Matthew Wild <mwild1@gmail.com> [Fri, 24 Jun 2022 17:03:28 +0100] rev 12698
util.paseto: Implementation of PASETO v4.public tokens
PASETO provides an alternative to JWT with the promise of fewer implementation
pitfalls. The v4.public algorithm allows asymmetric cryptographically-verified
token issuance and validation.
In summary, such tokens can be issued by one party and securely verified by
any other party independently using the public key of the issuer. This has a
number of potential applications in a decentralized network and ecosystem such
as XMPP. For example, such tokens could be combined with XEP-0317 to allow
hats to be verified even in the context of a third-party MUC service.
Matthew Wild <mwild1@gmail.com> [Fri, 24 Jun 2022 16:56:16 +0100] rev 12697
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Specifically, ED25519 key generation/import/export, sign/verify operations,
and AES encrypt/decrypt.
Matthew Wild <mwild1@gmail.com> [Fri, 01 Jul 2022 15:11:08 +0100] rev 12696
util-src: Add new utility header managed_pointer.h
The macros in this header allow creation of GC-managed objects from manually-
managed C alloc/free APIs.
Matthew Wild <mwild1@gmail.com> [Mon, 29 Aug 2022 15:58:51 +0100] rev 12695
mod_smacks: Set session.smacks after sending <enabled/> to fix traceback
...with opportunistic writes enabled.
Kim Alvefur <zash@zash.se> [Mon, 29 Aug 2022 11:47:31 +0200] rev 12694
core.moduleapi: Check for local role-aware sessions before e.g. s2s
The condition checked for s2sin but not s2sout, so would have ignored
bidi-enabled s2sout sessions. Components as well.
Matthew Wild <mwild1@gmail.com> [Mon, 29 Aug 2022 15:48:07 +0100] rev 12693
mod_smacks: Use new :add_error() in last remaining error result construction
Matthew Wild <mwild1@gmail.com> [Mon, 29 Aug 2022 15:45:52 +0100] rev 12692
mod_smacks: Split enable handling to stages, to allow easier SASL2 integration
Matthew Wild <mwild1@gmail.com> [Mon, 29 Aug 2022 14:59:46 +0100] rev 12691
util.stanza: Add add_error() to simplify adding error tags to existing stanzas
Some fiddling is required now in error_reply() to ensure the cursor is in the
same place as before this change (a lot of code apparently uses that feature).
Matthew Wild <mwild1@gmail.com> [Sun, 28 Aug 2022 07:51:50 +0100] rev 12690
mod_component: Require 'from' attribute on stanzas by default
The old behaviour of falling back to the component domain when it is missing
has been merged into the logic for the existing "validate_from_addresses"
option (which is strict by default).
ejabberd already rejects component stanzas with no 'from' (as the XEP
requires), and this has led to compatibility issues for components that were
seemingly working fine with Prosody.
Kim Alvefur <zash@zash.se> [Sat, 27 Aug 2022 17:19:13 +0200] rev 12689
mod_external_services: Update tools.ietf.org URL
See bd9e006a7a74