Software `/` code `/` prosody

Annotate

tools/migration/migrator.cfg.lua @ 13289:38c95544b7ee

mod_saslauth, mod_c2s: Disable tls-server-end-point channel binding by default This channel binding method is now enabled when a hash is manually set in the config, or it attempts to discover the hash automatically if the value is the special string "auto". A related change to mod_c2s prevents complicated certificate lookups in the client connection hot path - this work now happens only when this channel binding method is used. I'm not aware of anything else that uses ssl_cfg (vs ssl_ctx). Rationale for disabling by default: - Minor performance impact in automatic cert detection - This method is weak against a leaked/stolen private key (other methods such as 'tls-exporter' would not be compromised in such a case) Rationale for keeping the implementation: - For some deployments, this may be the only method available (e.g. due to TLS offloading in another process/server).

author	Matthew Wild <mwild1@gmail.com>
date	Thu, 26 Oct 2023 15:14:39 +0100
parent	12168:33e856c65033
child	13295:b788307ca06a

rev	line source
4209 df753c398aa0 tools/migration/config.lua: Minor fixes for more sensible defaults Matthew Wild <mwild1@gmail.com> parents: 4166 diff changeset	1 local data_path = "../../data";
df753c398aa0 tools/migration/config.lua: Minor fixes for more sensible defaults Matthew Wild <mwild1@gmail.com> parents: 4166 diff changeset	2
10003 4d702f0c6273 migrator: Rewrite to use storage modules Kim Alvefur <zash@zash.se> parents: 4211 diff changeset	3 local vhost = {
4d702f0c6273 migrator: Rewrite to use storage modules Kim Alvefur <zash@zash.se> parents: 4211 diff changeset	4 "accounts",
4d702f0c6273 migrator: Rewrite to use storage modules Kim Alvefur <zash@zash.se> parents: 4211 diff changeset	5 "account_details",
4d702f0c6273 migrator: Rewrite to use storage modules Kim Alvefur <zash@zash.se> parents: 4211 diff changeset	6 "roster",
4d702f0c6273 migrator: Rewrite to use storage modules Kim Alvefur <zash@zash.se> parents: 4211 diff changeset	7 "vcard",
4d702f0c6273 migrator: Rewrite to use storage modules Kim Alvefur <zash@zash.se> parents: 4211 diff changeset	8 "private",
4d702f0c6273 migrator: Rewrite to use storage modules Kim Alvefur <zash@zash.se> parents: 4211 diff changeset	9 "blocklist",
4d702f0c6273 migrator: Rewrite to use storage modules Kim Alvefur <zash@zash.se> parents: 4211 diff changeset	10 "privacy",
4d702f0c6273 migrator: Rewrite to use storage modules Kim Alvefur <zash@zash.se> parents: 4211 diff changeset	11 "archive-archive",
4d702f0c6273 migrator: Rewrite to use storage modules Kim Alvefur <zash@zash.se> parents: 4211 diff changeset	12 "offline-archive",
12168 33e856c65033 migrator: Support pubsub and pep as a special-case Kim Alvefur <zash@zash.se> parents: 10003 diff changeset	13 "pubsub_nodes-pubsub",
33e856c65033 migrator: Support pubsub and pep as a special-case Kim Alvefur <zash@zash.se> parents: 10003 diff changeset	14 "pep-pubsub",
10003 4d702f0c6273 migrator: Rewrite to use storage modules Kim Alvefur <zash@zash.se> parents: 4211 diff changeset	15 }
4d702f0c6273 migrator: Rewrite to use storage modules Kim Alvefur <zash@zash.se> parents: 4211 diff changeset	16 local muc = {
4d702f0c6273 migrator: Rewrite to use storage modules Kim Alvefur <zash@zash.se> parents: 4211 diff changeset	17 "persistent",
4d702f0c6273 migrator: Rewrite to use storage modules Kim Alvefur <zash@zash.se> parents: 4211 diff changeset	18 "config",
4d702f0c6273 migrator: Rewrite to use storage modules Kim Alvefur <zash@zash.se> parents: 4211 diff changeset	19 "state",
4d702f0c6273 migrator: Rewrite to use storage modules Kim Alvefur <zash@zash.se> parents: 4211 diff changeset	20 "muc_log-archive",
4d702f0c6273 migrator: Rewrite to use storage modules Kim Alvefur <zash@zash.se> parents: 4211 diff changeset	21 };
4d702f0c6273 migrator: Rewrite to use storage modules Kim Alvefur <zash@zash.se> parents: 4211 diff changeset	22
4166 3ac90743039b tools/migration/.lua: Convert to unix line endings Matthew Wild <mwild1@gmail.com>* parents: 4162 diff changeset	23 input {
10003 4d702f0c6273 migrator: Rewrite to use storage modules Kim Alvefur <zash@zash.se> parents: 4211 diff changeset	24 hosts = {
4d702f0c6273 migrator: Rewrite to use storage modules Kim Alvefur <zash@zash.se> parents: 4211 diff changeset	25 ["example.com"] = vhost;
4d702f0c6273 migrator: Rewrite to use storage modules Kim Alvefur <zash@zash.se> parents: 4211 diff changeset	26 ["conference.example.com"] = muc;
4d702f0c6273 migrator: Rewrite to use storage modules Kim Alvefur <zash@zash.se> parents: 4211 diff changeset	27 };
4d702f0c6273 migrator: Rewrite to use storage modules Kim Alvefur <zash@zash.se> parents: 4211 diff changeset	28 type = "internal";
4209 df753c398aa0 tools/migration/config.lua: Minor fixes for more sensible defaults Matthew Wild <mwild1@gmail.com> parents: 4166 diff changeset	29 path = data_path;
df753c398aa0 tools/migration/config.lua: Minor fixes for more sensible defaults Matthew Wild <mwild1@gmail.com> parents: 4166 diff changeset	30 }
df753c398aa0 tools/migration/config.lua: Minor fixes for more sensible defaults Matthew Wild <mwild1@gmail.com> parents: 4166 diff changeset	31
df753c398aa0 tools/migration/config.lua: Minor fixes for more sensible defaults Matthew Wild <mwild1@gmail.com> parents: 4166 diff changeset	32 output {
10003 4d702f0c6273 migrator: Rewrite to use storage modules Kim Alvefur <zash@zash.se> parents: 4211 diff changeset	33 type = "sql";
4166 3ac90743039b tools/migration/.lua: Convert to unix line endings Matthew Wild <mwild1@gmail.com>* parents: 4162 diff changeset	34 driver = "SQLite3";
4209 df753c398aa0 tools/migration/config.lua: Minor fixes for more sensible defaults Matthew Wild <mwild1@gmail.com> parents: 4166 diff changeset	35 database = data_path.."/prosody.sqlite";
4166 3ac90743039b tools/migration/.lua: Convert to unix line endings Matthew Wild <mwild1@gmail.com>* parents: 4162 diff changeset	36 }
3ac90743039b tools/migration/.lua: Convert to unix line endings Matthew Wild <mwild1@gmail.com>* parents: 4162 diff changeset	37
3ac90743039b tools/migration/.lua: Convert to unix line endings Matthew Wild <mwild1@gmail.com>* parents: 4162 diff changeset	38 --[[
3ac90743039b tools/migration/.lua: Convert to unix line endings Matthew Wild <mwild1@gmail.com>* parents: 4162 diff changeset	39
3ac90743039b tools/migration/.lua: Convert to unix line endings Matthew Wild <mwild1@gmail.com>* parents: 4162 diff changeset	40 input {
10003 4d702f0c6273 migrator: Rewrite to use storage modules Kim Alvefur <zash@zash.se> parents: 4211 diff changeset	41 type = "internal";
4209 df753c398aa0 tools/migration/config.lua: Minor fixes for more sensible defaults Matthew Wild <mwild1@gmail.com> parents: 4166 diff changeset	42 path = data_path;
4166 3ac90743039b tools/migration/.lua: Convert to unix line endings Matthew Wild <mwild1@gmail.com>* parents: 4162 diff changeset	43 }
3ac90743039b tools/migration/.lua: Convert to unix line endings Matthew Wild <mwild1@gmail.com>* parents: 4162 diff changeset	44 output {
10003 4d702f0c6273 migrator: Rewrite to use storage modules Kim Alvefur <zash@zash.se> parents: 4211 diff changeset	45 type = "sql";
4166 3ac90743039b tools/migration/.lua: Convert to unix line endings Matthew Wild <mwild1@gmail.com>* parents: 4162 diff changeset	46 driver = "SQLite3";
4209 df753c398aa0 tools/migration/config.lua: Minor fixes for more sensible defaults Matthew Wild <mwild1@gmail.com> parents: 4166 diff changeset	47 database = data_path.."/prosody.sqlite";
4166 3ac90743039b tools/migration/.lua: Convert to unix line endings Matthew Wild <mwild1@gmail.com>* parents: 4162 diff changeset	48 }
3ac90743039b tools/migration/.lua: Convert to unix line endings Matthew Wild <mwild1@gmail.com>* parents: 4162 diff changeset	49
3ac90743039b tools/migration/.lua: Convert to unix line endings Matthew Wild <mwild1@gmail.com>* parents: 4162 diff changeset	50 ]]

prosody

38c95544b7ee

tools/migration/migrator.cfg.lua

Software / code / prosody

Annotate

tools/migration/migrator.cfg.lua @ 13289:38c95544b7ee

Software `/` code `/` prosody