File

mod_saslauth, mod_c2s: Disable tls-server-end-point channel binding by default This channel binding method is now enabled when a hash is manually set in the config, or it attempts to discover the hash automatically if the value is the special string "auto". A related change to mod_c2s prevents complicated certificate lookups in the client connection hot path - this work now happens only when this channel binding method is used. I'm not aware of anything else that uses ssl_cfg (vs ssl_ctx). Rationale for disabling by default: - Minor performance impact in automatic cert detection - This method is weak against a leaked/stolen private key (other methods such as 'tls-exporter' would not be compromised in such a case) Rationale for keeping the implementation: - For some deployments, this may be the only method available (e.g. due to TLS offloading in another process/server).

-- Prosody IM
-- Copyright (C) 2008-2010 Matthew Wild
-- Copyright (C) 2008-2010 Waqas Hussain
--
-- This project is MIT/X11 licensed. Please see the
-- COPYING file in the source package for more information.
--

local st = require "prosody.util.stanza";
local datetime = require "prosody.util.datetime".datetime;
local now = require "prosody.util.time".now;

-- XEP-0202: Entity Time

module:add_feature("urn:xmpp:time");

local function time_handler(event)
	local origin, stanza = event.origin, event.stanza;
	origin.send(st.reply(stanza):tag("time", {xmlns="urn:xmpp:time"})
		:tag("tzo"):text("+00:00"):up() -- TODO get the timezone in a platform independent fashion
		:tag("utc"):text(datetime(now())));
	return true;
end

module:hook("iq-get/bare/urn:xmpp:time:time", time_handler);
module:hook("iq-get/host/urn:xmpp:time:time", time_handler);