Kim Alvefur <zash@zash.se> [Fri, 08 Dec 2023 20:08:35 +0100] rev 5794
mod_http_oauth2: Use color-scheme to get nice dark mode defaults
Matthew Wild <mwild1@gmail.com> [Fri, 08 Dec 2023 16:00:34 +0000] rev 5793
mod_isolate_host: Fix inverted logic in log message
Matthew Wild <mwild1@gmail.com> [Fri, 08 Dec 2023 12:45:22 +0000] rev 5792
mod_s2s_status: Add missing return (thanks Zash)
Matthew Wild <mwild1@gmail.com> [Thu, 07 Dec 2023 15:46:50 +0000] rev 5791
mod_c2s_conn_throttle: Reduce log level from error->info
Our general policy is that "error" should never be triggerable by remote
entities, and that it is always about something that requires admin
intervention. This satisfies neither condition.
The "warn" level can be used for unexpected events/behaviour triggered by
remote entities, and this could qualify. However I don't think failed auth
attempts are unexpected enough.
I selected "info" because it is what is also used for other notable session
lifecycle events.
Matthew Wild <mwild1@gmail.com> [Thu, 07 Dec 2023 15:43:47 +0000] rev 5790
mod_http_admin_api: Abort request if no valid username
Matthew Wild <mwild1@gmail.com> [Thu, 07 Dec 2023 15:43:16 +0000] rev 5789
mod_http_admin_api: Fix some luacheck warnings and code style issues
Matthew Wild <mwild1@gmail.com> [Thu, 07 Dec 2023 15:41:55 +0000] rev 5788
mod_http_admin_api: Support PATCH for user enabled status
Matthew Wild <mwild1@gmail.com> [Thu, 07 Dec 2023 15:41:18 +0000] rev 5787
mod_http_admin_api: Support for setting user account enabled status
Matthew Wild <mwild1@gmail.com> [Thu, 07 Dec 2023 15:30:41 +0000] rev 5786
mod_http_admin_api: Only include user deletion_request if account is disabled
Matthew Wild <mwild1@gmail.com> [Thu, 07 Dec 2023 15:30:01 +0000] rev 5785
mod_http_admin_api: Return avatar metadata from get_user_info()
Matthew Wild <mwild1@gmail.com> [Thu, 07 Dec 2023 13:02:36 +0000] rev 5784
mod_audit_auth: Improve user-agent building (fixes traceback)
Matthew Wild <mwild1@gmail.com> [Wed, 06 Dec 2023 19:13:26 +0000] rev 5783
mod_http_admin_api: Include information about pending deletion request, if any
Matthew Wild <mwild1@gmail.com> [Wed, 06 Dec 2023 15:50:46 +0000] rev 5782
mod_measure_active_users: Use the new mod_lastlog2 API
Matthew Wild <mwild1@gmail.com> [Wed, 06 Dec 2023 15:45:44 +0000] rev 5781
mod_measure_active_users: Exclude disabled user accounts from counts
...if usermanager exposes that API (it's in trunk, not 0.12).
Matthew Wild <mwild1@gmail.com> [Wed, 06 Dec 2023 15:07:09 +0000] rev 5780
mod_lastlog2: Fix to interpret stored data structure correctly
Matthew Wild <mwild1@gmail.com> [Wed, 06 Dec 2023 12:14:12 +0000] rev 5779
mod_http_admin_api: Include user account status and activity in get_user_info
Matthew Wild <mwild1@gmail.com> [Wed, 06 Dec 2023 12:12:37 +0000] rev 5778
mod_lastlog2: Expose API to query the last active time of a user
Matthew Wild <mwild1@gmail.com> [Tue, 05 Dec 2023 12:39:00 +0000] rev 5777
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Kim Alvefur <zash@zash.se> [Mon, 04 Dec 2023 21:38:27 +0100] rev 5776
mod_log_sasl_mech: Handle auth event from other than mod_saslauth
E.g. mod_http_oauth2
Kim Alvefur <zash@zash.se> [Mon, 04 Dec 2023 21:36:35 +0100] rev 5775
mod_http_oauth2: Add logger to "session" for auth event
So many assumptions in so many other modules about auth-success/fail
Kim Alvefur <zash@zash.se> [Mon, 04 Dec 2023 21:07:54 +0100] rev 5774
mod_http_oauth2: Move some code earlier
Kim Alvefur <zash@zash.se> [Mon, 04 Dec 2023 00:23:19 +0100] rev 5773
mod_restrict_xmpp: Allow all XEP-0199 pings to self
No permission to send a ping without a 'to' attribute?
Kim Alvefur <zash@zash.se> [Mon, 04 Dec 2023 00:08:27 +0100] rev 5772
mod_restrict_xmpp/README: Fix definition list rendering
Pandoc wants a blank line between items.
Kim Alvefur <zash@zash.se> [Sun, 03 Dec 2023 23:51:54 +0100] rev 5771
mod_http_oauth2: Reject unparsable URLs
This used to be caught by luaPattern=https:// in the schema but that's
been removed for some reason
Kim Alvefur <zash@zash.se> [Sun, 03 Dec 2023 23:44:18 +0100] rev 5770
mod_http_oauth2: Return validation output added in trunk rev 72d7830505f0
It's not fun at all to try to register a client and only get back
"failed schema validation", this should help with that.
Kim Alvefur <zash@zash.se> [Sun, 03 Dec 2023 21:25:39 +0100] rev 5769
mod_s2s_smacks_timeout: Add note about being merged in trunk mod_s2s
Kim Alvefur <zash@zash.se> [Sun, 03 Dec 2023 15:07:50 +0100] rev 5768
mod_http_oauth2: Handle login_hint without @hostpart
Makes life easier for the client when it does not know the full JID,
which might not have the same hostpart as the authorization server URL.
Kim Alvefur <zash@zash.se> [Sat, 02 Dec 2023 13:35:29 +0100] rev 5767
mod_audit: Fix querying for both user and global events
Forgot to fix this before I pushed
Kim Alvefur <zash@zash.se> [Sat, 02 Dec 2023 13:26:31 +0100] rev 5766
mod_storage_s3: Fix mapping archive query limit to ?max-keys=
Kim Alvefur <zash@zash.se> [Sat, 02 Dec 2023 12:30:28 +0100] rev 5765
mod_audit: Fix error due to sub-second precision timestamps
os.date() does not handle them
Kim Alvefur <zash@zash.se> [Sat, 02 Dec 2023 12:23:15 +0100] rev 5764
mod_storage_s3: Remove wrapper and original timestamp from payload (BC)
Unpacking the wrapper was already removed in 66986f5271c3 so it was
broken already.
Just rely on the Last-Modified date instead, it's not going to be
accurate if a different timestamp is passed, e.g. with migrations, but
that will have to be a future problem.
Perhaps the X-Amz-Meta-* can be used?
Kim Alvefur <zash@zash.se> [Sat, 02 Dec 2023 12:21:26 +0100] rev 5763
mod_storage_s3: Fix sorting items by correct field
Kim Alvefur <zash@zash.se> [Sat, 02 Dec 2023 12:20:36 +0100] rev 5762
mod_storage_s3: Fix passing of prefixes, should not be urlencoded
Kim Alvefur <zash@zash.se> [Sat, 02 Dec 2023 11:48:19 +0100] rev 5761
mod_audit: Update command to handle storing JIDs instead of only usernames
Kim Alvefur <zash@zash.se> [Sat, 02 Dec 2023 11:18:57 +0100] rev 5760
mod_client_management: Include session in the other new-client event too
Kim Alvefur <zash@zash.se> [Sat, 02 Dec 2023 11:10:43 +0100] rev 5759
luacheckrc: Replace deprecated module:once with :on_ready
So that :once is warned about properly.
module:once was only added in trunk so it shouldn't have gotten very far
yet.
Kim Alvefur <zash@zash.se> [Sat, 02 Dec 2023 11:07:23 +0100] rev 5758
mod_restrict_xmpp: Add vcard4 PEP node to profile permission
Kim Alvefur <zash@zash.se> [Sat, 02 Dec 2023 11:06:47 +0100] rev 5757
mod_client_management: Include session in new-client event
Needed by mod_audit_auth
Kim Alvefur <zash@zash.se> [Fri, 01 Dec 2023 22:40:41 +0100] rev 5756
mod_http_oauth2: Fire authentication events on login form
For e.g. mod_audit_auth to use.
A bit hacky because upon review many modules don't seem to handle the
lack of an XMPP session in the event payload.
Kim Alvefur <zash@zash.se> [Fri, 01 Dec 2023 21:35:25 +0100] rev 5755
mod_http_oauth2: Comment on authorization code storage
Kim Alvefur <zash@zash.se> [Fri, 01 Dec 2023 21:32:33 +0100] rev 5754
mod_audit_tokens: Record events fired by mod_tokenauth in audit log
Matthew Wild <mwild1@gmail.com> [Fri, 01 Dec 2023 11:59:02 +0000] rev 5753
mod_audit_auth: Add audit record when a client connects that has not been seen before
Matthew Wild <mwild1@gmail.com> [Fri, 01 Dec 2023 11:34:52 +0000] rev 5752
mod_audit_auth: Ignore FAST authentication events by default
FAST is more like a cookie that allows linking new connections to a previous
(e.g. password) authentication. Since we assume that FAST tokens are secure
(not user generated) and not shareable, it reduces a lot of noise by filtering
out uninteresting authentication events.
Matthew Wild <mwild1@gmail.com> [Thu, 30 Nov 2023 18:05:42 +0000] rev 5751
mod_restrict_xmpp: Fix remaining hard-coded role name
Matthew Wild <mwild1@gmail.com> [Thu, 30 Nov 2023 17:59:47 +0000] rev 5750
mod_audit: Update README with new name of mod_audit_register
Matthew Wild <mwild1@gmail.com> [Thu, 30 Nov 2023 17:59:08 +0000] rev 5749
mod_audit_user_accounts: Renamed from mod_audit_register
Matthew Wild <mwild1@gmail.com> [Thu, 30 Nov 2023 17:51:27 +0000] rev 5748
mod_audit_register: Support for deregister and enable/disable events
Matthew Wild <mwild1@gmail.com> [Wed, 29 Nov 2023 12:14:49 +0000] rev 5747
mod_audit_status: Support writing heartbeat with async storage drivers
Kim Alvefur <zash@zash.se> [Wed, 29 Nov 2023 11:14:21 +0100] rev 5746
mod_storage_xmlarchive: Support using requested archive-id
However diverging from the date-prefixed format means it will need to
look through the whole archive to find a particular ID.
Kim Alvefur <zash@zash.se> [Tue, 28 Nov 2023 19:55:43 +0100] rev 5745
mod_storage_xmlarchive: Pass hostname to converter for converting all users
Kim Alvefur <zash@zash.se> [Tue, 28 Nov 2023 19:48:34 +0100] rev 5744
mod_storage_xmlarchive: Migrate all users/rooms if no JID argument given
Kim Alvefur <zash@zash.se> [Mon, 27 Nov 2023 17:16:15 +0100] rev 5743
misc: Add a basic grafterm dashboard
For those of us who would rather have less JavaScript
Kim Alvefur <zash@zash.se> [Mon, 27 Nov 2023 17:14:36 +0100] rev 5742
misc: Add a Grafana dashboard
Kim Alvefur <zash@zash.se> [Mon, 27 Nov 2023 14:27:35 +0100] rev 5741
mod_storage_s3: Sort archive items by LastModified
Otherwise they would get sorted by who knows what, probably the path.
Also not sure if the timestamp comparisons were correct before.
Kim Alvefur <zash@zash.se> [Mon, 27 Nov 2023 09:30:04 +0100] rev 5740
mod_storage_s3: Reorder path components (BC: invalidates any existing data)
keyvalue: /bucket/hostname/username/store
archive: /bucket/hostname/username/store/yyyy-mm-dd/with/key
Kim Alvefur <zash@zash.se> [Mon, 27 Nov 2023 09:28:28 +0100] rev 5739
mod_storage_s3: Fix querying for basic MAM parameters
I guess I was planning to hash the 'with' part but changed my mind half
way through implementing and also never tested this.
Kim Alvefur <zash@zash.se> [Mon, 27 Nov 2023 07:10:06 +0100] rev 5738
luacheck: Add new module API methods from trunk
See
* trunk rev 4d4f9e42bcf8
* trunk rev 65fb0d7a2312
* trunk rev c9ef35fab0b1
Kim Alvefur <zash@zash.se> [Sun, 26 Nov 2023 22:44:01 +0100] rev 5737
mod_storage_s3: Implement search for set of IDs
This together with the full id range query enables support for
urn:xmpp:mam:2#extended in mod_mam
Kim Alvefur <zash@zash.se> [Sun, 26 Nov 2023 22:29:21 +0100] rev 5736
mod_storage_s3: Advertise full id range archive query capability
Kim Alvefur <zash@zash.se> [Sun, 26 Nov 2023 21:51:12 +0100] rev 5735
mod_audit: Use new module API for period/time ranges
It was added around the same time as the parse_duration function