Merge 0.9->trunk
|
Kim Alvefur |
Tue, 06 Aug 2013 14:35:03 +0200 |
mod_admin_telnet, mod_s2s: Fix reporting of certificate chain validation details
|
Kim Alvefur |
Tue, 06 Aug 2013 14:32:31 +0200 |
mod_s2s: Improve policy check
|
Kim Alvefur |
Mon, 05 Aug 2013 20:47:38 +0200 |
mod_s2s: Log certificate identity validation result
|
Kim Alvefur |
Sun, 04 Aug 2013 17:33:00 +0200 |
mod_c2s, mod_s2s: Log a message that stream encryption has been enabled with some details
|
Kim Alvefur |
Fri, 02 Aug 2013 15:12:24 +0200 |
mod_s2s: Add missing global hook for read-timeout
|
Kim Alvefur |
Wed, 26 Jun 2013 13:35:38 +0200 |
mod_c2s, mod_s2s: Fire an event on read timeouts
|
Kim Alvefur |
Tue, 11 Jun 2013 21:36:15 +0200 |
mod_s2s: Set s2s_session.ip
|
Kim Alvefur |
Sun, 09 Jun 2013 12:54:10 +0200 |
mod_c2s, mod_c2s: Send a whitespace on read timeout, to prod TCP into detecting if the connection died
|
Kim Alvefur |
Thu, 30 May 2013 14:32:40 +0200 |
mod_s2s: Remove unnecessary debug message
|
Matthew Wild |
Tue, 28 May 2013 16:10:22 +0100 |
mod_s2s: Fix interaction between s2s_secure_auth and s2s_require_encryption, in particular ensure that when s2s_require_encryption is NOT set, do not require encryption on s2s_insecure_domains.
|
Matthew Wild |
Sat, 18 May 2013 12:02:25 +0100 |
mod_s2s: Ensure that to/from on stream headers are always correct, fixes #338
|
Matthew Wild |
Mon, 29 Apr 2013 00:33:39 +0100 |
mod_s2s: Obey tcp_keepalives option for s2s too, and make it individually configurable through s2s_tcp_keepalives (thanks yeled)
|
Matthew Wild |
Fri, 26 Apr 2013 12:25:25 +0100 |
mod_c2s, mod_s2s, net.http, net.http.server: Improve tracebacks (omit traceback function), to make it clearer where an error occured
|
Matthew Wild |
Mon, 22 Apr 2013 12:35:52 +0100 |
mod_s2s: Add missing space
|
Kim Alvefur |
Mon, 15 Apr 2013 19:37:15 +0200 |
mod_s2s: Adjust priority of route/remote hooks to negative values (like most other internal hooks)
|
Kim Alvefur |
Mon, 08 Apr 2013 22:42:38 +0200 |
mod_s2s: Add COMPAT cahin verification code for older LuaSec versions
|
Kim Alvefur |
Thu, 04 Apr 2013 19:21:47 +0200 |
mod_s2s: Close incoming s2s with stream error when secure and we don't trust their certificate
|
Matthew Wild |
Mon, 01 Apr 2013 14:45:59 +0100 |
mod_s2s: Prevent s2s to and from hosts we serve locally
|
Kim Alvefur |
Wed, 27 Mar 2013 23:09:47 +0100 |
mod_s2s: Prevent traceback when replying to incoming connection to a host we don't serve
|
Kim Alvefur |
Tue, 26 Mar 2013 09:25:20 +0100 |
mod_s2s: session.from_host does not allways exist on incoming connections, true and nil or "our hostname" does not evaluate to what we want here
|
Kim Alvefur |
Mon, 25 Mar 2013 08:18:49 +0100 |
mod_s2s: Fix variable usage in check_auth_policy (thanks Florob)
|
Matthew Wild |
Fri, 22 Mar 2013 15:16:22 +0000 |
mod_s2s: Remove unused variable
|
Matthew Wild |
Fri, 22 Mar 2013 14:31:14 +0000 |
mod_s2s: Add controls for certificate validation via the s2s_secure_auth option. Plugins can now return false from handling s2s-check-certificate to prevent connection establishment (s2sin+s2sout)
|
Matthew Wild |
Fri, 22 Mar 2013 14:21:02 +0000 |
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
|
Matthew Wild |
Fri, 22 Mar 2013 14:18:23 +0000 |
mod_s2s, mod_saslauth, mod_compression: Refactor to have common code for opening streams
|
Kim Alvefur |
Sat, 16 Mar 2013 17:46:43 +0100 |
mod_s2s: Do not include xmlns:db declaration in stream header if mod_dialback is not loaded
|
Matthew Wild |
Tue, 12 Mar 2013 12:30:08 +0000 |
mod_s2s: Make sure host variable is reachable
|
Kim Alvefur |
Mon, 11 Mar 2013 21:39:15 +0100 |
mod_s2s: Fire s2s-check-certificate event after validating a certificate, to allow plugins to override standard procedure
|
Matthew Wild |
Sun, 10 Mar 2013 17:49:07 +0000 |
mod_s2s, mod_dialback: Rename s2s-authenticate-legacy event to s2sout-authenticate-legacy for clarity. Also, hello!
|
Matthew Wild |
Sun, 10 Mar 2013 11:25:05 +0000 |
mod_s2s: Don't try to close sessions that were destroyed before timeout
|
Kim Alvefur |
Thu, 24 Jan 2013 00:59:32 +0100 |
prosody, mod_c2s, mod_s2s: Move closing of c2s and s2s sessions to respective plugins
|
Kim Alvefur |
Fri, 28 Dec 2012 14:33:47 +0100 |
mod_s2s: Remove connection from sessions table as soon as we learn it is disconnected. Fixes a connection/session leak.
|
Matthew Wild |
Fri, 28 Dec 2012 12:47:44 +0000 |
mod_s2s: Detect TLS compression
|
Kim Alvefur |
Wed, 24 Oct 2012 19:05:56 +0200 |
mod_{admin_telnet,c2s,component,http,net_multiplex,s2s}: Use module:provides() instead of module:add_item().
|
Waqas Hussain |
Wed, 12 Sep 2012 22:22:31 +0500 |
mod_admin_adhoc, mod_admin_telnet, mod_bosh, mod_c2s, mod_component, mod_pep, mod_presence, mod_roster, mod_s2s: Import core_post_stanza from the global prosody table.
|
Kim Alvefur |
Thu, 26 Jul 2012 04:33:17 +0200 |
mod_s2s: Bump s2s_timeout to 90, to allow for the TCP timeout (in most cases) - this allows us to continue to try other targets
|
Matthew Wild |
Mon, 23 Jul 2012 18:57:28 +0100 |
mod_c2s, mod_s2s: Lower 'Disconnecting X' log messages from 'info' to 'debug'
|
Matthew Wild |
Mon, 23 Jul 2012 18:28:14 +0100 |
Hopefully inert commit to clean up logging across a number of modules, removing all cases of concatenation when building log messages
|
Matthew Wild |
Mon, 23 Jul 2012 17:32:33 +0100 |
mod_s2s: Adjust session:close() in line with mod_c2s's - fixes waiting for </stream:stream> if it has already been sent by the peer
|
Matthew Wild |
Mon, 23 Jul 2012 13:31:26 +0100 |
mod_s2s: Don't call ondisconnect manually, don't call conn:close() 3 times (!) and merge its logic and streamdisconnected into session_close - including now waiting for a reply </stream:stream> if there is the chance of further stanzas requiring delivery arriving. session.sends2s() on a half-closed stream returns false.
|
Matthew Wild |
Sun, 22 Jul 2012 17:07:21 +0100 |
mod_s2s: Don't treat a stanza as delivered if session.sends2s() returns false
|
Matthew Wild |
Sun, 22 Jul 2012 17:04:02 +0100 |
mod_s2s: Make unauthed session timeout a little more aggressive... otherwise it's possible for sessions to slip under the net and never get killed off
|
Matthew Wild |
Sun, 22 Jul 2012 16:45:27 +0100 |
mod_s2s, s2sout.lib: Send stream header in onconnect()
|
Matthew Wild |
Thu, 24 May 2012 03:08:42 +0100 |
mod_s2s: Only try next target if the stream didn't open
|
Matthew Wild |
Sun, 13 May 2012 16:03:05 +0100 |
mod_s2s: Remove TODO comment for SASL/TLS on s2s (thanks Florob)
|
Matthew Wild |
Fri, 11 May 2012 02:17:20 +0100 |
mod_s2s, mod_auth_anonymous, hostmanager: Remove disallow_s2s flag, deprecate the config option of the same name (disable mod_s2s instead), and add 'allow_anonymous_s2s' to separately control s2s for anonymous users
|
Matthew Wild |
Fri, 11 May 2012 00:56:18 +0100 |
mod_s2s, s2smanager, mod_dialback: Move addition of session.send() on s2sin to after they are authenticated (thus from mod_s2s to s2smanager). Update mod_dialback to fire route/remote directly, as session.send() is no longer available for s2sin_unauthed. Fixes #291.
|
Matthew Wild |
Thu, 10 May 2012 22:59:01 +0100 |
mod_s2s: Cache to_host and from_host in local variables, and use these instead of repeated lookups
|
Matthew Wild |
Fri, 04 May 2012 02:27:26 +0100 |
mod_s2s: Add session.send() only to incoming streams, and fire the route/remote event on the host (not global anymore)
|
Matthew Wild |
Fri, 04 May 2012 02:22:26 +0100 |
mod_s2s: Become a shared module (yay)
|
Matthew Wild |
Fri, 04 May 2012 01:50:17 +0100 |
Rename plugins/s2s/ to plugins/mod_s2s/
base
plugins/s2s/mod_s2s.lua@764d81f30c04
|
Matthew Wild |
Fri, 04 May 2012 00:05:15 +0100 |