Kim Alvefur <zash@zash.se> [Mon, 24 Jan 2022 23:05:26 +0100] rev 12216
mod_pubsub: Use the 'pubsub#type' setting to pick summary generator
Allows using different ones even if multiple semantically different
formats share the same root element xmlns, e.g. generic Atom and
XEP-0277 entries.
Kim Alvefur <zash@zash.se> [Tue, 25 Jan 2022 13:20:26 +0100] rev 12215
mod_tls: Set ALPN on outgoing connections
Relevant and sometimes needed for Direct TLS which mod_s2s uses this
context for. Primarily when e.g. mod_net_multiplex or equivalent ALPN
based dispatch is used.
All these contexts should likely move away from mod_tls and into either
mod_s2s or portmanager. The later already duplicates some of this work.
Matthew Wild <mwild1@gmail.com> [Mon, 24 Jan 2022 13:58:04 +0000] rev 12214
Added tag 0.11.13 for changeset ebeb4d959fb3
Kim Alvefur <zash@zash.se> [Sun, 23 Jan 2022 20:06:50 +0100] rev 12213
mod_admin_shell: Add command to show current user roles
Kim Alvefur <zash@zash.se> [Sun, 23 Jan 2022 19:55:32 +0100] rev 12212
mod_admin_shell: Add help section about roles
As in the argument to user:create() and user:roles()
Tricky to come up with something sensible to write when Prosody core
only knows of the 'prosody:admin' role so far.
Kim Alvefur <zash@zash.se> [Fri, 21 Jan 2022 18:42:38 +0100] rev 12211
mod_s2s: Retrieve TLS context for outgoing Direct TLS connections from mod_tls
So that the same TLS context is used for both Direct TLS and starttls,
since they are supposed to be functionally identical apart from the few
extra round trips.
A new event is added because the 's2s-created' event fires much later,
after a connection has already been established, where we need the TLS
context before that.
Kim Alvefur <zash@zash.se> [Fri, 21 Jan 2022 17:59:19 +0100] rev 12210
mod_s2s: Enable outgoing Direct TLS connections
Makes it faster by cutting out the roundtrips involved in <starttls/>,
at the cost of making an additional SRV lookup.
Since we already ignore a missing <starttls/> offer and try anyway there
is not much difference in security. The fact that XMPP is used and the
hostnames involved might still be visible until the future Encrypted
ClientHello extension allows hiding those too.
Kim Alvefur <zash@zash.se> [Fri, 21 Jan 2022 17:57:47 +0100] rev 12209
net.connect: Allow passing TLS context from resolver
Only allowing it to be passed directly makes it hard to combine plain
(i.e. starttls) and Direct TLS connections in the same connection
resolution procedure. But now we can, using chained resolvers!
Kim Alvefur <zash@zash.se> [Fri, 21 Jan 2022 17:56:20 +0100] rev 12208
net.resolvers.chain: A resolver for combining other resolvers
Say if you wanted to try both _xmpp and _xmpps services
Kim Alvefur <zash@zash.se> [Thu, 20 Jan 2022 13:02:24 +0100] rev 12207
Merge 0.11->trunk