# HG changeset patch # User Kim Alvefur # Date 1444586580 -7200 # Node ID 0e81e3dab8960d7878643ab506d639cb48d74253 # Parent 214a62915368cadcaaf3c9368365c67ed280b029# Parent 633af47470c8a43639f825c3cde14bfef682209f Merge 0.10->trunk diff -r 214a62915368 -r 0e81e3dab896 core/certmanager.lua --- a/core/certmanager.lua Fri Oct 02 12:17:41 2015 +0200 +++ b/core/certmanager.lua Sun Oct 11 20:03:00 2015 +0200 @@ -101,6 +101,8 @@ for option in pairs(path_options) do if type(user_ssl_config[option]) == "string" then user_ssl_config[option] = resolve_path(config_path, user_ssl_config[option]); + else + user_ssl_config[option] = nil; end end diff -r 214a62915368 -r 0e81e3dab896 net/websocket/frames.lua --- a/net/websocket/frames.lua Fri Oct 02 12:17:41 2015 +0200 +++ b/net/websocket/frames.lua Sun Oct 11 20:03:00 2015 +0200 @@ -10,10 +10,8 @@ local log = require "util.logger".init "websocket.frames"; local random_bytes = require "util.random".bytes; -local bit; -pcall(function() bit = require"bit"; end); -bit = bit or softreq"bit32" -if not bit then log("error", "No bit module found. Either LuaJIT 2, lua-bitop or Lua 5.2 is required"); end +local bit = assert(softreq"bit" or softreq"bit32", + "No bit module found. See https://prosody.im/doc/depends#bitop"); local band = bit.band; local bor = bit.bor; local bxor = bit.bxor; @@ -24,6 +22,13 @@ local s_byte = string.byte; local s_char= string.char; local s_sub = string.sub; +local s_pack = string.pack; +local s_unpack = string.unpack; + +if not s_pack and softreq"struct" then + s_pack = softreq"struct".pack; + s_unpack = softreq"struct".unpack; +end local function read_uint16be(str, pos) local l1, l2 = s_byte(str, pos, pos+1); @@ -32,8 +37,9 @@ -- FIXME: this may lose precision local function read_uint64be(str, pos) local l1, l2, l3, l4, l5, l6, l7, l8 = s_byte(str, pos, pos+7); - return lshift(l1, 56) + lshift(l2, 48) + lshift(l3, 40) + lshift(l4, 32) - + lshift(l5, 24) + lshift(l6, 16) + lshift(l7, 8) + l8; + local h = lshift(l1, 24) + lshift(l2, 16) + lshift(l3, 8) + l4; + local l = lshift(l5, 24) + lshift(l6, 16) + lshift(l7, 8) + l8; + return h * 2^32 + l; end local function pack_uint16be(x) return s_char(rshift(x, 8), band(x, 0xFF)); @@ -42,10 +48,29 @@ return band(rshift(x, n), 0xFF); end local function pack_uint64be(x) - return s_char(rshift(x, 56), get_byte(x, 48), get_byte(x, 40), get_byte(x, 32), + local h = band(x / 2^32, 2^32-1); + return s_char(get_byte(h, 24), get_byte(h, 16), get_byte(h, 8), band(h, 0xFF), get_byte(x, 24), get_byte(x, 16), get_byte(x, 8), band(x, 0xFF)); end +if s_pack then + function pack_uint16be(x) + return s_pack(">I2", x); + end + function pack_uint64be(x) + return s_pack(">I8", x); + end +end + +if s_unpack then + function read_uint16be(str, pos) + return s_unpack(">I2", str, pos); + end + function read_uint64be(str, pos) + return s_unpack(">I8", str, pos); + end +end + local function parse_frame_header(frame) if #frame < 2 then return; end diff -r 214a62915368 -r 0e81e3dab896 plugins/mod_s2s/mod_s2s.lua --- a/plugins/mod_s2s/mod_s2s.lua Fri Oct 02 12:17:41 2015 +0200 +++ b/plugins/mod_s2s/mod_s2s.lua Sun Oct 11 20:03:00 2015 +0200 @@ -352,6 +352,7 @@ hosts[to].events.fire_event("s2s-stream-features", { origin = session, features = features }); else (session.log or log)("warn", "No 'to' on stream header from %s means we can't offer any features", from or session.ip or "unknown host"); + fire_global_event("s2s-stream-features-legacy", { origin = session, features = features }); end if ( session.type == "s2sin" or session.type == "s2sout" ) or features.tags[1] then diff -r 214a62915368 -r 0e81e3dab896 plugins/mod_websocket.lua --- a/plugins/mod_websocket.lua Fri Oct 02 12:17:41 2015 +0200 +++ b/plugins/mod_websocket.lua Sun Oct 11 20:03:00 2015 +0200 @@ -4,9 +4,11 @@ -- This project is MIT/X11 licensed. Please see the -- COPYING file in the source package for more information. -- +-- luacheck: ignore 431/log module:set_global(); +local add_task = require "util.timer".add_task; local add_filter = require "util.filters".add_filter; local sha1 = require "util.hashes".sha1; local base64 = require "util.encodings".base64.encode; @@ -24,6 +26,7 @@ local t_concat = table.concat; +local stream_close_timeout = module:get_option_number("c2s_close_timeout", 5); local consider_websocket_secure = module:get_option_boolean("consider_websocket_secure"); local cross_domain = module:get_option("cross_domain_websocket"); if cross_domain then @@ -128,7 +131,7 @@ return data; end -function handle_request(event, path) +function handle_request(event) local request, response = event.request, event.response; local conn = response.conn; diff -r 214a62915368 -r 0e81e3dab896 util/openssl.lua --- a/util/openssl.lua Fri Oct 02 12:17:41 2015 +0200 +++ b/util/openssl.lua Sun Oct 11 20:03:00 2015 +0200 @@ -18,8 +18,8 @@ return setmetatable({ req = { distinguished_name = "distinguished_name", - req_extensions = "v3_extensions", - x509_extensions = "v3_extensions", + req_extensions = "certrequest", + x509_extensions = "selfsigned", prompt = "no", }, distinguished_name = { @@ -31,12 +31,16 @@ commonName = "example.com", emailAddress = "xmpp@example.com", }, - v3_extensions = { + certrequest = { basicConstraints = "CA:FALSE", keyUsage = "digitalSignature,keyEncipherment", extendedKeyUsage = "serverAuth,clientAuth", subjectAltName = "@subject_alternative_name", }, + selfsigned = { + basicConstraints = "CA:TRUE", + subjectAltName = "@subject_alternative_name", + }, subject_alternative_name = { DNS = {}, otherName = {},