xmlhandlers/xmppstream: Stop the parser when encountering restricted XML, completing the fix for the billion laughs attack
|
Matthew Wild |
Thu, 02 Jun 2011 15:19:05 +0100 |
Merge 0.8->trunk
|
Matthew Wild |
Thu, 02 Jun 2011 02:31:18 +0100 |
mod_storage_sql: Switch to MEDIUMTEXT for the 'value' column when using MySQL, as it imposes a 64K limit otherwise, potentially truncating data. Automatically upgrades existing tables.
|
Matthew Wild |
Thu, 02 Jun 2011 02:30:26 +0100 |
util.json: Fixed handling of truncated JSON.
|
Waqas Hussain |
Thu, 02 Jun 2011 05:36:15 +0500 |
Merge 0.8->trunk
|
Matthew Wild |
Thu, 02 Jun 2011 00:26:48 +0100 |
Merge 0.7->0.8
|
Matthew Wild |
Thu, 02 Jun 2011 00:26:23 +0100 |
Merge 0.6->0.7
|
Matthew Wild |
Thu, 02 Jun 2011 00:25:44 +0100 |
xmlhandlers: Don't restrict CDATA
|
Matthew Wild |
Thu, 02 Jun 2011 00:23:41 +0100 |
Merge 0.8->trunk
|
Matthew Wild |
Thu, 02 Jun 2011 00:05:33 +0100 |
Merge 0.7->0.8
|
Matthew Wild |
Wed, 01 Jun 2011 23:26:39 +0100 |
Merge 0.6->0.7
|
Matthew Wild |
Wed, 01 Jun 2011 23:25:24 +0100 |
xmlhandlers: Reject XML comments, processing instructions and (if supported by LuaExpat) DTDs. If not supported, log a warning. [Backport of 7cc426988bcc in trunk]
|
Matthew Wild |
Wed, 01 Jun 2011 23:20:54 +0100 |
util.xmppstream: Reject XML comments, processing instructions and (if supported by LuaExpat) DTDs. If not supported, log a warning.
|
Matthew Wild |
Wed, 01 Jun 2011 23:02:10 +0100 |
util.xmppstream: Reject XML comments, processing instructions and (if supported by LuaExpat) DTDs. If not supported, log a warning.
|
Matthew Wild |
Wed, 01 Jun 2011 23:02:10 +0100 |
util.encodings: Check return values before proceeding
|
Paul Aurich |
Sun, 22 May 2011 16:14:10 -0700 |
util.encodings: Swap code order ("ifndef" bugs me)
|
Paul Aurich |
Sun, 22 May 2011 15:40:16 -0700 |
util.encodings: Fix idna.to_unicode
|
Paul Aurich |
Sun, 22 May 2011 15:26:03 -0700 |
mod_register: Change the default for 'allow_registration' from true to false, most users shouldn't be affected as allow_registration is already explicitly set in the default config file.
|
Matthew Wild |
Sat, 28 May 2011 00:23:05 +0100 |
mod_register: Move allow_registration option into an upvalue for efficiency (now it is being checked on every new c2s stream)
|
Matthew Wild |
Sat, 28 May 2011 00:21:12 +0100 |
Advertise in-band registration support.
|
Glenn Maynard |
Fri, 27 May 2011 17:04:43 +0100 |
net.dns: Support for resolving AAAA records
|
Matthew Wild |
Mon, 16 May 2011 19:33:02 +0100 |
MUC: Include occupant count in room disco#info response.
|
Waqas Hussain |
Sat, 07 May 2011 21:17:03 +0500 |
mod_roster: Remove <optional/> from roster version stream feature, as per latest specs.
|
Waqas Hussain |
Sat, 07 May 2011 21:16:25 +0500 |
mod_dialback: Remove <optional/> from stream feature, as per latest specs.
|
Waqas Hussain |
Sat, 07 May 2011 21:16:06 +0500 |
sessionmanager: Log reason when destroying a session.
|
Waqas Hussain |
Sat, 07 May 2011 21:15:34 +0500 |
s2smanager: Log reason when destroying a session.
|
Waqas Hussain |
Sat, 07 May 2011 21:15:13 +0500 |
Merge 0.8->trunk
|
Matthew Wild |
Wed, 04 May 2011 23:13:50 +0100 |
mod_muc: Remove room from memory when it is made non-persistent and is empty
|
Matthew Wild |
Wed, 04 May 2011 23:12:53 +0100 |
Merge 0.8->trunk
|
Matthew Wild |
Wed, 20 Apr 2011 18:20:29 +0100 |
mod_legacyauth: Disallow on unencrypted connections by default, heed allow_unencrypted_plain_auth config option (thanks Maranda/Zash)
|
Matthew Wild |
Wed, 20 Apr 2011 18:19:28 +0100 |
Merge 0.8->trunk
|
Matthew Wild |
Mon, 18 Apr 2011 20:39:37 +0100 |
Tagging 0.8.1
|
Matthew Wild |
Mon, 18 Apr 2011 20:38:44 +0100 |
Merge 0.8->trunk
|
Matthew Wild |
Fri, 15 Apr 2011 22:46:57 +0100 |
util.datetime: Fix timestamp parsing when in DST (thanks xnyhps)
|
Matthew Wild |
Fri, 15 Apr 2011 22:39:53 +0100 |
prosody: Add sanity_check() to startup sequence. Check that we have at least one vhost enabled to avoid Bad Things.
|
Matthew Wild |
Thu, 14 Apr 2011 22:40:50 +0100 |
Merge Zash->trunk
|
Matthew Wild |
Fri, 15 Apr 2011 22:45:06 +0100 |
net.dns: Fix TXT records
|
Kim Alvefur |
Fri, 15 Apr 2011 00:54:10 +0200 |
util.datetime: Fix timestamp parsing when in DST (thanks xnyhps)
|
Matthew Wild |
Fri, 15 Apr 2011 22:39:53 +0100 |
prosody: Add sanity_check() to startup sequence. Check that we have at least one vhost enabled to avoid Bad Things.
|
Matthew Wild |
Thu, 14 Apr 2011 22:40:50 +0100 |
Merge 0.8->trunk
|
Matthew Wild |
Mon, 11 Apr 2011 17:01:55 +0100 |
tools/migration/migrator/prosody_sql.lua: Fix compatibility with PostgreSQL (thanks Timo)
|
Matthew Wild |
Mon, 11 Apr 2011 17:01:06 +0100 |
mod_pubsub: Support for setting a disco name
|
Marco Cirillo |
Wed, 06 Apr 2011 20:00:44 +0100 |
Merge 0.8->trunk
|
Matthew Wild |
Wed, 06 Apr 2011 14:48:00 +0100 |
mod_tls: Fix for components to more reliably inherit SSL settings from their parenthost (thanks Link Mauve)
|
Matthew Wild |
Wed, 06 Apr 2011 14:45:44 +0100 |
Merge 0.8 -> trunk
|
Matthew Wild |
Tue, 05 Apr 2011 14:38:08 +0100 |
Tagging 0.8.0
|
Matthew Wild |
Tue, 05 Apr 2011 14:37:25 +0100 |
tools/migration/migrator/prosody_files.lua: Fix for previous commit
0.8.0
|
Matthew Wild |
Tue, 05 Apr 2011 14:34:48 +0100 |
tools/migration/prosody-migrator.lua: Add messages to show when migration is in progress
|
Matthew Wild |
Tue, 05 Apr 2011 14:34:06 +0100 |
tools/migration: Support for ~/ in paths
|
Matthew Wild |
Tue, 05 Apr 2011 14:11:25 +0100 |
Merge 0.8->trunk
|
Matthew Wild |
Tue, 05 Apr 2011 13:26:43 +0100 |
usermanager: Check host exists before trying to look up admins for it
|
Matthew Wild |
Tue, 05 Apr 2011 13:26:19 +0100 |
util.dependencies: Add a dummy util.ztact loader to log a message for people still using it (e.g. in their Debian-derived config files)
|
Matthew Wild |
Tue, 05 Apr 2011 13:20:09 +0100 |
tools/migration/prosody-migrator.lua: Refactor store handler loading to report errors they throw
|
Matthew Wild |
Tue, 05 Apr 2011 12:59:24 +0100 |
tools/migration/migrator/prosody_sql: Throw a friendlier error when LuaDBI is not found
|
Matthew Wild |
Tue, 05 Apr 2011 12:58:14 +0100 |
prosody.cfg.lua.dist: Add example of 'authentication' option
|
Matthew Wild |
Tue, 05 Apr 2011 12:36:56 +0100 |
mod_privacy: Remove several unused variable declarations
|
Matthew Wild |
Tue, 29 Mar 2011 15:07:14 +0100 |
mod_privacy: Remove unused function, sendUnavailable
|
Matthew Wild |
Tue, 29 Mar 2011 14:57:50 +0100 |
sessionmanager: Fire pre-resource-unbind to allow plugins (such as mod_smacks) to hook and prevent/override session destruction
|
Matthew Wild |
Tue, 29 Mar 2011 14:10:00 +0100 |
tools/migration: Rename main.lua -> prosody-migrator.lua and update the Makefile
|
Matthew Wild |
Mon, 21 Mar 2011 19:39:04 +0000 |
net.httpserver: Revert commit eccd3c87d717 which has since been fixed in a better way
|
Matthew Wild |
Mon, 21 Mar 2011 19:35:53 +0000 |
mod_dialback: Use session:close() on dialback failure instead of s2smanager.destroy_session() (thanks Zash)
|
Matthew Wild |
Mon, 21 Mar 2011 19:32:51 +0000 |
Merge 0.8->trunk
|
Matthew Wild |
Fri, 18 Mar 2011 10:33:38 +0000 |
mod_pubsub: Remove checks for whether the JID being (un)subscribed is the actor's own - it's possible to (un)subscribe another JID if you have the (un)subscribe_other capability, which is already checked in util.pubsub (thanks Andrew)
|
Matthew Wild |
Fri, 18 Mar 2011 10:32:55 +0000 |
tools/migration/Makefile: Don't install main.lua (we already install it as prosody-migrator) (thanks Enrico)
|
Matthew Wild |
Thu, 03 Mar 2011 18:14:08 +0000 |
mod_bosh: Fix terminate logic - process any stanzas in a terminating request, and add type='terminate' to any responses generated by those stanzas. Finally, close all remaining open requests with type='terminate' and close the session. Fixes #211 (thanks Maranda + waqas).
|
Matthew Wild |
Fri, 04 Mar 2011 20:27:57 +0000 |
Merge 0.8->trunk.
|
Waqas Hussain |
Wed, 02 Mar 2011 05:15:54 +0500 |
prosody: Load net.httpserver at startup, to avoid creating a global later.
|
Waqas Hussain |
Wed, 02 Mar 2011 05:13:51 +0500 |
net.connlisteners: Log traceback on errors in listener loading.
|
Waqas Hussain |
Wed, 02 Mar 2011 05:11:42 +0500 |
Merge 0.8->trunk
|
Matthew Wild |
Tue, 01 Mar 2011 06:14:03 +0000 |
mod_storage_sql: Display friendlier error when LuaDBI is missing
|
Matthew Wild |
Tue, 01 Mar 2011 06:12:43 +0000 |
Merge 0.8->trunk
|
Matthew Wild |
Sat, 26 Feb 2011 00:24:23 +0000 |
tools/migration/*: Numerous changes and restructuring, and the addition of a Makefile
|
Matthew Wild |
Sat, 26 Feb 2011 00:23:48 +0000 |
Merge 0.8->trunk
|
Matthew Wild |
Fri, 25 Feb 2011 03:34:15 +0000 |
tools/migration/*.lua: Rename config to migrator.cfg.lua, add error handling for config and command-line parameters
|
Matthew Wild |
Fri, 25 Feb 2011 03:32:44 +0000 |
tools/migration/main.lua: Add command-line parsing, including --config=CONFIG_FILE, and the ability to specify to/from stores to migrate
|
Matthew Wild |
Fri, 25 Feb 2011 01:31:08 +0000 |
tools/migration/config.lua: Minor fixes for more sensible defaults
|
Matthew Wild |
Fri, 25 Feb 2011 01:29:31 +0000 |
tools/migration/*.lua: Rename config to migrator.cfg.lua, add error handling for config and command-line parameters
|
Matthew Wild |
Fri, 25 Feb 2011 03:32:44 +0000 |
tools/migration/main.lua: Add command-line parsing, including --config=CONFIG_FILE, and the ability to specify to/from stores to migrate
|
Matthew Wild |
Fri, 25 Feb 2011 01:31:08 +0000 |
tools/migration/config.lua: Minor fixes for more sensible defaults
|
Matthew Wild |
Fri, 25 Feb 2011 01:29:31 +0000 |
Merge 0.8->trunk
|
Matthew Wild |
Fri, 25 Feb 2011 00:08:14 +0000 |
mod_pep: Fix comparison between incoming hash and the cached hash for a JID, fixes repeated PEP events on presence (fixes #225)
|
Matthew Wild |
Fri, 25 Feb 2011 00:07:38 +0000 |
Merge 0.8->trunk
|
Matthew Wild |
Thu, 24 Feb 2011 18:20:05 +0000 |
util.sasl.scram: Fix bug in validate_username function. (Thanks Florob)
|
Tobias Markmann |
Thu, 24 Feb 2011 18:56:19 +0100 |
util.sasl.scram: Fix bug in validate_username function. (Thanks Florob)
|
Tobias Markmann |
Thu, 24 Feb 2011 18:56:19 +0100 |
Merge 0.8->trunk.
|
Waqas Hussain |
Thu, 24 Feb 2011 19:30:26 +0500 |
MUC: Don't limit affiliation changes to owners, and allow owners to remove themselves if they are not the last owner.
|
Waqas Hussain |
Thu, 24 Feb 2011 07:11:35 +0500 |
MUC: Add a textual error message when the user isn't allowed to get/set config form.
|
Waqas Hussain |
Thu, 24 Feb 2011 07:09:38 +0500 |
Merge 0.8->trunk
|
Matthew Wild |
Thu, 24 Feb 2011 02:04:56 +0000 |
util.stanza: Whitespace fix after merge (complicated)
|
Matthew Wild |
Thu, 24 Feb 2011 02:04:38 +0000 |
prosody, prosodyctl: Use plugin_paths in addition to, not instead of, the default plugin path
|
Matthew Wild |
Thu, 24 Feb 2011 01:35:33 +0000 |
tools/migration/*.lua: Convert to unix line endings
|
Matthew Wild |
Wed, 23 Feb 2011 18:31:48 +0000 |
net.httpserver: Removed an unused function.
|
Waqas Hussain |
Wed, 23 Feb 2011 07:26:54 +0500 |
net.httpserver: Fix HTTP after commit c299726d2b4e and add a 500 error response if a request handler fails to make a response to the client
|
Matthew Wild |
Wed, 23 Feb 2011 00:31:12 +0000 |
tests/test_sasl.lua: Convert literal UTF-8/Latin1 chars to escape codes for weak text editors
|
Matthew Wild |
Tue, 22 Feb 2011 21:19:00 +0000 |
tools/migration/*: Initial commit of a new migration tool. Currently supports Prosody files and Prosody SQL as input and output.
|
Waqas Hussain |
Wed, 23 Feb 2011 02:16:19 +0500 |
net.httpserver: Catch errors thrown in HTTP handlers.
|
Waqas Hussain |
Wed, 23 Feb 2011 02:03:55 +0500 |
mod_auth_*: Get rid of undocumented and broken 'sasl_realm' config option.
|
Waqas Hussain |
Wed, 23 Feb 2011 01:34:46 +0500 |
mod_auth_cyrus: Print some diagnostic log messages about the available mechanisms.
|
Waqas Hussain |
Wed, 23 Feb 2011 01:22:04 +0500 |
prosodyctl: Support for plugin_paths config option
|
Matthew Wild |
Tue, 22 Feb 2011 18:37:29 +0000 |
mod_tls: Drop 'TLS negotiation started for ...' to debug level from info
|
Matthew Wild |
Tue, 22 Feb 2011 18:29:35 +0000 |
s2smanager: Drop some log messages to debug level from info/warn
|
Matthew Wild |
Tue, 22 Feb 2011 18:27:31 +0000 |
prosody: Change plugin_path -> plugin_paths and make it an array instead of a string
|
Matthew Wild |
Tue, 22 Feb 2011 18:02:23 +0000 |
util.pluginloader: Rewritten resource loading to be cleaner, and added support for prosody-modules directory layout. "/" in plugin names is no longer supported.
|
Waqas Hussain |
Tue, 22 Feb 2011 21:47:38 +0500 |
util.stanza: Remove childtags and rename matching_tags -> childtags (they are API-compatible)
|
Matthew Wild |
Tue, 22 Feb 2011 07:37:52 +0000 |
util.pluginloader: Remove unused support for custom loaders, to simplify further refactoring.
|
Waqas Hussain |
Sun, 20 Feb 2011 20:11:52 +0500 |
modulemanager: Added module.path to the plugin API to let plugins determine their load path.
|
Waqas Hussain |
Sun, 20 Feb 2011 20:06:38 +0500 |
util.pluginloader: Return file path on success in pluginloader.load_code().
|
Waqas Hussain |
Sun, 20 Feb 2011 20:03:43 +0500 |
util.pluginloader: Return full file path from internal file loader on success, not just the name.
|
Waqas Hussain |
Sun, 20 Feb 2011 20:01:05 +0500 |
util.stanza: Rewrite clone() to be more optimized.
|
Waqas Hussain |
Sun, 20 Feb 2011 19:16:56 +0500 |
prosodyctl, util.prosodyctl: Move UI functions to util.prosodyctl so they can be used outside of prosodyctl itself
|
Matthew Wild |
Sun, 13 Feb 2011 19:28:29 +0000 |
loggingmanager: Allow specifying a sink type in per-level logging config (thanks ruskie)
|
Matthew Wild |
Sun, 13 Feb 2011 18:37:34 +0000 |
loggingmanager: Iterate over logging config rules using ipairs rather than pairs
|
Matthew Wild |
Sun, 13 Feb 2011 18:35:39 +0000 |