# HG changeset patch # User Kim Alvefur # Date 1543149100 -3600 # Node ID 0ce404230388faae78e789bffd468f9b3afed447 # Parent fc2266339cd80fbd2382fac3ca6d77dacfa3d1a5# Parent 28d4b9d5a432a66029b07bc2e12099f8802e9d92 Merge 0.11->trunk diff -r fc2266339cd8 -r 0ce404230388 .hgtags --- a/.hgtags Sun Nov 18 01:30:20 2018 +0100 +++ b/.hgtags Sun Nov 25 13:31:40 2018 +0100 @@ -65,3 +65,4 @@ 4ae8dd415e9431924ad4aa0b57bcee8a4a9272f8 0.10.1 29c6d2681bad9f67d8bd548bb3a7973473bae91e 0.9.14 7ec098b68042f60687f1002e788b34b06048945d 0.10.2 +83f3a05c1b1bb9b54b3b153077a06eb02e247c8e 0.11.0 diff -r fc2266339cd8 -r 0ce404230388 CHANGES --- a/CHANGES Sun Nov 18 01:30:20 2018 +0100 +++ b/CHANGES Sun Nov 25 13:31:40 2018 +0100 @@ -1,7 +1,7 @@ 0.11.0 ====== -**YYYY-MM-DD** (not yet) +**2018-11-18** New features ------------ diff -r fc2266339cd8 -r 0ce404230388 plugins/muc/muc.lib.lua --- a/plugins/muc/muc.lib.lua Sun Nov 18 01:30:20 2018 +0100 +++ b/plugins/muc/muc.lib.lua Sun Nov 25 13:31:40 2018 +0100 @@ -904,6 +904,7 @@ local item = stanza.tags[1].tags[1]; if not item then origin.send(st.error_reply(stanza, "cancel", "bad-request")); + return true; end if item.attr.jid then -- Validate provided JID item.attr.jid = jid_prep(item.attr.jid); diff -r fc2266339cd8 -r 0ce404230388 prosody.cfg.lua.dist --- a/prosody.cfg.lua.dist Sun Nov 18 01:30:20 2018 +0100 +++ b/prosody.cfg.lua.dist Sun Nov 25 13:31:40 2018 +0100 @@ -102,16 +102,10 @@ -- Force servers to use encrypted connections? This option will -- prevent servers from authenticating unless they are using encryption. --- Note that this is different from authentication s2s_require_encryption = true - -- Force certificate authentication for server-to-server connections? --- This provides ideal security, but requires servers you communicate --- with to support encryption AND present valid, trusted certificates. --- NOTE: Your version of LuaSec must support certificate verification! --- For more information see https://prosody.im/doc/s2s#security s2s_secure_auth = false @@ -122,17 +116,13 @@ --s2s_insecure_domains = { "insecure.example" } --- Even if you leave s2s_secure_auth disabled, you can still require valid +-- Even if you disable s2s_secure_auth, you can still require valid -- certificates for some domains by specifying a list here. --s2s_secure_domains = { "jabber.org" } -- Select the authentication backend to use. The 'internal' providers -- use Prosody's configured data storage to store the authentication data. --- To allow Prosody to offer secure authentication mechanisms to clients, the --- default provider stores passwords in plaintext. If you do not trust your --- server please see https://prosody.im/doc/modules/mod_auth_internal_hashed --- for information about using the hashed backend. authentication = "internal_hashed" @@ -183,6 +173,9 @@ -- Location of directory to find certificates in (relative to main config file): certificates = "certs" +-- HTTPS currently only supports a single certificate, specify it here: +--https_certificate = "certs/localhost.crt" + ----------- Virtual hosts ----------- -- You need to add a VirtualHost entry for each domain you wish Prosody to serve. -- Settings under each VirtualHost entry apply *only* to that host.