Kim Alvefur <zash@zash.se> [Sat, 22 Apr 2023 12:44:53 +0200] rev 13086
util.jsonschema: Enable passing IEEE 754 equality test
Kim Alvefur <zash@zash.se> [Sat, 22 Apr 2023 12:13:38 +0200] rev 13085
util.jsonschema: Fix NYI 'patternProperties' definition
It's defined as an object mapping regex to schema, not a single schema
Kim Alvefur <zash@zash.se> [Wed, 19 Apr 2023 12:03:34 +0200] rev 13084
util.error: Add test for #1805
Checks that it doesn't fail on a stanza without <error> tag
Kim Alvefur <zash@zash.se> [Wed, 19 Apr 2023 11:42:36 +0200] rev 13083
Merge 0.12->trunk
Kim Alvefur <zash@zash.se> [Wed, 19 Apr 2023 11:32:53 +0200] rev 13082
util.error: Fix error on conversion of invalid error stanza, fix #1805
Error stanzas should have an <error> element, but if you pass a
stanza without one to util.error.from_stanza() it triggers an attempt to
index a nil value, which this patch avoids.
In the conditional, it should be safe to assume error_tag is non-nil
since condition can't have those values then.
Kim Alvefur <zash@zash.se> [Thu, 06 Apr 2023 17:09:03 +0200] rev 13081
mod_admin_shell: Fix display of remote cert status when expired etc
Looks like autocomplete unhelpfully capitalized this word, but it's
lowercase where it is set in mod_s2s_auth_certs
Kim Alvefur <zash@zash.se> [Wed, 19 Apr 2023 11:14:11 +0200] rev 13080
mod_tls: Drop request for client certificates on outgoing connections
It is the other end who should request client certificates for these
connections, we only need to send ours. Hopefully this was treated as a
noop, so probably no harm in keeping it. But hey, spring cleaning? :)
Kim Alvefur <zash@zash.se> [Sun, 16 Apr 2023 12:47:55 +0200] rev 13079
mod_csi: Always advertise feature
Was previously supposed to be conditionally advertised based on
availability of a module handling the actual optimizations, which was
removed in be9ac41f1619
Kim Alvefur <zash@zash.se> [Wed, 12 Apr 2023 11:43:32 +0200] rev 13078
mod_tokenauth: Fix parsing binary part of tokens
Fixes parsing of tokens that happen to have a `;` in their secret part,
otherwise it splits there and the later bit goes into the username and
hitting the "Invalid token in storage" condition.
Kim Alvefur <zash@zash.se> [Wed, 12 Apr 2023 10:21:32 +0200] rev 13077
mod_tokenauth: Only check if expiry of expiring tokens
Some tokens, e.g. OAuth2 refresh tokens, might not have their lifetime
explicitly bounded here, but rather be bounded by the lifetime of
something else, like the OAuth2 client.
Open question: Would it be better to enforce a lifetime on all tokens?