Guus der Kinderen <guus.der.kinderen@gmail.com> [Tue, 04 Jun 2024 09:06:44 +0200] rev 5922
mod_pubsub_serverinfo: fix syntax error
Guus der Kinderen <guus.der.kinderen@gmail.com> [Mon, 03 Jun 2024 12:52:26 +0200] rev 5921
mod_pubsub_serverinfo: fix bool logic when reading config
Matthew Wild <mwild1@gmail.com> [Thu, 30 May 2024 17:55:48 +0100] rev 5920
mod_report_forward: Some whitespace fixes
Matthew Wild <mwild1@gmail.com> [Thu, 30 May 2024 17:55:07 +0100] rev 5919
mod_report_forward: Fix traceback when reporting a specific message (thanks singpolyma)
Nicholas George <wirlaburla@worlio.com> [Fri, 24 May 2024 18:30:47 -0500] rev 5918
mod_muc_restrict_pm: Backport changes from upstream timber patch.
Nicholas George <wirlaburla@worlio.com> [Thu, 23 May 2024 01:05:56 -0500] rev 5917
mod_muc_restrict_pm: small rewrite. improves room config options
Nicholas George <wirlaburla@worlio.com> [Wed, 22 May 2024 21:11:24 -0500] rev 5916
mod_muc_restrict_pm: fix lua warnings
Nicholas George <wirlaburla@worlio.com> [Tue, 21 May 2024 01:09:12 -0500] rev 5915
mod_muc_restrict_pm: fix table in README
Nicholas George <wirlaburla@worlio.com> [Tue, 21 May 2024 00:40:06 -0500] rev 5914
mod_muc_restrict_pm: Limit who may send and recieve MUC PMs
Kim Alvefur <zash@zash.se> [Sat, 18 May 2024 14:16:49 +0200] rev 5913
mod_http_upload_external: Add link to Rust implementation (Thanks Luna)
Ben Smith <bens@effortlessis.com> [Tue, 14 May 2024 07:31:34 -0700] rev 5912
Tweaking documentation to clarify that Oauth2 can be used for VirtualHosts and Component
installations.
Ben Smith <bens@effortlessis.com> [Mon, 13 May 2024 13:25:13 -0700] rev 5911
Updating dox for mod_rest. Ideas expressed / clarified:
1) Making clear that mod_rest isn't to be installed under VirtualHosts AND as a component.
2) Understanding some of the implications of this choice:
A) Changes to user authentication
B) How it affects subdomains
3) More consistent use of domain names for clarity.
4) Using different heading sizes to show scope of section.
Essentially, I added all the tidbits I had to clarify in getting this to work in my
own example.
Matthew Wild <mwild1@gmail.com> [Mon, 13 May 2024 18:30:18 +0100] rev 5910
mod_audit_auth: Allow suppressing repeated failure/success log entries from the same IP for a time
This can be triggered by e.g. a distributed brute force attack, or from Monal.
Luca Matei Pintilie <luca@lucamatei.com> [Sun, 12 May 2024 17:01:20 +0200] rev 5909
mod_http_muc_log: replace "mam_muc" with "muc_mam" in README.markdown
Jonas Schäfer <jonas@wielicki.name> [Sat, 11 May 2024 10:02:00 +0200] rev 5908
mod_vcard_muc: fix field type for XEP-0486 field
Jonas Schäfer <jonas@wielicki.name> [Sat, 11 May 2024 09:52:11 +0200] rev 5907
mod_vcard_muc: use XEP-0486 form field for avatar hashes
Jonas Schäfer <jonas@wielicki.name> [Thu, 09 May 2024 10:13:26 +0200] rev 5906
mod_mam_archive: remove invalid disco#info feature
The feature which was previously added to disco#info was in fact
specified to be used for stream features only (see XEP-0136
section 11).
Emitting it in disco#info is weird at best and breaks stuff at
worst.
Matthew Wild <mwild1@gmail.com> [Wed, 08 May 2024 12:48:41 +0100] rev 5905
mod_invites_tracking: Don't bother storing anything for non-invite IBR
Matthew Wild <mwild1@gmail.com> [Wed, 08 May 2024 12:48:24 +0100] rev 5904
mod_invites_tracking: Fix traceback when not registering via invite (thanks Link Mauve)
Kim Alvefur <zash@zash.se> [Sun, 05 May 2024 17:37:38 +0200] rev 5903
various/README: Fix 'labels' metadata, should be a list
Kim Alvefur <zash@zash.se> [Sat, 04 May 2024 13:25:06 +0200] rev 5902
mod_rest: Add schema examples
Also 'example' -> 'examples'
Stephen Paul Weber <singpolyma@singpolyma.net> [Tue, 30 Apr 2024 15:07:06 -0500] rev 5901
Merge
Stephen Paul Weber <singpolyma@singpolyma.net> [Tue, 30 Apr 2024 15:06:03 -0500] rev 5900
Guard for not room
Matthew Wild <mwild1@gmail.com> [Mon, 29 Apr 2024 17:49:19 +0100] rev 5899
mod_http_admin_api: Support storing free-form text note with invitations
tmolitor <thilo@eightysoft.de> [Mon, 29 Apr 2024 02:00:34 +0200] rev 5898
mod_csi_battery_saver: Some more improvements (handling of errors, muc invites, special data)
tmolitor <thilo@eightysoft.de> [Mon, 29 Apr 2024 01:31:40 +0200] rev 5897
mod_csi_battery_saver: add xep number to mds comment
tmolitor <thilo@eightysoft.de> [Mon, 29 Apr 2024 01:27:51 +0200] rev 5896
mod_csi_battery_saver: MDS headline pushes are important
Matthew Wild <mwild1@gmail.com> [Wed, 24 Apr 2024 13:47:48 +0100] rev 5895
mod_http_admin_api: Use new API in mod_announce to send announcements
Matthew Wild <mwild1@gmail.com> [Tue, 23 Apr 2024 12:10:38 +0100] rev 5894
mod_muc_rtbl: Fix blocking of PMs from RTBL matches
Matthew Wild <mwild1@gmail.com> [Wed, 17 Apr 2024 16:48:22 +0100] rev 5893
mod_sasl2: Log when tls-exporter is NOT supported, as well as when it is
Matthew Wild <mwild1@gmail.com> [Tue, 16 Apr 2024 15:01:40 +0100] rev 5892
mod_http_admin_api: Return roles for existing invites, if any
Matthew Wild <mwild1@gmail.com> [Tue, 16 Apr 2024 14:15:16 +0100] rev 5891
mod_http_admin_api: Allow specifying roles for invitations
Matthew Wild <mwild1@gmail.com> [Tue, 16 Apr 2024 13:03:39 +0100] rev 5890
mod_pubsub_serverinfo: node is a string, not a number
Matthew Wild <mwild1@gmail.com> [Tue, 16 Apr 2024 12:58:08 +0100] rev 5889
mod_pubsub_serverinfo: Fix for compatibility with 0.12 option getters
Matthew Wild <mwild1@gmail.com> [Tue, 16 Apr 2024 12:41:52 +0100] rev 5888
mod_pubsub_serverinfo: Don't default to non-local pubsub servers (thanks roughnecks)
Matthew Wild <mwild1@gmail.com> [Tue, 16 Apr 2024 12:05:47 +0100] rev 5887
mod_http_admin_api: User activity gauges need to be summed (labels by host)
Matthew Wild <mwild1@gmail.com> [Tue, 16 Apr 2024 10:42:25 +0100] rev 5886
mod_sasl2_fast: Improve handling when SASL profile unexpectedly lacks CB
This fixes a traceback reported by riau, but likely does not solve the
underlying cause, whatever that is.
Stephen Paul Weber <singpolyma@singpolyma.net> [Tue, 09 Apr 2024 14:44:52 -0500] rev 5885
mod_muc_restrict_avatars: Allow MUC admin to control restriction
Thanks, Strix!
Kim Alvefur <zash@zash.se> [Sat, 06 Apr 2024 17:55:23 +0200] rev 5884
misc/systemd: Add comment with link to our debian resources including systemd service file
Kim Alvefur <zash@zash.se> [Sat, 06 Apr 2024 17:51:29 +0200] rev 5883
misc/systemd: Fix typo
Is this worth keeping? We also have a .service file in the debian repo?
Kim Alvefur <zash@zash.se> [Sat, 06 Apr 2024 13:04:35 +0200] rev 5882
mod_client_management: Prevent exception on missing client info
> attempt to index a nil value (local 'legacy_info')
Unsure how exactly this happens, perhaps by mixing SASL2/BIND2 with
legacy equivalents?
Kim Alvefur <zash@zash.se> [Sat, 30 Mar 2024 15:10:51 +0100] rev 5881
mod_sasl2_fast: Update reference to now published XEP-0484 (thanks gooya)
aidan@jmad.org [Sun, 25 Feb 2024 18:20:04 -0800] rev 5880
mod_lastlog2: Fix typo from original copy-paste
Martin Dosch <martin@mdosch.de> [Tue, 26 Mar 2024 22:15:41 +0100] rev 5879
mod_sasl_ssdp: Add go-sendxmpp to clients supporting XEP-0474.
Kim Alvefur <zash@zash.se> [Sat, 23 Mar 2024 15:44:13 +0100] rev 5878
mod_compat_roles: Fix attempt to index a nil value #1847
permissions[] is not a map with role names as keys since 817bc9873fc2
but instead a level with host names were added. This was likely an
oversight.
Refactored towards railroad.
nicoco <nicoco@nicoco.fr> [Fri, 22 Mar 2024 11:02:04 +0100] rev 5877
mod_privilege: Fix IQ privileges advertising for multiple namespaces
Before this fix, the namespaces element were wrongly nested.
Kim Alvefur <zash@zash.se> [Thu, 21 Mar 2024 19:44:27 +0100] rev 5876
mod_pastebin: Back out 040eaa3844f4
Triggered error in Lua with if set over 200 and a 200+ line line message
is checked.
BetaRays <BetaRays@proton.me> [Sun, 17 Mar 2024 15:05:29 +0100] rev 5875
mod_conversejs: Allow installation as PWA
Matthew Wild <mwild1@gmail.com> [Thu, 14 Mar 2024 09:48:30 +0000] rev 5874
mod_firewall: Fix syntax error (thanks mirux)
Guus der Kinderen <guus.der.kinderen@gmail.com> [Thu, 14 Mar 2024 09:55:46 +0100] rev 5873
mod_pubsub_serverinfo: update reference to XEP.
Kim Alvefur <zash@zash.se> [Wed, 13 Mar 2024 23:45:25 +0100] rev 5872
mod_rest: Fix incorrect 'type' in mapping schema for XEP-0100
Matthew Wild <mwild1@gmail.com> [Tue, 12 Mar 2024 14:31:45 +0000] rev 5871
mod_firewall: REPORT TO: Include id in reports
Matthew Wild <mwild1@gmail.com> [Tue, 12 Mar 2024 14:31:21 +0000] rev 5870
mod_firewall: Support util.id.* as dependencies
Matthew Wild <mwild1@gmail.com> [Tue, 12 Mar 2024 14:27:43 +0000] rev 5869
mod_firewall: 'REPORT TO': fix default reason fallback if none is provided
Matthew Wild <mwild1@gmail.com> [Tue, 12 Mar 2024 14:07:00 +0000] rev 5868
mod_report_forward: Include id on report submissions
Matthew Wild <mwild1@gmail.com> [Tue, 12 Mar 2024 10:56:41 +0000] rev 5867
mod_measure_active_users: Switch to mod_cron for scheduling
Matthew Wild <mwild1@gmail.com> [Tue, 12 Mar 2024 10:41:55 +0000] rev 5866
mod_http_admin_api: Include active user counts in metrics response
Kim Alvefur <zash@zash.se> [Sat, 09 Mar 2024 21:05:00 +0100] rev 5865
mod_auth_oauth_external: Fix typo
Stephen Paul Weber <singpolyma@singpolyma.net> [Mon, 11 Mar 2024 19:28:19 -0500] rev 5864
mod_report_forward: fix address detection when there are multiple field values
Matthew Wild <mwild1@gmail.com> [Tue, 05 Mar 2024 18:26:29 +0000] rev 5863
mod_anti_spam: New module for spam filtering (pre-alpha)
Kim Alvefur <zash@zash.se> [Tue, 05 Mar 2024 00:32:00 +0100] rev 5862
mod_http_oauth2: Reflect changes to defaults etc
- Resource owner password grant was disabled by default
- Tokens now include a hash of client_id making it possible to be
reasonable sure that they were issued to a particular client
Matthew Wild <mwild1@gmail.com> [Sun, 03 Mar 2024 18:06:47 +0000] rev 5861
mod_report_forward: Fixes for abuse contact address lookup in origin reporting
Matthew Wild <mwild1@gmail.com> [Sun, 03 Mar 2024 16:10:14 +0000] rev 5860
mod_report_forward: Depend on mod_spam_reporting for auto-loading
Matthew Wild <mwild1@gmail.com> [Sun, 03 Mar 2024 16:05:04 +0000] rev 5859
mod_report_forward: Open archive store correctly (thanks Menel)
Matthew Wild <mwild1@gmail.com> [Sun, 03 Mar 2024 16:03:27 +0000] rev 5858
mod_spam_report_forwarder: Rename to mod_report_forward
This module is not only about spam reports.
Kim Alvefur <zash@zash.se> [Sun, 03 Mar 2024 11:23:40 +0100] rev 5857
mod_log_ringbuffer: Detach event handlers on logging reload (thanks Menel)
Otherwise the global event handlers accumulate, one added each time
logging is reoladed, and each invocation of the signal or event triggers
one dump of each created ringbuffer.
Kim Alvefur <zash@zash.se> [Sat, 02 Mar 2024 15:11:20 +0100] rev 5856
mod_log_ringbuffer: Hook POSIX signals via event only
Kim Alvefur <zash@zash.se> [Sat, 02 Mar 2024 14:47:09 +0100] rev 5855
mod_traceback: Hook signal via event instead of directly
Safer this way, see Prosody trunk rev 69faf3552d52
Kim Alvefur <zash@zash.se> [Sat, 02 Mar 2024 14:42:27 +0100] rev 5854
mod_debug_traceback: Remove direct POSIX signal handling, require Prosody 0.12+
Hooking an event is safer than directly hooking signals
For context see Prosody trunk rev 69faf3552d52
Kim Alvefur <zash@zash.se> [Thu, 29 Feb 2024 18:05:09 +0100] rev 5853
mod_muc_moderation: Remove Poezio, feature request gone in migration
Kim Alvefur <zash@zash.se> [Thu, 29 Feb 2024 18:00:01 +0100] rev 5852
mod_muc_moderation: Fix example
Matthew Wild <mwild1@gmail.com> [Thu, 29 Feb 2024 16:33:15 +0000] rev 5851
mod_spam_report_forwarder: Only forward to xmpp: URIs, and exclude MUCs
Stephen Paul Weber <singpolyma@singpolyma.net> [Sun, 25 Feb 2024 19:17:40 -0500] rev 5850
mod_muc_adhoc_bots: Fix bug preventing multiple commands from showing
Stephen Paul Weber <singpolyma@singpolyma.net> [Sun, 25 Feb 2024 19:10:30 -0500] rev 5849
mod_push2: empty table instead of nil when not present
Matthew Wild <mwild1@gmail.com> [Sun, 25 Feb 2024 15:28:45 +0000] rev 5848
mod_spam_report_forwarder: Support for reporting messages, and reporting to origin server
Matthew Wild <mwild1@gmail.com> [Fri, 23 Feb 2024 22:50:57 +0000] rev 5847
mod_pubsub_serverinfo: Update to use mod_server_info (fixes #1841)
...but only for Prosody trunk users, because 0.12 mod_server_contact_info does
not use the new API in mod_server_info.
Matthew Wild <mwild1@gmail.com> [Fri, 23 Feb 2024 22:47:05 +0000] rev 5846
mod_server_info: Rewrite/backport from Prosody 1ce18cb3e6cc
Matthew Wild <mwild1@gmail.com> [Fri, 23 Feb 2024 13:02:33 +0000] rev 5845
mod_pubsub_serverinfo: Update README to link to known issues
Matthew Wild <mwild1@gmail.com> [Tue, 20 Feb 2024 17:11:42 +0000] rev 5844
mod_audit_status: Expose 'crashed' flag
aidan@jmad.org [Thu, 15 Feb 2024 09:20:50 -0800] rev 5843
mod_http_upload_external: Fix typo in access documentation.
Matthew Wild <mwild1@gmail.com> [Mon, 12 Feb 2024 16:31:25 +0000] rev 5842
mod_firewall: Fix REPORT TO action name in documentation
Kim Alvefur <zash@zash.se> [Mon, 12 Feb 2024 15:44:38 +0100] rev 5841
mod_blocking: Drop mention of mod_privacy
Kim Alvefur <zash@zash.se> [Mon, 12 Feb 2024 15:43:11 +0100] rev 5840
mod_blocking: Deprecate
Kim Alvefur <zash@zash.se> [Mon, 12 Feb 2024 15:41:41 +0100] rev 5839
mod_privacy_lists: Deprecate
Kim Alvefur <zash@zash.se> [Sun, 11 Feb 2024 12:50:53 +0100] rev 5838
mod_firewall: Fix to find scripts when installed with plugin installer
Extra resources are stored in a different path by luarocks, not
alongside the code as this code assumed.
Thanks eTaurus
Matthew Wild <mwild1@gmail.com> [Wed, 07 Feb 2024 11:57:30 +0000] rev 5837
mod_pubsub_mqtt: Update to MQTT 3.1.1
Matthew Wild <mwild1@gmail.com> [Tue, 30 Jan 2024 14:26:14 +0000] rev 5836
mod_pubsub_mqtt: Fix syntax error
Matthew Wild <mwild1@gmail.com> [Tue, 30 Jan 2024 14:11:35 +0000] rev 5835
mod_pubsub_mqtt: Add TLS port (default 8883) for MQTT connections
Kim Alvefur <zash@zash.se> [Wed, 24 Jan 2024 17:55:26 +0100] rev 5834
mod_http_oauth2: Reuse JWT issuance time as substitute for auth time
Makes the token shorter. Since iat and auth_time are generated at about
the same time they would only differ by a few microseconds anyway.
Matthew Wild <mwild1@gmail.com> [Wed, 24 Jan 2024 13:14:36 +0000] rev 5833
mod_poke_strangers: Fix incorrect log method calls
Kim Alvefur <zash@zash.se> [Tue, 16 Jan 2024 11:47:22 +0100] rev 5832
mod_http_muc_log: Remove compat for very old MUC API
room:get_public() first appeared in 0.10.0
Matthew Wild <mwild1@gmail.com> [Sat, 13 Jan 2024 12:03:15 +0000] rev 5831
mod_http_admin_api: metrics: Filter out a value that is commonly nan at startup
The upload bytes count is typically nan at startup, which cannot legally be
encoded in JSON.
I haven't assessed whether any other metrics might emit nan under other
circumstances, but this fixes the most visible issue right now.
Matthew Wild <mwild1@gmail.com> [Fri, 12 Jan 2024 18:21:08 +0000] rev 5830
mod_groups_muc_bookmarks: Don't add deleted MUCs to user bookmarks
Matthew Wild <mwild1@gmail.com> [Fri, 12 Jan 2024 18:20:40 +0000] rev 5829
mod_groups_internal: Add flag to indicate when a linked MUC has been deleted
In theory this shouldn't happen, but it could (and apparently does).
Matthew Wild <mwild1@gmail.com> [Fri, 12 Jan 2024 18:19:56 +0000] rev 5828
mod_groups_internal: Also remove MUCs that still exist, but have been destroyed
Tombstones could previously fool us into thinking the MUC was still there.
Matthew Wild <mwild1@gmail.com> [Fri, 12 Jan 2024 15:40:23 +0000] rev 5827
mod_groups_muc_bookmarks: Sync bookmarks when user is added/removed to/from multi-MUC group
This was overlooked when multi-MUC support was first implemented.
Matthew Wild <mwild1@gmail.com> [Fri, 12 Jan 2024 15:38:56 +0000] rev 5826
mod_groups_internal: Sync MUC affiliations for multi-MUC groups
This was overlooked when multi-MUC support was added.
Matthew Wild <mwild1@gmail.com> [Fri, 12 Jan 2024 15:37:13 +0000] rev 5825
mod_groups_internal: Save MUC room after creation to commit it to storage
Without this, the MUC could be lost on an unclean shutdown.
Matthew Wild <mwild1@gmail.com> [Thu, 11 Jan 2024 15:53:18 +0000] rev 5824
mod_groups_internal: Fix traceback when room doesn't exist
I'm not sure if it should even be included if it doesn't exist, but I'm not
currently sure how this situation occurs, so I'm implementing the lightest
possible fix for now.
Matthew Wild <mwild1@gmail.com> [Tue, 09 Jan 2024 13:50:18 +0000] rev 5823
mod_sasl_ssdp: Fix event name so legacy SASL works correctly (thanks Martin!)
Matthew Wild <mwild1@gmail.com> [Mon, 08 Jan 2024 17:28:39 +0000] rev 5822
mod_password_policy: Change error type from 'cancel' to 'modify'
This makes more sense, as the problem relates to the data that has been
entered, and therefore the request could be retried with different data.
Matthew Wild <mwild1@gmail.com> [Mon, 08 Jan 2024 15:56:11 +0000] rev 5821
mod_pubsub_serverinfo: Treat public providers as public
The opt-in mechanism is to prevent leaking domain names or relationships
between small private servers. These are not considerations relevant to
public servers.
We use the providers.xmpp.net API to fetch a list of known public provider
domains.
Matthew Wild <mwild1@gmail.com> [Mon, 08 Jan 2024 15:54:09 +0000] rev 5820
mod_pubsub_serverinfo: Allow configuration of node persistence/deletion
Matthew Wild <mwild1@gmail.com> [Mon, 08 Jan 2024 15:53:21 +0000] rev 5819
mod_pubsub_serverinfo: Add explicit xmlns to all pubsub tags
This helps when routing between hosts on the same server, where the namespace
normalization is not handled by default.
Matthew Wild <mwild1@gmail.com> [Mon, 08 Jan 2024 15:52:22 +0000] rev 5818
mod_pubsub_serverinfo: Remove unused variable declaration
Matthew Wild <mwild1@gmail.com> [Mon, 08 Jan 2024 15:51:52 +0000] rev 5817
mod_pubsub_serverinfo: Some logging improvements
Matthew Wild <mwild1@gmail.com> [Mon, 08 Jan 2024 15:38:18 +0000] rev 5816
mod_pubsub_serverinfo: Refresh cache entries if they will expire before next run
Guus der Kinderen <guus.der.kinderen@gmail.com> [Thu, 04 Jan 2024 16:21:05 +0100] rev 5815
mod_pubsub_serverinfo: Add node on compatibility
Guus der Kinderen <guus.der.kinderen@gmail.com> [Thu, 04 Jan 2024 16:19:55 +0100] rev 5814
mod_pubsub_serverinfo: Warm-up opt-in cache
By warming up the cache that contains the opt-in data, the first publication has a better chance of including domain names for remote domains that opt-in.
Without this change, those domains are named only after the _second_ publication, which can take a while. New users are likely thrown off by that.
Guus der Kinderen <guus.der.kinderen@gmail.com> [Thu, 04 Jan 2024 15:15:51 +0100] rev 5813
mod_pubsub_serverinfo: Fix namespace parsing issue with disco/info
Prosody's API works based on attribute definitions, without using namespace scopes.
Guus der Kinderen <guus.der.kinderen@gmail.com> [Thu, 04 Jan 2024 15:14:19 +0100] rev 5812
mod_pubsub_serverinfo: Consider sibling vhosts 'connected'
Prosody does not have s2s connections between vhosts. Multiple domains will therefor not show up as each-other 'remote domains'.
With this commit, the module considers vhosts permanently s2s-connected.
Additional debug logging has been added.
Guus der Kinderen <guus.der.kinderen@gmail.com> [Thu, 04 Jan 2024 12:33:34 +0100] rev 5811
mod_pubsub_serverinfo: Update documentation
Removed a 'feature yet to be implemented' that now has been implemented.
Guus der Kinderen <guus.der.kinderen@gmail.com> [Thu, 04 Jan 2024 12:11:16 +0100] rev 5810
mod_pubsub_serverinfo: Added 'Known Issues' section
Guus der Kinderen <guus.der.kinderen@gmail.com> [Thu, 04 Jan 2024 12:05:51 +0100] rev 5809
mod_pubsub_serverinfo: Disco/info cache TTL should be configurable
This module caches the disco/info results of remote domains. This commit introduces a new configuration option that allows an admin to configure the cache expiry duration.
Guus der Kinderen <guus.der.kinderen@gmail.com> [Thu, 04 Jan 2024 11:59:35 +0100] rev 5808
mod_pubsub_serverinfo: Detect existence of pub/sub node
Instead of blindly trying to create the pub/sub node to publish items to, a service discovery query is performed to check if node creation is required.
Added various bits of warn and debug logging, to give a user better feedback if and why something is failing.
Guus der Kinderen <guus.der.kinderen@gmail.com> [Wed, 03 Jan 2024 23:05:14 +0100] rev 5807
mod_pubsub_serverinfo: implemented all basic features
This commit replaces the earlier proof-of-concept to a solution that:
- reports on remotely-connected domains
- uses disco/info to detect if those domains opt-in
- publishes domain names for remote domains that do so
- caches the disco/info response
tmolitor <thilo@eightysoft.de> [Wed, 03 Jan 2024 07:53:55 +0100] rev 5806
mod_csi_battery_saver: mark some presences as important
Guus der Kinderen <guus.der.kinderen@gmail.com> [Thu, 28 Dec 2023 11:02:35 +0100] rev 5805
mod_pubsub_serverinfo: New module that uses pub/sub to make accessible server info
This first implemetnation is laughably simple: it only adds a disco#info
feature. This flags 'opt-in' for inclusion of local domain names in the
data exposed by other domains (per the domain), which will allow servers to
be listed in the XMPP Network Graph at https://xmppnetwork.goodbytes.im
Hopefully, this bare-boned implementation acts as a stepping stone for
future improvements.
Kim Alvefur <zash@zash.se> [Sat, 23 Dec 2023 17:27:35 +0100] rev 5804
mod_groups_internal: Set group names as roster groups
Kim Alvefur <zash@zash.se> [Sat, 23 Dec 2023 00:06:35 +0100] rev 5803
mod_http_oauth2: Reduce log level for error delivery via redirect
This is supposed to be normal in OAuth2, not really deserving a warning
log message.
Kim Alvefur <zash@zash.se> [Sat, 23 Dec 2023 00:01:30 +0100] rev 5802
mod_http_oauth2: Tweak fallback error text
Since the oauth error is more like the error condition, a symbolic error
code, not the most human-friendly. Many error cases do have
human-readable error descriptions that should be fine on their own, or
changed to be.
As a fallback, capitalize the error name.
Kim Alvefur <zash@zash.se> [Thu, 21 Dec 2023 18:26:42 +0100] rev 5801
mod_http_oauth2: Improve registration schema documentation parts
Kim Alvefur <zash@zash.se> [Fri, 15 Dec 2023 12:10:07 +0100] rev 5800
mod_http_oauth2: Do not enforce PKCE on Device and OOB flows
PKCE does not appear to be used with the Device flow. I have found no
mention of any interaction between those standards. Since no data is
delivered via redirects in these cases, PKCE may not serve any purpose.
This is mostly a problem because we reuse the authorization code to
implement the Device and OOB flows.
Matthew Wild <mwild1@gmail.com> [Thu, 14 Dec 2023 09:44:13 +0000] rev 5799
mod_groups_internal: Return group name instead of MUC name if MUC has no name
Matthew Wild <mwild1@gmail.com> [Tue, 12 Dec 2023 19:08:28 +0000] rev 5798
mod_server_info: New module to add custom service extension forms to disco
Matthew Wild <mwild1@gmail.com> [Tue, 12 Dec 2023 19:06:37 +0000] rev 5797
mod_firewall: TO/FROM ROLE: Handle JIDs with no role (thanks Zash)
Matthew Wild <mwild1@gmail.com> [Mon, 11 Dec 2023 19:09:25 +0000] rev 5796
mod_firewall: Fix TO/FROM ROLE
These conditions did not match because get_jid_role() returns a role object.
We want to compare based on the name.
Matthew Wild <mwild1@gmail.com> [Mon, 11 Dec 2023 12:10:43 +0000] rev 5795
mod_measure_active_users: Fix inverted logic (thanks mirux)
Kim Alvefur <zash@zash.se> [Fri, 08 Dec 2023 20:08:35 +0100] rev 5794
mod_http_oauth2: Use color-scheme to get nice dark mode defaults
Matthew Wild <mwild1@gmail.com> [Fri, 08 Dec 2023 16:00:34 +0000] rev 5793
mod_isolate_host: Fix inverted logic in log message
Matthew Wild <mwild1@gmail.com> [Fri, 08 Dec 2023 12:45:22 +0000] rev 5792
mod_s2s_status: Add missing return (thanks Zash)
Matthew Wild <mwild1@gmail.com> [Thu, 07 Dec 2023 15:46:50 +0000] rev 5791
mod_c2s_conn_throttle: Reduce log level from error->info
Our general policy is that "error" should never be triggerable by remote
entities, and that it is always about something that requires admin
intervention. This satisfies neither condition.
The "warn" level can be used for unexpected events/behaviour triggered by
remote entities, and this could qualify. However I don't think failed auth
attempts are unexpected enough.
I selected "info" because it is what is also used for other notable session
lifecycle events.
Matthew Wild <mwild1@gmail.com> [Thu, 07 Dec 2023 15:43:47 +0000] rev 5790
mod_http_admin_api: Abort request if no valid username
Matthew Wild <mwild1@gmail.com> [Thu, 07 Dec 2023 15:43:16 +0000] rev 5789
mod_http_admin_api: Fix some luacheck warnings and code style issues
Matthew Wild <mwild1@gmail.com> [Thu, 07 Dec 2023 15:41:55 +0000] rev 5788
mod_http_admin_api: Support PATCH for user enabled status
Matthew Wild <mwild1@gmail.com> [Thu, 07 Dec 2023 15:41:18 +0000] rev 5787
mod_http_admin_api: Support for setting user account enabled status
Matthew Wild <mwild1@gmail.com> [Thu, 07 Dec 2023 15:30:41 +0000] rev 5786
mod_http_admin_api: Only include user deletion_request if account is disabled
Matthew Wild <mwild1@gmail.com> [Thu, 07 Dec 2023 15:30:01 +0000] rev 5785
mod_http_admin_api: Return avatar metadata from get_user_info()
Matthew Wild <mwild1@gmail.com> [Thu, 07 Dec 2023 13:02:36 +0000] rev 5784
mod_audit_auth: Improve user-agent building (fixes traceback)
Matthew Wild <mwild1@gmail.com> [Wed, 06 Dec 2023 19:13:26 +0000] rev 5783
mod_http_admin_api: Include information about pending deletion request, if any
Matthew Wild <mwild1@gmail.com> [Wed, 06 Dec 2023 15:50:46 +0000] rev 5782
mod_measure_active_users: Use the new mod_lastlog2 API
Matthew Wild <mwild1@gmail.com> [Wed, 06 Dec 2023 15:45:44 +0000] rev 5781
mod_measure_active_users: Exclude disabled user accounts from counts
...if usermanager exposes that API (it's in trunk, not 0.12).
Matthew Wild <mwild1@gmail.com> [Wed, 06 Dec 2023 15:07:09 +0000] rev 5780
mod_lastlog2: Fix to interpret stored data structure correctly
Matthew Wild <mwild1@gmail.com> [Wed, 06 Dec 2023 12:14:12 +0000] rev 5779
mod_http_admin_api: Include user account status and activity in get_user_info
Matthew Wild <mwild1@gmail.com> [Wed, 06 Dec 2023 12:12:37 +0000] rev 5778
mod_lastlog2: Expose API to query the last active time of a user
Matthew Wild <mwild1@gmail.com> [Tue, 05 Dec 2023 12:39:00 +0000] rev 5777
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Kim Alvefur <zash@zash.se> [Mon, 04 Dec 2023 21:38:27 +0100] rev 5776
mod_log_sasl_mech: Handle auth event from other than mod_saslauth
E.g. mod_http_oauth2
Kim Alvefur <zash@zash.se> [Mon, 04 Dec 2023 21:36:35 +0100] rev 5775
mod_http_oauth2: Add logger to "session" for auth event
So many assumptions in so many other modules about auth-success/fail
Kim Alvefur <zash@zash.se> [Mon, 04 Dec 2023 21:07:54 +0100] rev 5774
mod_http_oauth2: Move some code earlier
Kim Alvefur <zash@zash.se> [Mon, 04 Dec 2023 00:23:19 +0100] rev 5773
mod_restrict_xmpp: Allow all XEP-0199 pings to self
No permission to send a ping without a 'to' attribute?
Kim Alvefur <zash@zash.se> [Mon, 04 Dec 2023 00:08:27 +0100] rev 5772
mod_restrict_xmpp/README: Fix definition list rendering
Pandoc wants a blank line between items.
Kim Alvefur <zash@zash.se> [Sun, 03 Dec 2023 23:51:54 +0100] rev 5771
mod_http_oauth2: Reject unparsable URLs
This used to be caught by luaPattern=https:// in the schema but that's
been removed for some reason
Kim Alvefur <zash@zash.se> [Sun, 03 Dec 2023 23:44:18 +0100] rev 5770
mod_http_oauth2: Return validation output added in trunk rev 72d7830505f0
It's not fun at all to try to register a client and only get back
"failed schema validation", this should help with that.
Kim Alvefur <zash@zash.se> [Sun, 03 Dec 2023 21:25:39 +0100] rev 5769
mod_s2s_smacks_timeout: Add note about being merged in trunk mod_s2s
Kim Alvefur <zash@zash.se> [Sun, 03 Dec 2023 15:07:50 +0100] rev 5768
mod_http_oauth2: Handle login_hint without @hostpart
Makes life easier for the client when it does not know the full JID,
which might not have the same hostpart as the authorization server URL.
Kim Alvefur <zash@zash.se> [Sat, 02 Dec 2023 13:35:29 +0100] rev 5767
mod_audit: Fix querying for both user and global events
Forgot to fix this before I pushed
Kim Alvefur <zash@zash.se> [Sat, 02 Dec 2023 13:26:31 +0100] rev 5766
mod_storage_s3: Fix mapping archive query limit to ?max-keys=
Kim Alvefur <zash@zash.se> [Sat, 02 Dec 2023 12:30:28 +0100] rev 5765
mod_audit: Fix error due to sub-second precision timestamps
os.date() does not handle them
Kim Alvefur <zash@zash.se> [Sat, 02 Dec 2023 12:23:15 +0100] rev 5764
mod_storage_s3: Remove wrapper and original timestamp from payload (BC)
Unpacking the wrapper was already removed in 66986f5271c3 so it was
broken already.
Just rely on the Last-Modified date instead, it's not going to be
accurate if a different timestamp is passed, e.g. with migrations, but
that will have to be a future problem.
Perhaps the X-Amz-Meta-* can be used?
Kim Alvefur <zash@zash.se> [Sat, 02 Dec 2023 12:21:26 +0100] rev 5763
mod_storage_s3: Fix sorting items by correct field
Kim Alvefur <zash@zash.se> [Sat, 02 Dec 2023 12:20:36 +0100] rev 5762
mod_storage_s3: Fix passing of prefixes, should not be urlencoded
Kim Alvefur <zash@zash.se> [Sat, 02 Dec 2023 11:48:19 +0100] rev 5761
mod_audit: Update command to handle storing JIDs instead of only usernames
Kim Alvefur <zash@zash.se> [Sat, 02 Dec 2023 11:18:57 +0100] rev 5760
mod_client_management: Include session in the other new-client event too
Kim Alvefur <zash@zash.se> [Sat, 02 Dec 2023 11:10:43 +0100] rev 5759
luacheckrc: Replace deprecated module:once with :on_ready
So that :once is warned about properly.
module:once was only added in trunk so it shouldn't have gotten very far
yet.
Kim Alvefur <zash@zash.se> [Sat, 02 Dec 2023 11:07:23 +0100] rev 5758
mod_restrict_xmpp: Add vcard4 PEP node to profile permission
Kim Alvefur <zash@zash.se> [Sat, 02 Dec 2023 11:06:47 +0100] rev 5757
mod_client_management: Include session in new-client event
Needed by mod_audit_auth
Kim Alvefur <zash@zash.se> [Fri, 01 Dec 2023 22:40:41 +0100] rev 5756
mod_http_oauth2: Fire authentication events on login form
For e.g. mod_audit_auth to use.
A bit hacky because upon review many modules don't seem to handle the
lack of an XMPP session in the event payload.
Kim Alvefur <zash@zash.se> [Fri, 01 Dec 2023 21:35:25 +0100] rev 5755
mod_http_oauth2: Comment on authorization code storage
Kim Alvefur <zash@zash.se> [Fri, 01 Dec 2023 21:32:33 +0100] rev 5754
mod_audit_tokens: Record events fired by mod_tokenauth in audit log
Matthew Wild <mwild1@gmail.com> [Fri, 01 Dec 2023 11:59:02 +0000] rev 5753
mod_audit_auth: Add audit record when a client connects that has not been seen before
Matthew Wild <mwild1@gmail.com> [Fri, 01 Dec 2023 11:34:52 +0000] rev 5752
mod_audit_auth: Ignore FAST authentication events by default
FAST is more like a cookie that allows linking new connections to a previous
(e.g. password) authentication. Since we assume that FAST tokens are secure
(not user generated) and not shareable, it reduces a lot of noise by filtering
out uninteresting authentication events.
Matthew Wild <mwild1@gmail.com> [Thu, 30 Nov 2023 18:05:42 +0000] rev 5751
mod_restrict_xmpp: Fix remaining hard-coded role name
Matthew Wild <mwild1@gmail.com> [Thu, 30 Nov 2023 17:59:47 +0000] rev 5750
mod_audit: Update README with new name of mod_audit_register
Matthew Wild <mwild1@gmail.com> [Thu, 30 Nov 2023 17:59:08 +0000] rev 5749
mod_audit_user_accounts: Renamed from mod_audit_register
Matthew Wild <mwild1@gmail.com> [Thu, 30 Nov 2023 17:51:27 +0000] rev 5748
mod_audit_register: Support for deregister and enable/disable events
Matthew Wild <mwild1@gmail.com> [Wed, 29 Nov 2023 12:14:49 +0000] rev 5747
mod_audit_status: Support writing heartbeat with async storage drivers
Kim Alvefur <zash@zash.se> [Wed, 29 Nov 2023 11:14:21 +0100] rev 5746
mod_storage_xmlarchive: Support using requested archive-id
However diverging from the date-prefixed format means it will need to
look through the whole archive to find a particular ID.
Kim Alvefur <zash@zash.se> [Tue, 28 Nov 2023 19:55:43 +0100] rev 5745
mod_storage_xmlarchive: Pass hostname to converter for converting all users
Kim Alvefur <zash@zash.se> [Tue, 28 Nov 2023 19:48:34 +0100] rev 5744
mod_storage_xmlarchive: Migrate all users/rooms if no JID argument given
Kim Alvefur <zash@zash.se> [Mon, 27 Nov 2023 17:16:15 +0100] rev 5743
misc: Add a basic grafterm dashboard
For those of us who would rather have less JavaScript
Kim Alvefur <zash@zash.se> [Mon, 27 Nov 2023 17:14:36 +0100] rev 5742
misc: Add a Grafana dashboard
Kim Alvefur <zash@zash.se> [Mon, 27 Nov 2023 14:27:35 +0100] rev 5741
mod_storage_s3: Sort archive items by LastModified
Otherwise they would get sorted by who knows what, probably the path.
Also not sure if the timestamp comparisons were correct before.
Kim Alvefur <zash@zash.se> [Mon, 27 Nov 2023 09:30:04 +0100] rev 5740
mod_storage_s3: Reorder path components (BC: invalidates any existing data)
keyvalue: /bucket/hostname/username/store
archive: /bucket/hostname/username/store/yyyy-mm-dd/with/key
Kim Alvefur <zash@zash.se> [Mon, 27 Nov 2023 09:28:28 +0100] rev 5739
mod_storage_s3: Fix querying for basic MAM parameters
I guess I was planning to hash the 'with' part but changed my mind half
way through implementing and also never tested this.
Kim Alvefur <zash@zash.se> [Mon, 27 Nov 2023 07:10:06 +0100] rev 5738
luacheck: Add new module API methods from trunk
See
* trunk rev 4d4f9e42bcf8
* trunk rev 65fb0d7a2312
* trunk rev c9ef35fab0b1
Kim Alvefur <zash@zash.se> [Sun, 26 Nov 2023 22:44:01 +0100] rev 5737
mod_storage_s3: Implement search for set of IDs
This together with the full id range query enables support for
urn:xmpp:mam:2#extended in mod_mam
Kim Alvefur <zash@zash.se> [Sun, 26 Nov 2023 22:29:21 +0100] rev 5736
mod_storage_s3: Advertise full id range archive query capability
Kim Alvefur <zash@zash.se> [Sun, 26 Nov 2023 21:51:12 +0100] rev 5735
mod_audit: Use new module API for period/time ranges
It was added around the same time as the parse_duration function
Kim Alvefur <zash@zash.se> [Sat, 25 Nov 2023 01:09:01 +0100] rev 5734
mod_auth_oauth_external: Fix typo
Kim Alvefur <zash@zash.se> [Thu, 23 Nov 2023 16:16:34 +0100] rev 5733
mod_storage_xmlarchive: Fix "user" iteration API
Fixes use in prosody-migrator.
Otherwise this particular API is not used much, or this would have been
noticed before. Usually it is a different store like 'accounts' that is
responsible for providing the authoritative list of users.
Thanks Ge0rG for testing
Kim Alvefur <zash@zash.se> [Wed, 22 Nov 2023 12:56:50 +0100] rev 5732
mod_storage_s3: Fix storing archives for host itself (e.g. mod_audit)
Fixes error due to path constructor trying to do string.gsub(nil) with
missing username or with fields.
Matthew Wild <mwild1@gmail.com> [Wed, 22 Nov 2023 11:54:22 +0000] rev 5731
mod_register_redirect: docs: Fix typo in example (thanks melvo)
Matthew Wild <mwild1@gmail.com> [Tue, 21 Nov 2023 17:34:54 +0000] rev 5730
mod_sasl2_sm: Remove duplicate advertisement of stream management (thanks singpolyma)
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr> [Thu, 16 Nov 2023 19:18:22 +0100] rev 5729
mod_invites_page: Add support for Haiku and mobile Linux
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr> [Thu, 16 Nov 2023 19:18:05 +0100] rev 5728
mod_invites_page: Also remove jQuery usage in client page
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr> [Thu, 16 Nov 2023 19:17:44 +0100] rev 5727
mod_invites_page: Stop displaying the QRCode to mobile devices
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr> [Thu, 16 Nov 2023 18:06:40 +0100] rev 5726
mod_register_apps: Remove intrinsic size from SVGs, to always display them at their full size
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr> [Thu, 16 Nov 2023 16:31:02 +0100] rev 5725
mod_invites_page: Typo in preventing the default event when clicking on show all
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr> [Thu, 16 Nov 2023 16:25:52 +0100] rev 5724
mod_http_avatar: Fix displaying the fallback on Firefox
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr> [Thu, 16 Nov 2023 16:16:55 +0100] rev 5723
mod_invites_page: Move the JS script to its own file
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr> [Thu, 16 Nov 2023 16:15:26 +0100] rev 5722
mod_invites_page: Replace jQuery with vanilla.js in the HTML
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr> [Thu, 16 Nov 2023 16:14:24 +0100] rev 5721
mod_register_apps: Add Renga to the list of supported clients
Kim Alvefur <zash@zash.se> [Tue, 14 Nov 2023 23:19:19 +0100] rev 5720
mod_http_oauth2: Make defaults more secure
This should be fine since we don't have a lot of clients to be
backwards-compatible with.
Kim Alvefur <zash@zash.se> [Tue, 14 Nov 2023 23:03:37 +0100] rev 5719
mod_http_oauth2: Skip consent screen if requested by client and same scopes already granted
This follows the intent behind the OpenID Connect 'prompt' parameter
when it does not include the 'consent' keyword, that is the client
wishes to skip the consent screen. If the user has already granted the
exact same scopes to the exact same client in the past, then one can
assume that they may grant it again.
Kim Alvefur <zash@zash.se> [Tue, 14 Nov 2023 16:01:33 +0100] rev 5718
mod_audit: Replace argument parsing debug print() with debug logging
prosodyctl -v to view
Kim Alvefur <zash@zash.se> [Mon, 13 Nov 2023 17:23:49 +0100] rev 5717
mod_audit_register: Include hostpart with audit events here too
mod_audit seems to expect this to be JIDs, not bare usernames.
Kim Alvefur <zash@zash.se> [Mon, 13 Nov 2023 17:14:09 +0100] rev 5716
mod_audit_auth: Include hostpart with audit events
mod_audit seems to expect this to be JIDs, not bare usernames.
Kim Alvefur <zash@zash.se> [Mon, 13 Nov 2023 16:55:12 +0100] rev 5715
mod_audit: Fix storing IP prefixes
Was essentially calling new_ip(new_ip())
Kim Alvefur <zash@zash.se> [Mon, 13 Nov 2023 12:37:21 +0100] rev 5714
mod_audit: Fix showing session details in module command
The namespaced session element was not accounted for.
Kim Alvefur <zash@zash.se> [Mon, 13 Nov 2023 12:22:17 +0100] rev 5713
mod_audit: Also record human-readable name of country
Nicer to show in graphs but less machine-usable
Throw in continent in case that turns out to be useful one day
Kim Alvefur <zash@zash.se> [Mon, 13 Nov 2023 12:14:31 +0100] rev 5712
mod_audit: Fix recording location info
The method :query_by_addr only works for IPv4, even if you open the IPv6
database, which is an odd API. It also returns a table, not a string.
Kim Alvefur <zash@zash.se> [Mon, 13 Nov 2023 12:05:17 +0100] rev 5711
mod_audit: Parse IP into util.ip object once and reuse
Mostly for my own sanity
Kim Alvefur <zash@zash.se> [Mon, 13 Nov 2023 12:02:54 +0100] rev 5710
mod_audit: Pass IP address in string form
Passing an util.ip object to :text_tag() would be an error.
Kim Alvefur <zash@zash.se> [Mon, 13 Nov 2023 11:36:56 +0100] rev 5709
mod_audit: Fix use of util.ip
Yes, weirdly named 'new' function
Kim Alvefur <zash@zash.se> [Sun, 12 Nov 2023 16:37:47 +0100] rev 5708
mod_firewall: Add FROM COUNTRY condition based on GeoIP DB
Kim Alvefur <zash@zash.se> [Sun, 12 Nov 2023 16:14:09 +0100] rev 5707
mod_firewall: Tweak page outline
Having 'Sender/recipient matching' under 'Stanza matching' makes more
sense to me than the former being a top level item.
Kim Alvefur <zash@zash.se> [Sun, 12 Nov 2023 02:37:53 +0100] rev 5706
mod_aws_profile: Fix use of timer API
Kim Alvefur <zash@zash.se> [Sun, 12 Nov 2023 02:35:34 +0100] rev 5705
mod_auth_oauth_external: Enable experimental http connection pooling
Connection pooling may provide a performance boost since it does a few
requests per authentication.
Kim Alvefur <zash@zash.se> [Sat, 11 Nov 2023 23:55:44 +0100] rev 5704
mod_storage_s3: Enable connection pooling added in latest trunk
Speed boost, something like a 30% improvement with http://localhost
Small risk of failed requests due to limits on number of requests per
connection or timeouts.
Kim Alvefur <zash@zash.se> [Sat, 11 Nov 2023 22:43:34 +0100] rev 5703
mod_storage_s3: Fix logging
Seems request and response loggers is only a thing on http requests and
responses from net.http.server, not net.http requests.
Kim Alvefur <zash@zash.se> [Sat, 11 Nov 2023 22:32:18 +0100] rev 5702
mod_storage_s3: Sort imports
For pedantic reasons
Kim Alvefur <zash@zash.se> [Sat, 11 Nov 2023 22:47:14 +0100] rev 5701
mod_storage_s3: Implement archive store deletion
Not the most efficient way but should work.
Kim Alvefur <zash@zash.se> [Sat, 11 Nov 2023 22:26:39 +0100] rev 5700
mod_storage_s3: Skip archive items matching on date but not full datetime
Since it only encodes dates in paths, it would have returned items from
outside the specified start..end range if they were from earlier or
later in the same (UTC) day.
Kim Alvefur <zash@zash.se> [Sat, 11 Nov 2023 17:01:29 +0100] rev 5699
mod_storage_s3: Move request signing into a net.http hook
Kim Alvefur <zash@zash.se> [Fri, 10 Nov 2023 00:26:17 +0100] rev 5698
mod_client_management: Report on longest lived token when grant does not expire
E.g. for mod_http_oauth2 where by default the grant itself is unlimited,
while refresh tokens are issued with one week lifetime, but are renewed
with each use.
Matthew Wild <mwild1@gmail.com> [Tue, 07 Nov 2023 11:28:46 +0000] rev 5697
mod_muc_members_json: Fix typo in example and set correct syntax highlighter
Matthew Wild <mwild1@gmail.com> [Tue, 07 Nov 2023 11:26:36 +0000] rev 5696
mod_muc_members_json: Expand example config and docs for clarity
Kim Alvefur <zash@zash.se> [Sun, 05 Nov 2023 21:06:23 +0100] rev 5695
mod_storage_appendmap: Include timestamps when appending data
Meant to give some sense of when each piece of data was added, to aid in
debugging changes or manual rollbacks.
Kim Alvefur <zash@zash.se> [Sun, 05 Nov 2023 21:03:30 +0100] rev 5694
mod_storage_appendmap: Implement item/user iteration methods
Kim Alvefur <zash@zash.se> [Sun, 05 Nov 2023 19:22:46 +0100] rev 5693
mod_http_health: Copypaste IP access control code
Kim Alvefur <zash@zash.se> [Fri, 03 Nov 2023 23:26:57 +0100] rev 5692
mod_dnsupdate: Support advertising explicit non-existence of service
Matthew Wild <mwild1@gmail.com> [Thu, 02 Nov 2023 17:00:53 +0000] rev 5691
mod_http_admin_api: Support for adding/removing group MUCs
Matthew Wild <mwild1@gmail.com> [Thu, 02 Nov 2023 17:00:14 +0000] rev 5690
mod_groups_muc_bookmarks: Update bookmarks when a group MUC is added/removed
Matthew Wild <mwild1@gmail.com> [Thu, 02 Nov 2023 16:59:44 +0000] rev 5689
mod_groups_internal: Update to support multiple MUCs per group
This was a feature request for Snikket.
Matthew Wild <mwild1@gmail.com> [Mon, 30 Oct 2023 12:28:12 +0000] rev 5688
mod_storage_ejabberdsql_readonly: Don't use MySQL-specific syntax
util.sql should take care of transformation when MySQL is in use.
Kim Alvefur <zash@zash.se> [Sun, 29 Oct 2023 12:41:56 +0100] rev 5687
mod_client_management: Bail out retrieving tokens for user
Fixes core/usermanager.lua:118: attempt to index a nil value (field '?')
Kim Alvefur <zash@zash.se> [Sun, 29 Oct 2023 11:30:49 +0100] rev 5686
mod_http_oauth2: Limit revocation to clients own tokens in strict mode
RFC 7009 section 2.1 states:
> The authorization server first validates the client credentials (in
> case of a confidential client) and then verifies whether the token was
> issued to the client making the revocation request. If this
> validation fails, the request is refused and the client is informed of
> the error by the authorization server as described below.
The first part was already covered (in strict mode). This adds the later
part using the hash of client_id recorded in 0860497152af
It still seems weird to me that revoking a leaked token should not be
allowed whoever might have discovered it, as that seems the responsible
thing to do.
Kim Alvefur <zash@zash.se> [Sun, 29 Oct 2023 11:20:15 +0100] rev 5685
mod_http_oauth2: Restrict introspection to clients own tokens
The introspection code was added before the client hash was added in
0860497152af which allows connecting tokens to clients.
Kim Alvefur <zash@zash.se> [Thu, 25 May 2023 09:31:21 +0200] rev 5684
mod_http_oauth2: Implement introspection endpoint
"Tell me about this token"
Kim Alvefur <zash@zash.se> [Wed, 25 Oct 2023 17:18:50 +0200] rev 5683
mod_http_status: Add IP allowlisting capabilities
Based on mod_http_openmetrics