Software / code / prosody
Annotate
util/error.lua @ 10224:94e341dee51c
core.certmanager: Move EECDH ciphers before EDH in default cipherstring
The original intent of having kEDH before kEECDH was that if a `dhparam`
file was specified, this would be interpreted as a preference by the
admin for old and well-tested Diffie-Hellman key agreement over newer
elliptic curve ones. Otherwise the faster elliptic curve ciphersuites
would be preferred. This didn't really work as intended since this
affects the ClientHello on outgoing s2s connections, leading to some
servers using poorly configured kEDH.
With Debian shipping OpenSSL settings that enforce a higher security
level, this caused interoperability problems with servers that use DH
params smaller than 2048 bits. E.g. jabber.org at the time of this
writing has 1024 bit DH params.
MattJ says
> Curves have won, and OpenSSL is less weird about them now
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sun, 25 Aug 2019 20:22:35 +0200 |
| parent | 10069:6f317e51544d |
| child | 10365:744ca71a49f7 |
| rev | line source |
|---|---|
|
9746
848fd204708c
util.error: Add new util library for structured errors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
1 local error_mt = { __name = "error" }; |
|
848fd204708c
util.error: Add new util library for structured errors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
2 |
|
848fd204708c
util.error: Add new util library for structured errors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
3 function error_mt:__tostring() |
|
10069
6f317e51544d
util.error: Fix traceback due to missing text field
Kim Alvefur <zash@zash.se>
parents:
9749
diff
changeset
|
4 return ("error<%s:%s:%s>"):format(self.type, self.condition, self.text or ""); |
|
9746
848fd204708c
util.error: Add new util library for structured errors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
5 end |
|
848fd204708c
util.error: Add new util library for structured errors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
6 |
|
848fd204708c
util.error: Add new util library for structured errors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
7 local function is_err(e) |
|
848fd204708c
util.error: Add new util library for structured errors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
8 return getmetatable(e) == error_mt; |
|
848fd204708c
util.error: Add new util library for structured errors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
9 end |
|
848fd204708c
util.error: Add new util library for structured errors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
10 |
|
848fd204708c
util.error: Add new util library for structured errors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
11 local function new(e, context, registry) |
|
848fd204708c
util.error: Add new util library for structured errors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
12 local template = (registry and registry[e]) or e or {}; |
|
848fd204708c
util.error: Add new util library for structured errors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
13 return setmetatable({ |
|
848fd204708c
util.error: Add new util library for structured errors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
14 type = template.type or "cancel"; |
|
848fd204708c
util.error: Add new util library for structured errors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
15 condition = template.condition or "undefined-condition"; |
|
848fd204708c
util.error: Add new util library for structured errors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
16 text = template.text; |
|
848fd204708c
util.error: Add new util library for structured errors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
17 |
|
848fd204708c
util.error: Add new util library for structured errors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
18 context = context or template.context or { _error_id = e }; |
|
848fd204708c
util.error: Add new util library for structured errors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
19 }, error_mt); |
|
848fd204708c
util.error: Add new util library for structured errors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
20 end |
|
848fd204708c
util.error: Add new util library for structured errors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
21 |
|
848fd204708c
util.error: Add new util library for structured errors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
22 local function coerce(ok, err, ...) |
|
848fd204708c
util.error: Add new util library for structured errors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
23 if ok or is_err(err) then |
|
848fd204708c
util.error: Add new util library for structured errors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
24 return ok, err, ...; |
|
848fd204708c
util.error: Add new util library for structured errors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
25 end |
|
848fd204708c
util.error: Add new util library for structured errors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
26 |
|
848fd204708c
util.error: Add new util library for structured errors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
27 local new_err = setmetatable({ |
|
848fd204708c
util.error: Add new util library for structured errors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
28 native = err; |
|
848fd204708c
util.error: Add new util library for structured errors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
29 |
|
848fd204708c
util.error: Add new util library for structured errors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
30 type = "cancel"; |
|
848fd204708c
util.error: Add new util library for structured errors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
31 condition = "undefined-condition"; |
|
848fd204708c
util.error: Add new util library for structured errors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
32 }, error_mt); |
|
848fd204708c
util.error: Add new util library for structured errors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
33 return ok, new_err, ...; |
|
848fd204708c
util.error: Add new util library for structured errors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
34 end |
|
848fd204708c
util.error: Add new util library for structured errors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
35 |
|
9749
9361bd1b9c9b
util.error: Add a function for creating an error object from an error stanza
Kim Alvefur <zash@zash.se>
parents:
9746
diff
changeset
|
36 local function from_stanza(stanza, context) |
|
9361bd1b9c9b
util.error: Add a function for creating an error object from an error stanza
Kim Alvefur <zash@zash.se>
parents:
9746
diff
changeset
|
37 local error_type, condition, text = stanza:get_error(); |
|
9361bd1b9c9b
util.error: Add a function for creating an error object from an error stanza
Kim Alvefur <zash@zash.se>
parents:
9746
diff
changeset
|
38 return setmetatable({ |
|
9361bd1b9c9b
util.error: Add a function for creating an error object from an error stanza
Kim Alvefur <zash@zash.se>
parents:
9746
diff
changeset
|
39 type = error_type or "cancel"; |
|
9361bd1b9c9b
util.error: Add a function for creating an error object from an error stanza
Kim Alvefur <zash@zash.se>
parents:
9746
diff
changeset
|
40 condition = condition or "undefined-condition"; |
|
9361bd1b9c9b
util.error: Add a function for creating an error object from an error stanza
Kim Alvefur <zash@zash.se>
parents:
9746
diff
changeset
|
41 text = text; |
|
9361bd1b9c9b
util.error: Add a function for creating an error object from an error stanza
Kim Alvefur <zash@zash.se>
parents:
9746
diff
changeset
|
42 |
|
9361bd1b9c9b
util.error: Add a function for creating an error object from an error stanza
Kim Alvefur <zash@zash.se>
parents:
9746
diff
changeset
|
43 context = context or { stanza = stanza }; |
|
9361bd1b9c9b
util.error: Add a function for creating an error object from an error stanza
Kim Alvefur <zash@zash.se>
parents:
9746
diff
changeset
|
44 }, error_mt); |
|
9361bd1b9c9b
util.error: Add a function for creating an error object from an error stanza
Kim Alvefur <zash@zash.se>
parents:
9746
diff
changeset
|
45 end |
|
9361bd1b9c9b
util.error: Add a function for creating an error object from an error stanza
Kim Alvefur <zash@zash.se>
parents:
9746
diff
changeset
|
46 |
|
9746
848fd204708c
util.error: Add new util library for structured errors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
47 return { |
|
848fd204708c
util.error: Add new util library for structured errors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
48 new = new; |
|
848fd204708c
util.error: Add new util library for structured errors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
49 coerce = coerce; |
|
848fd204708c
util.error: Add new util library for structured errors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
50 is_err = is_err; |
|
9749
9361bd1b9c9b
util.error: Add a function for creating an error object from an error stanza
Kim Alvefur <zash@zash.se>
parents:
9746
diff
changeset
|
51 from_stanza = from_stanza; |
|
9746
848fd204708c
util.error: Add new util library for structured errors
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
52 } |
