Matthew Wild <mwild1@gmail.com> [Mon, 17 Jan 2022 14:11:45 +0000] rev 12197
mod_storage_xep0227: Fix file export (missing parameter) from refactor in 270047afa6af
Kim Alvefur <zash@zash.se> [Sat, 15 Jan 2022 17:37:07 +0100] rev 12196
mod_http: Increase severity of loading unreachable http modules
This is either caused by an earlier failure to bind http/s ports, in
which case that should be corrected, or explicitly disbling the http/s
ports, in which case ... why enable http modules?
Suggested by jonas’
Kim Alvefur <zash@zash.se> [Sat, 27 Nov 2021 12:26:15 +0100] rev 12195
mod_http: Skip querying portmanager when http_external_url when is set
When http_external_url is set then the portmanager usage only really
serves as a check of whether any http service is enabled at all.
Should allow generating an URL from prosodyctl when http_external_url is
set.
Kim Alvefur <zash@zash.se> [Sat, 15 Jan 2022 16:25:25 +0100] rev 12194
util.jid: Explicitly check for nil rather than falsy
A boolean false should blow up.
Jonas Schäfer <jonas@wielicki.name> [Sat, 15 Jan 2022 15:40:29 +0100] rev 12193
mod_storage_xep0227: treat roster metadata pseudo-entry correctly
The roster version is stored in a pseudo-item which has the key `false`.
The if condition in the touched code attempts to guard against this, but
it does not take into account that the jid prepping returns nil instead
of false.
By moving the jid prepping into the if, we can check for the metadata
entry safely.
Jonas Schäfer <jonas@wielicki.name> [Sat, 15 Jan 2022 15:39:13 +0100] rev 12192
mod_storage_xep0227: be defensive against empty vCard
An empty vCard store may look like the empty table, which does not have
the `attr` key, which would then blow up in util.stanza.deserialize.
Kim Alvefur <zash@zash.se> [Sat, 15 Jan 2022 15:13:41 +0100] rev 12191
mod_http: Limit unencrypted http port (5280) to loopback by default
Since accessing this port directly over the wider Internet is unlikely
to intentional anymore. Most uses will likely be by reverse proxies, by
mistake or because of trouble configuring HTTPS.
Blocking mistaken uses is just a good thing, letting users send
potentially private things unencrypted tends to be Strongly Discouraged
these days.
Many reverse proxy setups operate over loopback, so listening there
instead of all interfaces is a net improvement.
Improved automatic certificate location and SNI support has mostly
eliminated the need for manual certificate configuration so HTTPS should
Just Work once certificates have been provided.
For local testing during development, connecting over loopback is likely
fine as well. When really needed, `http_interfaces` can still be set.
Suggested by Link Mauve
Kim Alvefur <zash@zash.se> [Sat, 15 Jan 2022 09:09:24 +0100] rev 12190
mod_cron: Allow for a small amount of timer drift
If the timer activates a bit early then a task might be just a few
seconds short of being allowed to run. This would run such a task rather
than wait another hour.
The value 0.5% chosen so that a weekly task does not run an entire hour
earlier than last time.
Matthew Wild <mwild1@gmail.com> [Fri, 14 Jan 2022 17:00:13 +0000] rev 12189
mod_storage_xep0227: Fix luacheck warnings
Matthew Wild <mwild1@gmail.com> [Fri, 14 Jan 2022 16:57:19 +0000] rev 12188
mod_storage_xep0227: Add API to iterate all stores of a user