Matthew Wild <mwild1@gmail.com> [Fri, 07 Oct 2022 16:58:52 +0100] rev 12751
util.roles: Add tests
Matthew Wild <mwild1@gmail.com> [Fri, 07 Oct 2022 16:58:08 +0100] rev 12750
util.roles: Return nil if the role has no explicit policy (fixes inheritance)
Previously, if the first inherited role had no opinion, it returned false and
prevented further consultation of other inherited roles.
This bug was found thanks to the implementation of missing test cases
identified through mutation testing.
Matthew Wild <mwild1@gmail.com> [Fri, 07 Oct 2022 11:35:56 +0100] rev 12749
mod_smacks: Change boolean attribute from '1' to 'true' for compatibility
Conversations 2.10.10 and earlier expect this to be literally 'true' and don't
recognise '1'. This leads to it not attempting resumption with Prosody at all
since this change was introduced in 36ba170c4fd0.
Thanks to Zash for noticing, debugging and diagnosing this issue.
This issue is fixed in Conversations commit 052c58f3 (unreleased at the time
of writing).
Matthew Wild <mwild1@gmail.com> [Thu, 06 Oct 2022 18:34:40 +0100] rev 12748
util.iterators: join: Work even with only a single iterator in the chain
Matthew Wild <mwild1@gmail.com> [Thu, 06 Oct 2022 16:00:39 +0100] rev 12747
mod_tokenauth: Remove expired tokens from storage
Matthew Wild <mwild1@gmail.com> [Thu, 06 Oct 2022 15:59:07 +0100] rev 12746
mod_tokenauth: Invalidate tokens issued before most recent password change
This is a security improvement, to ensure that sessions authenticated using a
token (note: not currently possible in stock Prosody) are invalidated just
like password-authenticated sessions are.
Matthew Wild <mwild1@gmail.com> [Thu, 06 Oct 2022 11:12:57 +0100] rev 12745
prosodyctl: check turn: More clearly indicate the error is from TURN server
Kim Alvefur <zash@zash.se> [Tue, 04 Oct 2022 12:04:43 +0200] rev 12744
mod_authz_internal: Fix warning due to global use
Thanks Menel and Martin
Jonas Schäfer <jonas@wielicki.name> [Mon, 03 Oct 2022 12:55:11 +0200] rev 12743
Backed out changeset 1bc2220cd6ec
The use of the error helpers creates an `<error/>` child element
containing the error condition. This is however not allowed as per
XEP-0198, which specifies that the error condition is to be a direct
child of the `<failed/>` stream management element.
This has triggered a fun reconnect loop in aioxmpp where it was
reported by a user [1].
[1]: https://github.com/horazont/aioxmpp/issues/382
Matthew Wild <mwild1@gmail.com> [Fri, 30 Sep 2022 20:38:31 +0100] rev 12742
util.jwt: More robust ECDSA signature parsing, fail early on unexpected length