, true);
 	end
-	http_request(subscription.callback, { method = "POST", body = body, headers = headers }, function(body, code)
+	http.request(subscription.callback, { method = "POST", body = body, headers = headers }, function(body, code)
 		if code >= 200 and code <= 299 then
 			module:log("debug", "Delivered");
 		else
--- a/mod_s2s_auth_dane/mod_s2s_auth_dane.lua	Fri Feb 28 15:36:06 2014 +0100
+++ b/mod_s2s_auth_dane/mod_s2s_auth_dane.lua	Fri Feb 28 15:37:55 2014 +0100
@@ -25,7 +25,6 @@
 -- TODO Things to test/handle:
 -- Negative or bogus answers
 -- No SRV records
--- No encryption offered
 
 function s2sout.try_connect(host_session, connect_host, connect_port, err)
 	local srv_hosts = host_session.srv_hosts;
--- a/mod_s2s_auth_fingerprint/mod_s2s_auth_fingerprint.lua	Fri Feb 28 15:36:06 2014 +0100
+++ b/mod_s2s_auth_fingerprint/mod_s2s_auth_fingerprint.lua	Fri Feb 28 15:37:55 2014 +0100
@@ -5,7 +5,6 @@
 
 local digest_algo = module:get_option_string(module:get_name().."_digest", "sha1");
 local must_match = module:get_option_boolean("s2s_pin_fingerprints", false);
-local tofu = module:get_option_boolean("s2s_tofu", false);
 
 local fingerprints = {};
 
@@ -39,20 +38,5 @@
 			session.cert_chain_status = "invalid";
 			session.cert_identity_status = "invalid";
 		end
-	elseif tofu
-			and ( session.cert_chain_status ~= "valid"
-			or session.cert_identity_status ~= "valid" ) then
-		local digest = cert and cert:digest(digest_algo);
-		fingerprints[host] = {
-			[digest] = true;
-		}
 	end
 end);
-
-function module.save()
-	return { fingerprints = fingerprints };
-end
-
-function module.restore(state)
-	fingerprints = state.fingerprints;
-end
--- a/mod_s2s_blacklist/mod_s2s_blacklist.lua	Fri Feb 28 15:36:06 2014 +0100
+++ b/mod_s2s_blacklist/mod_s2s_blacklist.lua	Fri Feb 28 15:37:55 2014 +0100
@@ -1,16 +1,16 @@
 local st = require "util.stanza";
 
-local whitelist = module:get_option_inherited_set("s2s_whitelist", {});
+local blacklist = module:get_option_inherited_set("s2s_blacklist", {});
 
 module:hook("route/remote", function (event)
-	if not whitelist:contains(event.to_host) then
+	if blacklist:contains(event.to_host) then
 		module:send(st.error_reply(event.stanza, "cancel", "not-allowed", "Communication with this domain is restricted"));
 		return true;
 	end
 end, 100);
 
 module:hook("s2s-stream-features", function (event)
-	if not whitelist:contains(event.origin.from_host) then
+	if blacklist:contains(event.origin.from_host) then
 		event.origin:close({
 			condition = "policy-violation";
 			text = "Communication with this domain is restricted";
--- a/mod_s2s_keysize_policy/mod_s2s_keysize_policy.lua	Fri Feb 28 15:36:06 2014 +0100
+++ b/mod_s2s_keysize_policy/mod_s2s_keysize_policy.lua	Fri Feb 28 15:37:55 2014 +0100
@@ -26,9 +26,9 @@
 	if cert and cert.pubkey then
 		local _, key_type, key_size = cert:pubkey();
 		if key_size < ( weak_key_size[key_type] or 0 ) then
-			local expires = parse_x509_datetime(cert:notafter());
-			if expires > weak_key_cutoff then
-				session.log("error", "%s has a %s-bit %s key valid after 31 December 2013, invalidating trust!", host, key_size, key_type);
+			local issued = parse_x509_datetime(cert:notbefore());
+			if issued > weak_key_cutoff then
+				session.log("error", "%s has a %s-bit %s key issued after 31 December 2013, invalidating trust!", host, key_size, key_type);
 				session.cert_chain_status = "invalid";
 				session.cert_identity_status = "invalid";
 			else
--- a/mod_smacks/mod_smacks.lua	Fri Feb 28 15:36:06 2014 +0100
+++ b/mod_smacks/mod_smacks.lua	Fri Feb 28 15:37:55 2014 +0100
@@ -8,7 +8,6 @@
 local add_filter = require "util.filters".add_filter;
 local timer = require "util.timer";
 local datetime = require "util.datetime";
-local tb = require"util.debug".traceback;
 
 local xmlns_sm2 = "urn:xmpp:sm:2";
 local xmlns_sm3 = "urn:xmpp:sm:3";
@@ -85,7 +84,6 @@
 	local function new_send(stanza)
 		local attr = stanza.attr;
 		if attr and not attr.xmlns then -- Stanza in default stream namespace
-			session.log("debug", "Sending stanza %s", stanza:top_tag());
 			local cached_stanza = st.clone(stanza);
 			
 			if cached_stanza and cached_stanza:get_child("delay", xmlns_delay) == nil then
@@ -93,10 +91,8 @@
 			end
 			
 			queue[#queue+1] = cached_stanza;
-			session.log("debug", "#queue = %d", #queue);
 		end
 		if session.hibernating then
-			session.log("debug", "hibernating, stanza queued")
 			-- The session is hibernating, no point in sending the stanza
 			-- over a dead connection.  It will be delivered upon resumption.
 			return true;
@@ -208,7 +204,6 @@
 	for i=1,math_min(handled_stanza_count,#queue) do
 		t_remove(origin.outgoing_stanza_queue, 1);
 	end
-	origin.log("debug", "#queue = %d", #queue);
 	origin.last_acknowledged_stanza = origin.last_acknowledged_stanza + handled_stanza_count;
 	return true;
 end
@@ -338,11 +333,9 @@
 		-- Ok, we need to re-send any stanzas that the client didn't see
 		-- ...they are what is now left in the outgoing stanza queue
 		local queue = original_session.outgoing_stanza_queue;
-		session.log("debug", "#queue = %d", #queue);
 		for i=1,#queue do
 			session.send(queue[i]);
 		end
-		session.log("debug", "#queue = %d -- after send", #queue);
 	else
 		module:log("warn", "Client %s@%s[%s] tried to resume stream for %s@%s[%s]",
 			session.username or "?", session.host or "?", session.type,
--- a/mod_srvinjection/mod_srvinjection.lua	Fri Feb 28 15:36:06 2014 +0100
+++ b/mod_srvinjection/mod_srvinjection.lua	Fri Feb 28 15:37:55 2014 +0100
@@ -1,4 +1,3 @@
-local s = require"util.serialization".new"oneline".serialize;
 
 module:set_global();
 
@@ -26,12 +25,8 @@
 
 local original_lookup = adns.lookup;
 function adns.lookup(handler, qname, qtype, qclass)
-	module:log("debug", "adns.lookup(%s, %s, %s)", s(qname), s(qtype), s(qclass));
 	if qtype == "SRV" then
 		local host = qname:match("^_xmpp%-server%._tcp%.(.*)%.$");
-		module:log("debug", "qname:match(...) → %s", s(host));
-		local mapping = map[host] or map["*"];
-		module:log("debug", "map[%s] → %s", s(host), s(mapping));
 		local mapping = map[host] or map["*"];
 		if mapping then
 			handler(mapping);
--- a/mod_storage_mongodb/mod_storage_mongodb.lua	Fri Feb 28 15:36:06 2014 +0100
+++ b/mod_storage_mongodb/mod_storage_mongodb.lua	Fri Feb 28 15:37:55 2014 +0100
@@ -1,8 +1,5 @@
 local next = next;
 local setmetatable = setmetatable;
-local set = require"util.set";
-local it = require"util.iterators";
-local array = require"util.array";
 
 local params = assert ( module:get_option("mongodb") , "mongodb configuration not found" );
 
@@ -49,75 +46,6 @@
 	end;
 end
 
-local roster_store = {};
-roster_store.__index = roster_store;
-
-function roster_store:get(username)
-	local host = module.host or "_global";
-	local store = self.store;
-
-	-- The database name can't have a period in it (hence it can't be a host/ip)
-	local namespace = params.dbname .. "." .. host;
-	local v = { _id = { store = store ; username = username } };
-
-	local cursor , err = conn:query ( namespace , v );
-	if not cursor then return nil , err end;
-
-	local r , err = cursor:next ( );
-	if not r then return nil , err end;
-	local roster = {
-		[false] = {
-			version = r.version;
-		};
-		pending = set.new( r.pending )._items;
-	};
-	local items = r.items;
-	for i = 1, #items do
-		local item = items[i];
-		roster[item.jid] = {
-			subscription = item.subscription;
-			groups = set.new( item.groups )._items;
-			ask = item.ask;
-			name = item.name;
-		}
-	end
-	return roster;
-end
-
-function roster_store:set(username, data)
-	local host = module.host or "_global";
-	local store = self.store;
-
-	-- The database name can't have a period in it (hence it can't be a host/ip)
-	local namespace = params.dbname .. "." .. host;
-	local v = { _id = { store = store ; username = username } };
-
-	if data == nil or next(data) == nil then -- delete data
-		return conn:remove ( namespace , v );
-	end
-
-	v.version = data[false].version
-	if data.pending then
-		v.pending = array(it.keys(v.pending))
-	end
-
-	local items  = {}
-	for jid, item in pairs(data) do
-		if jid and jid ~=  "pending" then
-			table.insert(items, {
-				jid = jid;
-				subscription = item.subscription;
-				groups = array(it.keys( item.groups ));
-				name = item.name;
-				ask = item.ask;
-			});
-		end
-	end
-	v.items = items;
-
-	return conn:insert ( namespace , v );
-end
-
 local driver = {};
 
 function driver:open(store, typ)
@@ -130,9 +58,6 @@
 	end
 
 	if not typ then -- default key-value store
-		if store == "roster" then
-			return setmetatable({ store = store }, roster_store);
-		end
 		return setmetatable({ store = store }, keyval_store);
 	end;
 	return nil, "unsupported-store";
--- a/mod_turncredentials/mod_turncredentials.lua	Fri Feb 28 15:36:06 2014 +0100
+++ b/mod_turncredentials/mod_turncredentials.lua	Fri Feb 28 15:37:55 2014 +0100
@@ -15,8 +15,6 @@
     return;
 end
 
-module:add_feature("urn:xmpp:extdisco:1");
-
 module:hook("iq-get/host/urn:xmpp:extdisco:1:services", function(event)
     local origin, stanza = event.origin, event.stanza;
     if origin.type ~= "c2s" then
--- a/mod_websocket/mod_websocket.lua	Fri Feb 28 15:36:06 2014 +0100
+++ b/mod_websocket/mod_websocket.lua	Fri Feb 28 15:37:55 2014 +0100
@@ -242,7 +242,6 @@
 	c2s_listener.onconnect(conn);
 
 	local session = sessions[conn];
-	session._http_request_headers = request.headers;
 
 	session.secure = consider_websocket_secure or session.secure;
 
@@ -286,11 +285,4 @@
 			["GET /"] = handle_request;
 		};
 	});
-
-	module:add_item("alt-conn-method", {
-		rel = "urn:xmpp:altconnect:websocket";
-		href = module:http_url(nil, "xmpp-websocket"):gsub("^http", "ws");
-	});
 end
-
-