Software / code / prosody
Annotate
plugins/mod_mam/mamprefsxml.lib.lua @ 10224:94e341dee51c
core.certmanager: Move EECDH ciphers before EDH in default cipherstring
The original intent of having kEDH before kEECDH was that if a `dhparam`
file was specified, this would be interpreted as a preference by the
admin for old and well-tested Diffie-Hellman key agreement over newer
elliptic curve ones. Otherwise the faster elliptic curve ciphersuites
would be preferred. This didn't really work as intended since this
affects the ClientHello on outgoing s2s connections, leading to some
servers using poorly configured kEDH.
With Debian shipping OpenSSL settings that enforce a higher security
level, this caused interoperability problems with servers that use DH
params smaller than 2048 bits. E.g. jabber.org at the time of this
writing has 1024 bit DH params.
MattJ says
> Curves have won, and OpenSSL is less weird about them now
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sun, 25 Aug 2019 20:22:35 +0200 |
| parent | 9728:d41ce505cdf9 |
| child | 12977:74b9e05af71e |
| rev | line source |
|---|---|
|
7851
80ee0d9cd56f
mod_mam: Normalize copyright headers
Kim Alvefur <zash@zash.se>
parents:
7839
diff
changeset
|
1 -- Prosody IM |
|
80ee0d9cd56f
mod_mam: Normalize copyright headers
Kim Alvefur <zash@zash.se>
parents:
7839
diff
changeset
|
2 -- Copyright (C) 2008-2017 Matthew Wild |
|
80ee0d9cd56f
mod_mam: Normalize copyright headers
Kim Alvefur <zash@zash.se>
parents:
7839
diff
changeset
|
3 -- Copyright (C) 2008-2017 Waqas Hussain |
|
80ee0d9cd56f
mod_mam: Normalize copyright headers
Kim Alvefur <zash@zash.se>
parents:
7839
diff
changeset
|
4 -- Copyright (C) 2011-2017 Kim Alvefur |
|
9728
d41ce505cdf9
mod_mam: Only accept valid JIDs in <always/> and <never/> prefs. (fixes #1275)
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
7903
diff
changeset
|
5 -- Copyright (C) 2018 Emmanuel Gil Peyrot |
|
7851
80ee0d9cd56f
mod_mam: Normalize copyright headers
Kim Alvefur <zash@zash.se>
parents:
7839
diff
changeset
|
6 -- |
|
80ee0d9cd56f
mod_mam: Normalize copyright headers
Kim Alvefur <zash@zash.se>
parents:
7839
diff
changeset
|
7 -- This project is MIT/X11 licensed. Please see the |
|
80ee0d9cd56f
mod_mam: Normalize copyright headers
Kim Alvefur <zash@zash.se>
parents:
7839
diff
changeset
|
8 -- COPYING file in the source package for more information. |
|
80ee0d9cd56f
mod_mam: Normalize copyright headers
Kim Alvefur <zash@zash.se>
parents:
7839
diff
changeset
|
9 -- |
|
7836
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
10 -- XEP-0313: Message Archive Management for Prosody |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
11 -- |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
12 |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
13 local st = require"util.stanza"; |
|
9728
d41ce505cdf9
mod_mam: Only accept valid JIDs in <always/> and <never/> prefs. (fixes #1275)
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
7903
diff
changeset
|
14 local jid_prep = require"util.jid".prep; |
|
7903
036c771b842a
mod_mam: Update namespace to XEP-0313 v0.6
Kim Alvefur <zash@zash.se>
parents:
7851
diff
changeset
|
15 local xmlns_mam = "urn:xmpp:mam:2"; |
|
7836
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
16 |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
17 local default_attrs = { |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
18 always = true, [true] = "always", |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
19 never = false, [false] = "never", |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
20 roster = "roster", |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
21 } |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
22 |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
23 local function tostanza(prefs) |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
24 local default = prefs[false]; |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
25 default = default_attrs[default]; |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
26 local prefstanza = st.stanza("prefs", { xmlns = xmlns_mam, default = default }); |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
27 local always = st.stanza("always"); |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
28 local never = st.stanza("never"); |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
29 for jid, choice in pairs(prefs) do |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
30 if jid then |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
31 (choice and always or never):tag("jid"):text(jid):up(); |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
32 end |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
33 end |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
34 prefstanza:add_child(always):add_child(never); |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
35 return prefstanza; |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
36 end |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
37 local function fromstanza(prefstanza) |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
38 local prefs = {}; |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
39 local default = prefstanza.attr.default; |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
40 if default then |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
41 prefs[false] = default_attrs[default]; |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
42 end |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
43 |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
44 local always = prefstanza:get_child("always"); |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
45 if always then |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
46 for rule in always:childtags("jid") do |
|
9728
d41ce505cdf9
mod_mam: Only accept valid JIDs in <always/> and <never/> prefs. (fixes #1275)
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
7903
diff
changeset
|
47 local jid = jid_prep(rule:get_text()); |
|
d41ce505cdf9
mod_mam: Only accept valid JIDs in <always/> and <never/> prefs. (fixes #1275)
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
7903
diff
changeset
|
48 if jid then |
|
d41ce505cdf9
mod_mam: Only accept valid JIDs in <always/> and <never/> prefs. (fixes #1275)
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
7903
diff
changeset
|
49 prefs[jid] = true; |
|
d41ce505cdf9
mod_mam: Only accept valid JIDs in <always/> and <never/> prefs. (fixes #1275)
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
7903
diff
changeset
|
50 end |
|
7836
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
51 end |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
52 end |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
53 |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
54 local never = prefstanza:get_child("never"); |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
55 if never then |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
56 for rule in never:childtags("jid") do |
|
9728
d41ce505cdf9
mod_mam: Only accept valid JIDs in <always/> and <never/> prefs. (fixes #1275)
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
7903
diff
changeset
|
57 local jid = jid_prep(rule:get_text()); |
|
d41ce505cdf9
mod_mam: Only accept valid JIDs in <always/> and <never/> prefs. (fixes #1275)
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
7903
diff
changeset
|
58 if jid then |
|
d41ce505cdf9
mod_mam: Only accept valid JIDs in <always/> and <never/> prefs. (fixes #1275)
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
7903
diff
changeset
|
59 prefs[jid] = false; |
|
d41ce505cdf9
mod_mam: Only accept valid JIDs in <always/> and <never/> prefs. (fixes #1275)
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
7903
diff
changeset
|
60 end |
|
7836
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
61 end |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
62 end |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
63 |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
64 return prefs; |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
65 end |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
66 |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
67 return { |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
68 tostanza = tostanza; |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
69 fromstanza = fromstanza; |
|
30fac9154fd4
mod_mam: Import from prosody-modules
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
70 } |
