util.roles: Fix tests to use autogenerated role id
|
Matthew Wild |
Sat, 08 Oct 2022 20:39:14 +0100 |
util.roles: Add some more missing test cases
|
Matthew Wild |
Sat, 08 Oct 2022 20:33:01 +0100 |
util.promise: Fix field name in failing test (introduced in 2639e0e1c378)
|
Matthew Wild |
Fri, 07 Oct 2022 18:04:30 +0100 |
util.promise: Add some missing test cases (found through mutation testing)
|
Matthew Wild |
Fri, 07 Oct 2022 17:56:38 +0100 |
util.promise: Remove line that was supposed to be removed in eb9814372c54
|
Matthew Wild |
Fri, 07 Oct 2022 17:45:23 +0100 |
util.promise: Remove some redundant checks, add tests confirming redundancy
|
Matthew Wild |
Fri, 07 Oct 2022 17:43:26 +0100 |
util.roles: Add a :policies() method to iterate through available policies
|
Matthew Wild |
Fri, 07 Oct 2022 17:01:35 +0100 |
util.roles: Add tests
|
Matthew Wild |
Fri, 07 Oct 2022 16:58:52 +0100 |
util.roles: Return nil if the role has no explicit policy (fixes inheritance)
|
Matthew Wild |
Fri, 07 Oct 2022 16:58:08 +0100 |
mod_smacks: Change boolean attribute from '1' to 'true' for compatibility
|
Matthew Wild |
Fri, 07 Oct 2022 11:35:56 +0100 |
util.iterators: join: Work even with only a single iterator in the chain
|
Matthew Wild |
Thu, 06 Oct 2022 18:34:40 +0100 |
mod_tokenauth: Remove expired tokens from storage
|
Matthew Wild |
Thu, 06 Oct 2022 16:00:39 +0100 |
mod_tokenauth: Invalidate tokens issued before most recent password change
|
Matthew Wild |
Thu, 06 Oct 2022 15:59:07 +0100 |
prosodyctl: check turn: More clearly indicate the error is from TURN server
|
Matthew Wild |
Thu, 06 Oct 2022 11:12:57 +0100 |
mod_authz_internal: Fix warning due to global use
|
Kim Alvefur |
Tue, 04 Oct 2022 12:04:43 +0200 |
Backed out changeset 1bc2220cd6ec
|
Jonas Schäfer |
Mon, 03 Oct 2022 12:55:11 +0200 |
util.jwt: More robust ECDSA signature parsing, fail early on unexpected length
|
Matthew Wild |
Fri, 30 Sep 2022 20:38:31 +0100 |
util.crypto: Fix tests
|
Kim Alvefur |
Fri, 30 Sep 2022 00:27:10 +0200 |
util.jwt: Add support for ES512 (+ tests)
|
Matthew Wild |
Thu, 29 Sep 2022 23:17:42 +0100 |
util.crypto, util.jwt: Generate consistent signature sizes (via padding)
|
Matthew Wild |
Thu, 29 Sep 2022 23:15:39 +0100 |
CHANGES: Update with MUC permission changes
|
Matthew Wild |
Thu, 29 Sep 2022 12:57:05 +0100 |
mod_authz_internal: Allow specifying default role for public (remote) users
|
Matthew Wild |
Thu, 29 Sep 2022 12:46:02 +0100 |
Backed out changeset 73a45ba6e3f1 in favour of 427dd01f0864
|
Matthew Wild |
Thu, 29 Sep 2022 12:43:09 +0100 |
mod_muc: Better map restrict_room_creation to role permissions (behaviour change)
|
Matthew Wild |
Thu, 29 Sep 2022 12:30:52 +0100 |
mod_authz_internal: Allow configuring role of local-server/parent-host users
|
Matthew Wild |
Thu, 29 Sep 2022 12:10:14 +0100 |
muc: Re-allow non-admins to configure persistence (thanks Meaz)
|
Matthew Wild |
Wed, 28 Sep 2022 17:47:00 +0100 |
doap: Latest XEP-0440 supported since 9f100ab9ffdf
|
Matthew Wild |
Mon, 26 Sep 2022 15:47:15 +0100 |
mod_admin_shell: Fix display of session without role (thanks Link Mauve)
|
Kim Alvefur |
Fri, 23 Sep 2022 11:58:15 +0200 |
mod_saslauth: Put <sasl-channel-binding> in stream:features per XEP-0440 0.4.0
|
Matthew Wild |
Wed, 21 Sep 2022 15:00:06 +0100 |
Merge 0.12->trunk
|
Kim Alvefur |
Thu, 15 Sep 2022 11:11:52 +0200 |
util.stanza: Return nil instead of nothing (fix test with luassert >=1.9)
0.12
|
Kim Alvefur |
Thu, 15 Sep 2022 11:05:21 +0200 |
mod_storage_sql: Strip timestamp precision in queries to fix error (thanks muppeth)
|
Kim Alvefur |
Wed, 07 Sep 2022 12:27:12 +0200 |
mod_http_file_share: Use correct variable name (thanks riau.sni)
|
Matthew Wild |
Sun, 04 Sep 2022 10:01:57 +0100 |
mod_saslauth: Fix incorrect variable name introduced in 27a4a7e64831
|
Matthew Wild |
Sat, 03 Sep 2022 21:25:51 +0100 |
mod_smacks: Set session flag during successful enable
|
Matthew Wild |
Sat, 03 Sep 2022 21:20:29 +0100 |
mod_smacks: Add type field to results so actions can be later distinguished
|
Matthew Wild |
Sat, 03 Sep 2022 21:20:07 +0100 |
mod_saslauth: Only announce bind feature if no resource yet bound
|
Matthew Wild |
Sat, 03 Sep 2022 21:19:00 +0100 |
semgrep: Catch stanza:text() (assuming it's meant to be :get_text())
|
Matthew Wild |
Sat, 03 Sep 2022 21:17:38 +0100 |
util.paseto: Do strict type check in pae() function
|
Kim Alvefur |
Mon, 11 Jul 2022 18:48:57 +0200 |
util.crypto: Use Lua 5.2 API for predictable buffer size
|
Kim Alvefur |
Mon, 11 Jul 2022 17:11:38 +0200 |
util.crypto: Use stack space buffers
|
Kim Alvefur |
Mon, 11 Jul 2022 17:01:55 +0200 |
util.paseto: Drop custom wrappers around key objects
|
Matthew Wild |
Mon, 11 Jul 2022 14:30:39 +0100 |
util.paseto: Add tests based on official PASETO test vectors
|
Matthew Wild |
Mon, 11 Jul 2022 14:10:07 +0100 |
util.paseto: Export similar API to new util.jwt for ease and consistency
|
Matthew Wild |
Mon, 11 Jul 2022 14:09:16 +0100 |
util.paseto: Error early on invalid keys
|
Matthew Wild |
Mon, 11 Jul 2022 14:08:55 +0100 |
util.paseto: Fix to decode footer before comparison
|
Matthew Wild |
Mon, 11 Jul 2022 13:51:39 +0100 |
mod_http_file_share: Switch to new util.jwt API
|
Matthew Wild |
Mon, 11 Jul 2022 13:49:47 +0100 |
util.jwt: Add new init() convenience method to obtain both signer and verifier
|
Matthew Wild |
Mon, 11 Jul 2022 13:43:01 +0100 |
util.jwt: Consolidate payload parsing, ensure it's always a valid object
|
Matthew Wild |
Mon, 11 Jul 2022 13:42:08 +0100 |
util.jwt: Provide built-in token expiry support (defaults to 3600s lifetime)
|
Matthew Wild |
Mon, 11 Jul 2022 13:28:29 +0100 |
util.jwt: All the algorithms (+ all the tests!)
|
Matthew Wild |
Sat, 02 Jul 2022 15:29:04 +0100 |
util.crypto: tests: fix some tests that didn't do much (thanks luacheck!)
|
Matthew Wild |
Sat, 02 Jul 2022 15:27:44 +0100 |
util.crypto: More digests for sign/verify, use macros for clarity/consistency
|
Matthew Wild |
Sat, 02 Jul 2022 14:59:52 +0100 |
util.jwt: Overhaul of tests to use declarative approach
|
Matthew Wild |
Sat, 02 Jul 2022 14:22:20 +0100 |
spec: Move test crypto keys to a shared file for clarity and easy maintenance
|
Matthew Wild |
Sat, 02 Jul 2022 12:36:52 +0100 |
util.jwt: Add support for RSA-based algorithms (RS256, PS256)
|
Matthew Wild |
Sat, 02 Jul 2022 12:26:43 +0100 |
util.crypto: Friendlier error message on incorrect key types
|
Matthew Wild |
Sat, 02 Jul 2022 11:51:24 +0100 |
util.crypto: Add support for RSA signatures (PKCS1-v1.5 + PSS)
|
Matthew Wild |
Sat, 02 Jul 2022 11:50:56 +0100 |
util.jwt: Add support/tests for ES256 via improved API and using util.crypto
|
Matthew Wild |
Fri, 01 Jul 2022 18:51:15 +0100 |
util.crypto: Add Teal type specification
|
Kim Alvefur |
Thu, 30 Jun 2022 15:38:22 +0200 |
util.paseto: Implementation of PASETO v4.public tokens
|
Matthew Wild |
Fri, 24 Jun 2022 17:03:28 +0100 |
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
|
Matthew Wild |
Fri, 24 Jun 2022 16:56:16 +0100 |
util-src: Add new utility header managed_pointer.h
|
Matthew Wild |
Fri, 01 Jul 2022 15:11:08 +0100 |
mod_smacks: Set session.smacks after sending <enabled/> to fix traceback
|
Matthew Wild |
Mon, 29 Aug 2022 15:58:51 +0100 |
core.moduleapi: Check for local role-aware sessions before e.g. s2s
|
Kim Alvefur |
Mon, 29 Aug 2022 11:47:31 +0200 |
mod_smacks: Use new :add_error() in last remaining error result construction
|
Matthew Wild |
Mon, 29 Aug 2022 15:48:07 +0100 |
mod_smacks: Split enable handling to stages, to allow easier SASL2 integration
|
Matthew Wild |
Mon, 29 Aug 2022 15:45:52 +0100 |
util.stanza: Add add_error() to simplify adding error tags to existing stanzas
|
Matthew Wild |
Mon, 29 Aug 2022 14:59:46 +0100 |
mod_component: Require 'from' attribute on stanzas by default
|
Matthew Wild |
Sun, 28 Aug 2022 07:51:50 +0100 |
mod_external_services: Update tools.ietf.org URL
|
Kim Alvefur |
Sat, 27 Aug 2022 17:19:13 +0200 |
doap: Update for XEP-0215 advancement to Stable
|
Kim Alvefur |
Sat, 27 Aug 2022 17:16:18 +0200 |
core.usermanager: Link to docs for new role API to make warning more actionable
|
Kim Alvefur |
Sat, 27 Aug 2022 17:01:36 +0200 |
mod_smacks: Split resumption into multiple stages, to simplify ISR integration
|
Matthew Wild |
Fri, 26 Aug 2022 19:07:36 +0100 |
mod_s2s: Simplify conditionals since all sessions should have .host now
|
Kim Alvefur |
Fri, 26 Aug 2022 19:10:15 +0200 |
Merge 0.12->trunk
|
Kim Alvefur |
Fri, 26 Aug 2022 19:03:23 +0200 |
mod_s2s: Fix firing buffer drain events
0.12
|
Kim Alvefur |
Fri, 26 Aug 2022 18:53:00 +0200 |
mod_smacks: Don't close resuming session when failed due to overflow
|
Matthew Wild |
Fri, 26 Aug 2022 17:28:06 +0100 |
mod_smacks: Long overdue cleanup of resumption code, fixes some old TODOs
|
Matthew Wild |
Fri, 26 Aug 2022 17:04:15 +0100 |
mod_admin_shell: Rename variable to avoid confusion with global function
|
Kim Alvefur |
Thu, 25 Aug 2022 22:42:41 +0200 |
mod_admin_shell: Fix output from user:roles()
|
Kim Alvefur |
Thu, 25 Aug 2022 22:40:41 +0200 |
Merge role-auth->trunk
|
Matthew Wild |
Mon, 22 Aug 2022 13:53:35 +0100 |
CHANGES: Add role auth
|
Matthew Wild |
Mon, 22 Aug 2022 13:03:10 +0100 |
mod_admin_shell: Ensure account has role before it is usable
|
Kim Alvefur |
Thu, 18 Aug 2022 19:00:01 +0200 |
mod_auth_insecure: Store creation and update timestamps on account
|
Kim Alvefur |
Thu, 18 Aug 2022 18:10:44 +0200 |
mod_admin_shell: Update help for user:create to reflect singular role argument
|
Kim Alvefur |
Thu, 18 Aug 2022 18:10:18 +0200 |
mod_auth_internal_hashed: Allow creating disabled account without password
|
Kim Alvefur |
Thu, 18 Aug 2022 17:50:56 +0200 |
mod_admin_shell: Update with new role management commands and help text
|
Matthew Wild |
Thu, 18 Aug 2022 16:46:07 +0100 |
core.usermanager: Update argument name in authz fallback method
|
Kim Alvefur |
Thu, 18 Aug 2022 15:42:07 +0200 |
core.usermanager: Remove obsolete authz fallback method
|
Kim Alvefur |
Thu, 18 Aug 2022 15:38:18 +0200 |
core.usermanager: Add missing methods to fallback authz provider
|
Kim Alvefur |
Thu, 18 Aug 2022 14:10:21 +0200 |
core.usermanager: Add scoped luacheck ignore rule to reduce clutter
|
Kim Alvefur |
Thu, 18 Aug 2022 14:07:54 +0200 |
mod_authz_internal: Expose convenience method to test if user can assume role
|
Matthew Wild |
Thu, 18 Aug 2022 10:37:59 +0100 |
mod_authz_internal, and more: New iteration of role API
|
Matthew Wild |
Wed, 17 Aug 2022 16:38:53 +0100 |
util.roles: Add Teal interface declaration
|
Kim Alvefur |
Fri, 12 Aug 2022 22:09:09 +0200 |
mod_admin_shell: Show session role in c2s:show
|
Kim Alvefur |
Mon, 15 Aug 2022 16:36:00 +0200 |
usermanager: Add back temporary is_admin to warn about deprecated API usage
|
Matthew Wild |
Mon, 15 Aug 2022 15:25:07 +0100 |
usermanager: Remove concept of global authz provider
|
Matthew Wild |
Fri, 12 Aug 2022 16:21:57 +0100 |
usermanager: Fix method name of global authz provider (thanks Zash)
|
Matthew Wild |
Fri, 12 Aug 2022 11:58:25 +0100 |
usermanager: Remove obsolete function from global authz provider
|
Matthew Wild |
Thu, 11 Aug 2022 16:56:59 +0100 |
features: Add "permissions" feature for role-auth
|
Matthew Wild |
Thu, 11 Aug 2022 16:47:09 +0100 |
usermanager: Handle local JIDs being passed to get/set_jid_role()
|
Matthew Wild |
Mon, 01 Aug 2022 20:26:00 +0100 |
core.usermanager: Add missing stub authz methods to global authz provider
|
Kim Alvefur |
Wed, 20 Jul 2022 13:10:47 +0200 |
moduleapi: Stricter type check for actor in permission check
|
Kim Alvefur |
Wed, 20 Jul 2022 13:08:07 +0200 |
moduleapi: Remove redundant expansion of ':' prefix in permission names
|
Kim Alvefur |
Wed, 20 Jul 2022 13:07:04 +0200 |
moduleapi: Distribute permissions set from global modules to all hosts
|
Kim Alvefur |
Wed, 20 Jul 2022 13:05:35 +0200 |
mod_tokenauth: New API that better fits how modules are using token auth
|
Matthew Wild |
Wed, 20 Jul 2022 10:52:17 +0100 |
mod_authz_internal: Use util.roles, some API changes and config support
|
Matthew Wild |
Tue, 19 Jul 2022 18:02:02 +0100 |
util.roles: Add new utility module to consolidate role objects and methods
|
Matthew Wild |
Tue, 19 Jul 2022 17:44:26 +0100 |
usermanager, mod_auth_*: Add get_account_info() returning creation/update time
|
Matthew Wild |
Tue, 12 Jul 2022 13:14:47 +0100 |
core.moduleapi: Expand permission name ':' prefix earlier
|
Kim Alvefur |
Wed, 15 Jun 2022 23:04:17 +0200 |
core.moduleapi: Fixup method name
|
Kim Alvefur |
Wed, 15 Jun 2022 23:03:15 +0200 |
teal-src: update module.d.tl with new access control methods
|
Matthew Wild |
Wed, 15 Jun 2022 14:22:26 +0100 |
Switch to a new role-based authorization framework, removing is_admin()
|
Matthew Wild |
Wed, 15 Jun 2022 12:15:01 +0100 |
mod_saslauth: Rename field from 'scope'->'role'
|
Matthew Wild |
Wed, 15 Jun 2022 11:47:39 +0100 |
util.session: Add role management methods
|
Matthew Wild |
Wed, 15 Jun 2022 11:37:09 +0100 |
net.connect: Clear TODO for Happy Eyeballs / RFC 8305, close #1246
|
Kim Alvefur |
Fri, 19 Aug 2022 14:24:31 +0200 |
Merge 0.12->trunk
|
Matthew Wild |
Thu, 18 Aug 2022 15:43:16 +0100 |
mod_admin_shell: Switch names for user role management commands
0.12
|
Kim Alvefur |
Mon, 15 Aug 2022 18:56:22 +0200 |
util.stanza: Add method for extracting a single attribute value
|
Kim Alvefur |
Wed, 17 Aug 2022 19:04:30 +0200 |
mod_time: Remove obsolete XEP-0090 support
|
Kim Alvefur |
Mon, 15 Aug 2022 16:35:14 +0200 |