# HG changeset patch # User Matthew Wild # Date 1365152718 -3600 # Node ID 19d537b5aaccb9c1f317a60fe348e8ab3c40487d # Parent 706053e3f9f514faa37000f72761609f5d93f3cd# Parent 0ad8c623a81a94432bcdd5fe5df91e4940be635b Merge 0.9->trunk diff -r 706053e3f9f5 -r 19d537b5aacc configure --- a/configure Wed Apr 03 13:53:21 2013 +0100 +++ b/configure Fri Apr 05 10:05:18 2013 +0100 @@ -41,15 +41,17 @@ Default is "$LUA_SUFFIX" (lua$LUA_SUFFIX...) --with-lua=PREFIX Use Lua from given prefix. Default is $LUA_DIR +--runwith=BINARY What Lua binary to set as runtime environment. + Default is $RUNWITH --with-lua-include=DIR You can also specify Lua's includes dir. Default is \$LUA_DIR/include --with-lua-lib=DIR You can also specify Lua's libraries dir. Default is \$LUA_DIR/lib --with-idn=LIB The name of the IDN library to link with. Default is $IDN_LIB ---idn-library=(idn|icu) Select library to use for IDNA functionality. - idn: use GNU libidn (default) - icu: use ICU from IBM +--idn-library=(idn|icu) Select library to use for IDNA functionality. + idn: use GNU libidn (default) + icu: use ICU from IBM --with-ssl=LIB The name of the SSL to link with. Default is $OPENSSL_LIB --cflags=FLAGS Flags to pass to the compiler diff -r 706053e3f9f5 -r 19d537b5aacc core/portmanager.lua --- a/core/portmanager.lua Wed Apr 03 13:53:21 2013 +0100 +++ b/core/portmanager.lua Fri Apr 05 10:05:18 2013 +0100 @@ -70,6 +70,16 @@ unregister_service(item.name, item); end); +local function duplicate_ssl_config(ssl_config) + local ssl_config = type(ssl_config) == "table" and ssl_config or {}; + + local _config = {}; + for k, v in pairs(ssl_config) do + _config[k] = v; + end + return _config; +end + --- Public API function activate(service_name) @@ -114,9 +124,24 @@ local err; -- Create SSL context for this service/port if service_info.encryption == "ssl" then - local ssl_config = config.get("*", config_prefix.."ssl"); - ssl, err = certmanager.create_context(service_info.name.." port "..port, "server", ssl_config and (ssl_config[port_number] - or (ssl_config.certificate and ssl_config))); + local ssl_config = duplicate_ssl_config((config.get("*", config_prefix.."ssl") and config.get("*", config_prefix.."ssl")[interface]) + or (config.get("*", config_prefix.."ssl") and config.get("*", config_prefix.."ssl")[port]) + or config.get("*", config_prefix.."ssl") + or (config.get("*", "ssl") and config.get("*", "ssl")[interface]) + or (config.get("*", "ssl") and config.get("*", "ssl")[port]) + or config.get("*", "ssl")); + -- add default entries for, or override ssl configuration + if ssl_config and service_info.ssl_config then + for key, value in pairs(service_info.ssl_config) do + if not service_info.ssl_config_override and not ssl_config[key] then + ssl_config[key] = value; + elseif service_info.ssl_config_override then + ssl_config[key] = value; + end + end + end + + ssl, err = certmanager.create_context(service_info.name.." port "..port, "server", ssl_config); if not ssl then log("error", "Error binding encrypted port for %s: %s", service_info.name, error_to_friendly_message(service_name, port_number, err) or "unknown error"); end diff -r 706053e3f9f5 -r 19d537b5aacc core/rostermanager.lua --- a/core/rostermanager.lua Wed Apr 03 13:53:21 2013 +0100 +++ b/core/rostermanager.lua Fri Apr 05 10:05:18 2013 +0100 @@ -18,6 +18,7 @@ local bare_sessions = bare_sessions; local datamanager = require "util.datamanager" +local um_user_exists = require "core.usermanager".user_exists; local st = require "util.stanza"; module "rostermanager" @@ -105,6 +106,11 @@ end function save_roster(username, host, roster) + if not um_user_exists(username, host) then + log("debug", "not saving roster for %s@%s: the user doesn't exist", username, host); + return nil; + end + log("debug", "save_roster: saving roster for %s@%s", username, host); if not roster then roster = hosts[host] and hosts[host].sessions[username] and hosts[host].sessions[username].roster; diff -r 706053e3f9f5 -r 19d537b5aacc plugins/mod_http.lua --- a/plugins/mod_http.lua Wed Apr 03 13:53:21 2013 +0100 +++ b/plugins/mod_http.lua Fri Apr 05 10:05:18 2013 +0100 @@ -139,6 +139,7 @@ listener = server.listener; default_port = 5281; encryption = "ssl"; + ssl_config = { verify = "none" }; multiplex = { pattern = "^[A-Z]"; }; diff -r 706053e3f9f5 -r 19d537b5aacc plugins/mod_s2s/mod_s2s.lua --- a/plugins/mod_s2s/mod_s2s.lua Wed Apr 03 13:53:21 2013 +0100 +++ b/plugins/mod_s2s/mod_s2s.lua Fri Apr 05 10:05:18 2013 +0100 @@ -15,6 +15,7 @@ local tostring, type = tostring, type; local t_insert = table.insert; local xpcall, traceback = xpcall, debug.traceback; +local NULL = {}; local add_task = require "util.timer".add_task; local st = require "util.stanza"; @@ -226,11 +227,19 @@ end if cert then - local chain_valid, errors = conn:getpeerverification() + local chain_valid, errors; + if conn.getpeerverification then + chain_valid, errors = conn:getpeerverification(); + elseif conn.getpeerchainvalid then -- COMPAT mw/luasec-hg + chain_valid, errors = conn:getpeerchainvalid(); + errors = (not chain_valid) and { { errors } } or nil; + else + chain_valid, errors = false, { { "Chain verification not supported by this version of LuaSec" } }; + end -- Is there any interest in printing out all/the number of errors here? if not chain_valid then (session.log or log)("debug", "certificate chain validation result: invalid"); - for depth, t in ipairs(errors) do + for depth, t in ipairs(errors or NULL) do (session.log or log)("debug", "certificate error(s) at depth %d: %s", depth-1, table.concat(t, ", ")) end session.cert_chain_status = "invalid"; diff -r 706053e3f9f5 -r 19d537b5aacc plugins/mod_storage_none.lua --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/plugins/mod_storage_none.lua Fri Apr 05 10:05:18 2013 +0100 @@ -0,0 +1,23 @@ +local driver = {}; +local driver_mt = { __index = driver }; + +function driver:open(store) + return setmetatable({ store = store }, driver_mt); +end +function driver:get(user) + return {}; +end + +function driver:set(user, data) + return nil, "Storage disabled"; +end + +function driver:stores(username) + return { "roster" }; +end + +function driver:purge(user) + return true; +end + +module:provides("storage", driver); diff -r 706053e3f9f5 -r 19d537b5aacc prosody --- a/prosody Wed Apr 03 13:53:21 2013 +0100 +++ b/prosody Fri Apr 05 10:05:18 2013 +0100 @@ -290,12 +290,12 @@ --- Load and initialise core modules require "util.import" require "util.xmppstream" - require "core.rostermanager" require "core.stanza_router" require "core.hostmanager" require "core.portmanager" require "core.modulemanager" require "core.usermanager" + require "core.rostermanager" require "core.sessionmanager" package.loaded['core.componentmanager'] = setmetatable({},{__index=function() log("warn", "componentmanager is deprecated: %s", debug.traceback():match("\n[^\n]*\n[ \t]*([^\n]*)")); diff -r 706053e3f9f5 -r 19d537b5aacc util/stanza.lua --- a/util/stanza.lua Wed Apr 03 13:53:21 2013 +0100 +++ b/util/stanza.lua Fri Apr 05 10:05:18 2013 +0100 @@ -18,6 +18,7 @@ local ipairs = ipairs; local type = type; local s_gsub = string.gsub; +local s_sub = string.sub; local s_find = string.find; local os = os; @@ -174,6 +175,31 @@ return self; end +function stanza_mt:find(path) + local pos = 1; + local len = #path + 1; + + repeat + local xmlns, name, text; + local char = s_sub(path, pos, pos); + if char == "@" then + return self.attr[s_sub(path, pos + 1)]; + elseif char == "{" then + xmlns, pos = s_match(path, "^([^}]+)}()", pos + 1); + end + name, text, pos = s_match(path, "^([^@/#]*)([/#]?)()", pos); + name = name ~= "" and name or nil; + if pos == len then + if text == "#" then + return self:get_child_text(name, xmlns); + end + return self:get_child(name, xmlns); + end + self = self:get_child(name, xmlns); + until not self +end + + local xml_escape do local escape_table = { ["'"] = "'", ["\""] = """, ["<"] = "<", [">"] = ">", ["&"] = "&" };