Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package prosody for openSUSE:Factory checked in at 2023-09-07 21:13:19 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/prosody (Old) and /work/SRC/openSUSE:Factory/.prosody.new.1766 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "prosody" Thu Sep 7 21:13:19 2023 rev:36 rq:1109423 version:0.12.4 Changes: -------- --- /work/SRC/openSUSE:Factory/prosody/prosody.changes 2023-02-22 15:21:43.613909044 +0100 +++ /work/SRC/openSUSE:Factory/.prosody.new.1766/prosody.changes 2023-09-07 21:14:35.709282192 +0200 @@ -1,0 +2,26 @@ +Thu Sep 7 06:33:41 UTC 2023 - Michael Vetter <[email protected]> + +- Update to 0.12.4: + * core.certmanager: Update Mozilla TLS config to version 5.7 + * util.error: Fix error on conversion of invalid error stanza #1805 + * util.array: Fix new() library function + * util.array: Expose new() on module table + * prosodyctl: Fix output of error messages containing â%â + * util.prosodyctl.check: Correct suggested replacement for âdisallow_s2sâ + * util.prosodyctl.check: Allow same config syntax variants as in Prosody for some options #896 + * util.prosodyctl.check: Fix error where hostname canât be turned into A label + * util.prosodyctl.check: Hint about the âexternal_addressesâ config option + * util.prosodyctl.check: Suggest âhttp_cors_overrideâ instead of older CORS settings + * util.prosodyctl.check: Validate format of module list options + * mod_websocket: Add a âpre-session-closeâ event #1800 + * mod_smacks: Fix stray watchdog closing sessions + * mod_csi_simple: Disable revert-to-inactive timer when going to active mode + * mod_csi_simple: Clear delayed active mode timer on disable + * mod_admin_shell: Fix display of remote cert status when expired etc + * mod_smacks: Replace existing watchdog when starting hibernation + * mod_http: Fix error if âaccess_control_allow_originsâ is set + * mod_pubsub: Send correct âjidâ attribute in disco#items + * mod_http: Unhook CORS handlers only if active to fix an error #1801 + * mod_s2s: Add event where resolver for s2sout can be tweaked + +------------------------------------------------------------------- Old: ---- prosody-0.12.3.tar.gz prosody-0.12.3.tar.gz.asc New: ---- prosody-0.12.4.tar.gz prosody-0.12.4.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ prosody.spec ++++++ --- /var/tmp/diff_new_pack.qu1rgP/_old 2023-09-07 21:14:37.389342250 +0200 +++ /var/tmp/diff_new_pack.qu1rgP/_new 2023-09-07 21:14:37.393342393 +0200 @@ -18,7 +18,7 @@ %define _piddir /run Name: prosody -Version: 0.12.3 +Version: 0.12.4 Release: 0 Summary: Communications server for Jabber/XMPP License: MIT ++++++ prosody-0.12.3.tar.gz -> prosody-0.12.4.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prosody-0.12.3/.hg_archival.txt new/prosody-0.12.4/.hg_archival.txt --- old/prosody-0.12.3/.hg_archival.txt 2023-02-21 11:07:08.120425311 +0100 +++ new/prosody-0.12.4/.hg_archival.txt 2023-09-05 19:49:56.840763501 +0200 @@ -1,4 +1,4 @@ repo: 3e3171b59028ee70122cfec6ecf98f518f946b59 -node: 0598d822614f6637a5baaec78570db025c76f722 +node: a2ba3f06dcf44b713b65355351653826cccea59c branch: 0.12 -tag: 0.12.3 +tag: 0.12.4 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prosody-0.12.3/core/certmanager.lua new/prosody-0.12.4/core/certmanager.lua --- old/prosody-0.12.3/core/certmanager.lua 2023-02-21 11:07:08.120425311 +0100 +++ new/prosody-0.12.4/core/certmanager.lua 2023-09-05 19:49:56.840763501 +0200 @@ -240,7 +240,7 @@ local mozilla_ssl_configs = { -- https://wiki.mozilla.org/Security/Server_Side_TLS - -- Version 5.6 as of 2021-12-26 + -- Version 5.7 as of 2023-07-09 modern = { protocol = "tlsv1_3"; options = { cipher_server_preference = false }; @@ -261,6 +261,7 @@ "ECDHE-RSA-CHACHA20-POLY1305"; "DHE-RSA-AES128-GCM-SHA256"; "DHE-RSA-AES256-GCM-SHA384"; + "DHE-RSA-CHACHA20-POLY1305"; }; curveslist = { "X25519"; "prime256v1"; "secp384r1" }; ciphersuites = { "TLS_AES_128_GCM_SHA256"; "TLS_AES_256_GCM_SHA384"; "TLS_CHACHA20_POLY1305_SHA256" }; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prosody-0.12.3/core/features.lua new/prosody-0.12.4/core/features.lua --- old/prosody-0.12.3/core/features.lua 2023-02-21 11:07:08.120425311 +0100 +++ new/prosody-0.12.4/core/features.lua 2023-09-05 19:49:56.840763501 +0200 @@ -4,5 +4,7 @@ available = set.new{ -- mod_bookmarks bundled "mod_bookmarks"; + + "s2sout-pre-connect-event"; }; }; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prosody-0.12.3/plugins/mod_admin_shell.lua new/prosody-0.12.4/plugins/mod_admin_shell.lua --- old/prosody-0.12.3/plugins/mod_admin_shell.lua 2023-02-21 11:07:08.120425311 +0100 +++ new/prosody-0.12.4/plugins/mod_admin_shell.lua 2023-09-05 19:49:56.840763501 +0200 @@ -829,7 +829,7 @@ width = 11; mapper = function(cert_status, session) if cert_status then return capitalize(cert_status); end - if session.cert_chain_status == "Invalid" then + if session.cert_chain_status == "invalid" then local cert_errors = set.new(session.cert_chain_errors[1]); if cert_errors:contains("certificate has expired") then return "Expired"; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prosody-0.12.3/plugins/mod_csi_simple.lua new/prosody-0.12.4/plugins/mod_csi_simple.lua --- old/prosody-0.12.3/plugins/mod_csi_simple.lua 2023-02-21 11:07:08.120425311 +0100 +++ new/prosody-0.12.4/plugins/mod_csi_simple.lua 2023-09-05 19:49:56.840763501 +0200 @@ -161,6 +161,10 @@ session.conn:pause_writes(); session.csi_measure_buffer_hold = measure_buffer_hold(); session.csi_counter = 0; + if session.csi_resume then + timer.stop(session.csi_resume); + session.csi_resume = nil; + end filters.add_filter(session, "stanzas/out", manage_buffer); filters.add_filter(session, "bytes/in", flush_buffer); else @@ -172,6 +176,10 @@ filters.remove_filter(session, "stanzas/out", manage_buffer); filters.remove_filter(session, "bytes/in", flush_buffer); session.csi_counter = nil; + if session.csi_resume then + timer.stop(session.csi_resume); + session.csi_resume = nil; + end if session.csi_measure_buffer_hold then session.csi_measure_buffer_hold(); session.csi_measure_buffer_hold = nil; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prosody-0.12.3/plugins/mod_http.lua new/prosody-0.12.4/plugins/mod_http.lua --- old/prosody-0.12.3/plugins/mod_http.lua 2023-02-21 11:07:08.120425311 +0100 +++ new/prosody-0.12.4/plugins/mod_http.lua 2023-09-05 19:49:56.840763501 +0200 @@ -149,7 +149,7 @@ local app_credentials = opt_credentials; local app_origins; if opt_origins and not (opt_origins:empty() or opt_origins:contains("*")) then - opt_origins = opt_origins._items; + app_origins = opt_origins._items; end local function cors_handler(event_data) @@ -261,7 +261,9 @@ apps[event.item.name] = nil; for event_name, handlers in pairs(app_handlers) do module:unhook_object_event(server, event_name, handlers.main); - module:unhook_object_event(server, event_name, handlers.cors); + if handlers.cors then + module:unhook_object_event(server, event_name, handlers.cors); + end if event_name:sub(-2, -1) == "/*" then module:unhook_object_event(server, event_name:sub(1, -3), redir_handler, -1); @@ -269,8 +271,10 @@ module:unhook_object_event(server, event_name:sub(1, -2), redir_handler, -1); end - local options_event_name = event_name:gsub("^%S+", "OPTIONS"); - module:unhook_object_event(server, options_event_name, handlers.options); + if handlers.options then + local options_event_name = event_name:gsub("^%S+", "OPTIONS"); + module:unhook_object_event(server, options_event_name, handlers.options); + end end end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prosody-0.12.3/plugins/mod_pubsub/pubsub.lib.lua new/prosody-0.12.4/plugins/mod_pubsub/pubsub.lib.lua --- old/prosody-0.12.3/plugins/mod_pubsub/pubsub.lib.lua 2023-02-21 11:07:08.120425311 +0100 +++ new/prosody-0.12.4/plugins/mod_pubsub/pubsub.lib.lua 2023-09-05 19:49:56.840763501 +0200 @@ -309,7 +309,7 @@ end for _, id in ipairs(ret) do - reply:tag("item", { jid = service.jid or module.host, name = id }):up(); + reply:tag("item", { jid = service.config.jid or module.host, name = id }):up(); end event.exists = true; end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prosody-0.12.3/plugins/mod_s2s.lua new/prosody-0.12.4/plugins/mod_s2s.lua --- old/prosody-0.12.3/plugins/mod_s2s.lua 2023-02-21 11:07:08.120425311 +0100 +++ new/prosody-0.12.4/plugins/mod_s2s.lua 2023-09-05 19:49:56.840763501 +0200 @@ -230,6 +230,10 @@ resolver; }); end + + local pre_event = { session = host_session; resolver = resolver }; + module:context(from_host):fire_event("s2sout-pre-connect", pre_event); + resolver = pre_event.resolver; connect(resolver, listener, nil, { session = host_session }); m_initiated_connections:with_labels(from_host):add(1) return true; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prosody-0.12.3/plugins/mod_smacks.lua new/prosody-0.12.4/plugins/mod_smacks.lua --- old/prosody-0.12.3/plugins/mod_smacks.lua 2023-02-21 11:07:08.120425311 +0100 +++ new/prosody-0.12.4/plugins/mod_smacks.lua 2023-09-05 19:49:56.840763501 +0200 @@ -474,7 +474,16 @@ if session.hibernating then return end session.hibernating = os_time(); - session.hibernating_watchdog = watchdog.new(resume_timeout, function() + if session.hibernating_watchdog then + session.log("debug", "Session already has a sleeping watchdog, replacing it"); + session.hibernating_watchdog:cancel(); + end + session.hibernating_watchdog = watchdog.new(resume_timeout, function(this_dog) + if this_dog ~= session.hibernating_watchdog then + -- This really shouldn't happen? + session.log("debug", "Releasing a stray watchdog"); + return + end session.log("debug", "mod_smacks hibernation timeout reached..."); if session.destroyed then session.log("debug", "The session has already been destroyed"); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prosody-0.12.3/prosody.release new/prosody-0.12.4/prosody.release --- old/prosody-0.12.3/prosody.release 2023-02-21 11:07:08.120425311 +0100 +++ new/prosody-0.12.4/prosody.release 2023-09-05 19:49:56.840763501 +0200 @@ -1 +1 @@ -0.12.3 +0.12.4 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prosody-0.12.3/prosodyctl new/prosody-0.12.4/prosodyctl --- old/prosody-0.12.3/prosodyctl 2023-02-21 11:07:08.120425311 +0100 +++ new/prosody-0.12.4/prosodyctl 2023-09-05 19:49:56.840763501 +0200 @@ -669,7 +669,7 @@ end os.exit(0, true); -- :) else - show_message("Failed to execute command: "..error_messages[ret]); + show_message("Failed to execute command: %s", error_messages[ret]); os.exit(1); -- :( end end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prosody-0.12.3/spec/util_array_spec.lua new/prosody-0.12.4/spec/util_array_spec.lua --- old/prosody-0.12.3/spec/util_array_spec.lua 2023-02-21 11:07:08.120425311 +0100 +++ new/prosody-0.12.4/spec/util_array_spec.lua 2023-09-05 19:49:56.840763501 +0200 @@ -1,6 +1,13 @@ local array = require "util.array"; describe("util.array", function () describe("creation", function () + describe("new", function () + it("works", function () + local a = array.new({"a", "b", "c"}); + assert.same({"a", "b", "c"}, a); + end); + end); + describe("from table", function () it("works", function () local a = array({"a", "b", "c"}); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prosody-0.12.3/util/array.lua new/prosody-0.12.4/util/array.lua --- old/prosody-0.12.3/util/array.lua 2023-02-21 11:07:08.120425311 +0100 +++ new/prosody-0.12.4/util/array.lua 2023-09-05 19:49:56.840763501 +0200 @@ -35,6 +35,10 @@ return setmetatable(t or {}, array_mt); end +function array.new(t) + return setmetatable(t or {}, array_mt); +end + function array_mt.__add(a1, a2) local res = new_array(); return res:append(a1):append(a2); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prosody-0.12.3/util/error.lua new/prosody-0.12.4/util/error.lua --- old/prosody-0.12.3/util/error.lua 2023-02-21 11:07:08.120425311 +0100 +++ new/prosody-0.12.4/util/error.lua 2023-09-05 19:49:56.840763501 +0200 @@ -141,7 +141,7 @@ local error_tag = stanza:get_child("error"); context = context or {}; context.stanza = stanza; - context.by = error_tag.attr.by or stanza.attr.from; + context.by = error_tag and error_tag.attr.by or stanza.attr.from; local uri; if condition == "gone" or condition == "redirect" then diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prosody-0.12.3/util/prosodyctl/check.lua new/prosody-0.12.4/util/prosodyctl/check.lua --- old/prosody-0.12.3/util/prosodyctl/check.lua 2023-02-21 11:07:08.120425311 +0100 +++ new/prosody-0.12.4/util/prosodyctl/check.lua 2023-09-05 19:49:56.840763501 +0200 @@ -1,4 +1,5 @@ local configmanager = require "core.configmanager"; +local moduleapi = require "core.moduleapi"; local show_usage = require "util.prosodyctl".show_usage; local show_warning = require "util.prosodyctl".show_warning; local is_prosody_running = require "util.prosodyctl".isrunning; @@ -11,6 +12,10 @@ local async = require "util.async"; local httputil = require "util.http"; +local function api(host) + return setmetatable({ name = "prosodyctl.check"; host = host; log = prosody.log }, { __index = moduleapi }) +end + local function check_ojn(check_type, target_host) local http = require "net.http"; -- .new({}); local json = require "util.json"; @@ -317,8 +322,8 @@ end if not what or what == "disabled" then local disabled_hosts_set = set.new(); - for host, host_options in it.filter("*", pairs(configmanager.getconfig())) do - if host_options.enabled == false then + for host in it.filter("*", pairs(configmanager.getconfig())) do + if api(host):get_option_boolean("enabled") == false then disabled_hosts_set:add(host); end end @@ -341,8 +346,6 @@ local obsolete = set.new({ --> remove "archive_cleanup_interval", - "cross_domain_bosh", - "cross_domain_websocket", "dns_timeout", "muc_log_cleanup_interval", "s2s_dns_resolvers", @@ -366,7 +369,7 @@ local deprecated_replacements = { anonymous_login = instead_use("option", "authentication", "anonymous"); daemonize = "instead, use the --daemonize/-D or --foreground/-F command line flags"; - disallow_s2s = instead_use("module", "s2s"); + disallow_s2s = instead_use("module", "s2s", "modules_disabled"); no_daemonize = "instead, use the --daemonize/-D or --foreground/-F command line flags"; require_encryption = "instead, use 'c2s_require_encryption' and 's2s_require_encryption'"; vcard_compatibility = instead_use("community", "mod_compat_vcard"); @@ -375,6 +378,8 @@ registration_whitelist = instead_use("option", "registration_allowlist"); registration_blacklist = instead_use("option", "registration_blocklist"); blacklist_on_registration_throttle_overload = instead_use("blocklist_on_registration_throttle_overload"); + cross_domain_bosh = "instead, use 'http_cors_override', see https://prosody.im/doc/http#cross-domain-cors-support";; + cross_domain_websocket = "instead, use 'http_cors_override', see https://prosody.im/doc/http#cross-domain-cors-support";; }; -- FIXME all the singular _port and _interface options are supposed to be deprecated too local deprecated_ports = { bosh = "http", legacy_ssl = "c2s_direct_tls" }; @@ -457,6 +462,7 @@ "websocket_get_response_text", }); local config = configmanager.getconfig(); + local global = api("*"); -- Check that we have any global options (caused by putting a host at the top) if it.count(it.filter("log", pairs(config["*"]))) == 0 then ok = false; @@ -490,8 +496,36 @@ print(); end + local function validate_module_list(host, name, modules) + if modules == nil then + return -- okay except for global section, checked separately + end + local t = type(modules) + if t ~= "table" then + print(" The " .. name .. " in the " .. host .. " section should not be a " .. t .. " but a list of strings, e.g."); + print(" " .. name .. " = { \"name_of_module\", \"another_plugin\", }") + print() + ok = false + return + end + for k, v in pairs(modules) do + if type(k) ~= "number" or type(v) ~= "string" then + print(" The " .. name .. " in the " .. host .. " section should not be a map of " .. type(k) .. " to " .. type(v) + .. " but a list of strings, e.g."); + print(" " .. name .. " = { \"name_of_module\", \"another_plugin\", }") + ok = false + break + end + end + end + + for host, options in enabled_hosts() do + validate_module_list(host, "modules_enabled", options.modules_enabled); + validate_module_list(host, "modules_disabled", options.modules_disabled); + end + do -- Check for modules enabled both normally and as components - local modules = set.new(config["*"]["modules_enabled"]); + local modules = global:get_option_set("modules_enabled"); for host, options in enabled_hosts() do local component_module = options.component_module; if component_module and modules:contains(component_module) then @@ -619,10 +653,10 @@ elseif all_options:contains("s2s_secure_domains") then local secure_domains = set.new(); for host in enabled_hosts() do - if config[host].s2s_secure_auth == true then + if api(host):get_option_boolean("s2s_secure_auth") then secure_domains:add("*"); else - secure_domains:include(set.new(config[host].s2s_secure_domains)); + secure_domains:include(api(host):get_option_set("s2s_secure_domains", {})); end end if not secure_domains:empty() then @@ -641,16 +675,16 @@ end do - local global_modules = set.new(config["*"].modules_enabled); local registration_enabled_hosts = {}; for host in enabled_hosts() do - local host_modules = set.new(config[host].modules_enabled) + global_modules; - local allow_registration = config[host].allow_registration; + local host_modules, component = modulemanager.get_modules_for_host(host); + local hostapi = api(host); + local allow_registration = hostapi:get_option_boolean("allow_registration", false); local mod_register = host_modules:contains("register"); local mod_register_ibr = host_modules:contains("register_ibr"); local mod_invites_register = host_modules:contains("invites_register"); - local registration_invite_only = config[host].registration_invite_only; - local is_vhost = not config[host].component_module; + local registration_invite_only = hostapi:get_option_boolean("registration_invite_only", true); + local is_vhost = not component; if is_vhost and (mod_register_ibr or (mod_register and allow_registration)) and not (mod_invites_register and registration_invite_only) then table.insert(registration_enabled_hosts, host); @@ -672,16 +706,17 @@ local orphan_components = {}; local referenced_components = set.new(); local enabled_hosts_set = set.new(); - for host, host_options in it.filter("*", pairs(configmanager.getconfig())) do - if host_options.enabled ~= false then + for host in it.filter("*", pairs(configmanager.getconfig())) do + local hostapi = api(host); + if hostapi:get_option_boolean("enabled", true) then enabled_hosts_set:add(host); - for _, disco_item in ipairs(host_options.disco_items or {}) do + for _, disco_item in ipairs(hostapi:get_option_array("disco_items", {})) do referenced_components:add(disco_item[1]); end end end - for host, host_config in it.filter(skip_bare_jid_hosts, enabled_hosts()) do - local is_component = not not host_config.component_module; + for host in it.filter(skip_bare_jid_hosts, enabled_hosts()) do + local is_component = not not select(2, modulemanager.get_modules_for_host(host)); if is_component then local parent_domain = host:match("^[^.]+%.(.+)$"); local is_orphan = not (enabled_hosts_set:contains(parent_domain) or referenced_components:contains(host)); @@ -713,14 +748,19 @@ end) local idna = require "util.encodings".idna; local ip = require "util.ip"; - local c2s_ports = set.new(configmanager.get("*", "c2s_ports") or {5222}); - local s2s_ports = set.new(configmanager.get("*", "s2s_ports") or {5269}); - local c2s_tls_ports = set.new(configmanager.get("*", "c2s_direct_tls_ports") or {}); - local s2s_tls_ports = set.new(configmanager.get("*", "s2s_direct_tls_ports") or {}); - - if set.new(configmanager.get("*", "modules_enabled")):contains("net_multiplex") then - local multiplex_ports = set.new(configmanager.get("*", "ports") or {}); - local multiplex_tls_ports = set.new(configmanager.get("*", "ssl_ports") or {}); + local global = api("*"); + local c2s_ports = global:get_option_set("c2s_ports", {5222}); + local s2s_ports = global:get_option_set("s2s_ports", {5269}); + local c2s_tls_ports = global:get_option_set("c2s_direct_tls_ports", {}); + local s2s_tls_ports = global:get_option_set("s2s_direct_tls_ports", {}); + + local global_enabled = set.new(); + for host in enabled_hosts() do + global_enabled:include(modulemanager.get_modules_for_host(host)); + end + if global_enabled:contains("net_multiplex") then + local multiplex_ports = global:get_option_set("ports", {}); + local multiplex_tls_ports = global:get_option_set("ssl_ports", {}); if not multiplex_ports:empty() then c2s_ports = c2s_ports + multiplex_ports; s2s_ports = s2s_ports + multiplex_ports; @@ -751,16 +791,17 @@ local fqdn = socket.dns.tohostname(socket.dns.gethostname()); if fqdn then - do - local res = dns.lookup(idna.to_ascii(fqdn), "A"); + local fqdn_a = idna.to_ascii(fqdn); + if fqdn_a then + local res = dns.lookup(fqdn_a, "A"); if res then for _, record in ipairs(res) do external_addresses:add(record.a); end end end - do - local res = dns.lookup(idna.to_ascii(fqdn), "AAAA"); + if fqdn_a then + local res = dns.lookup(fqdn_a, "AAAA"); if res then for _, record in ipairs(res) do external_addresses:add(record.aaaa); @@ -780,19 +821,21 @@ end -- Allow admin to specify additional (e.g. undiscoverable) IP addresses in the config - for _, address in ipairs(configmanager.get("*", "external_addresses") or {}) do + for _, address in ipairs(global:get_option_array("external_addresses", {})) do external_addresses:add(address); end if external_addresses:empty() then print(""); print(" Failed to determine the external addresses of this server. Checks may be inaccurate."); + print(" If you know the correct external addresses you can specify them in the config like:") + print(" external_addresses = { \"192.0.2.34\", \"2001:db8::abcd:1234\" }") c2s_srv_required, s2s_srv_required = true, true; end local v6_supported = not not socket.tcp6; - local use_ipv4 = configmanager.get("*", "use_ipv4") ~= false; - local use_ipv6 = v6_supported and configmanager.get("*", "use_ipv6") ~= false; + local use_ipv4 = global:get_option_boolean("use_ipv4", true); + local use_ipv6 = global:get_option_boolean("use_ipv6", true); local function trim_dns_name(n) return (n:gsub("%.$", "")); @@ -800,7 +843,7 @@ local unknown_addresses = set.new(); - for jid, host_options in enabled_hosts() do + for jid in enabled_hosts() do local all_targets_ok, some_targets_ok = true, false; local node, host = jid_split(jid); @@ -813,7 +856,7 @@ -- FIXME Suggest concrete actionable steps to correct issues so that -- users don't have to copy-paste the message into the support chat and -- ask what to do about it. - local is_component = not not host_options.component_module; + local is_component = not not component_module; print("Checking DNS for "..(is_component and "component" or "host").." "..jid.."..."); if node then print("Only the domain part ("..host..") is used in DNS.") @@ -921,7 +964,7 @@ end if modules:contains("proxy65") then - local proxy65_target = configmanager.get(host, "proxy65_address") or host; + local proxy65_target = api(host):get_option_string("proxy65_address", host); if type(proxy65_target) == "string" then local prob = check_address(proxy65_target); if #prob > 0 then @@ -941,9 +984,9 @@ if modules:contains("http") or not set.intersection(modules, known_http_modules):empty() or contains_match(modules, "^http_") or contains_match(modules, "_web$") then - local http_host = configmanager.get(host, "http_host") or host; + local http_host = api(host):get_option_string("http_host", host); local http_internal_host = http_host; - local http_url = configmanager.get(host, "http_external_url"); + local http_url = api(host):get_option_string("http_external_url"); if http_url then local url_parse = require "socket.url".parse; local external_url_parts = url_parse(http_url); @@ -1062,6 +1105,9 @@ print(""); print(" Internal: "..tostring(internal_addresses)); print(" External: "..tostring(external_addresses)); + print("") + print("If the list of external external addresses is incorrect you can specify correct addresses in the config:") + print(" external_addresses = { \"192.0.2.34\", \"2001:db8::abcd:1234\" }") end print(""); print("For more information about DNS configuration please see https://prosody.im/doc/dns";); @@ -1127,13 +1173,13 @@ elseif not cert:validat(os.time() + 86400*31) then print(" Certificate expires within one month.") end - if configmanager.get(host, "component_module") == nil + if select(2, modulemanager.get_modules_for_host(host)) == nil and not x509_verify_identity(host, "_xmpp-client", cert) then print(" Not valid for client connections to "..host..".") cert_ok = false end - if (not (configmanager.get(host, "anonymous_login") - or configmanager.get(host, "authentication") == "anonymous")) + if (not (api(host):get_option_boolean("anonymous_login", false) + or api(host):get_option_string("authentication", "internal_hashed") == "anonymous")) and not x509_verify_identity(host, "_xmpp-server", cert) then print(" Not valid for server-to-server connections to "..host..".") cert_ok = false @@ -1152,7 +1198,7 @@ -- intentionally not doing this by default if what == "connectivity" then local _, prosody_is_running = is_prosody_running(); - if configmanager.get("*", "pidfile") and not prosody_is_running then + if api("*"):get_option_string("pidfile") and not prosody_is_running then print("Prosody does not appear to be running, which is required for this test."); print("Start it and then try again."); return 1; @@ -1166,7 +1212,7 @@ ["xmpps-client"] = nil; -- TODO ["xmpps-server"] = nil; -- TODO }; - local probe_settings = configmanager.get("*", "connectivity_probe"); + local probe_settings = api("*"):get_option_string("connectivity_probe"); if type(probe_settings) == "string" then probe_instance = probe_settings; elseif type(probe_settings) == "table" and type(probe_settings.url) == "string" then @@ -1224,14 +1270,14 @@ if modules:contains("c2s") then check_connectivity("xmpp-client") - if configmanager.get("*", "c2s_direct_tls_ports") then + if not api("*"):get_option_set("c2s_direct_tls_ports", {}):empty() then check_connectivity("xmpps-client"); end end if modules:contains("s2s") then check_connectivity("xmpp-server") - if configmanager.get("*", "s2s_direct_tls_ports") then + if not api("*"):get_option_set("s2s_direct_tls_ports", {}):empty() then check_connectivity("xmpps-server"); end end @@ -1249,10 +1295,11 @@ for host in enabled_hosts() do local has_external_turn = modulemanager.get_modules_for_host(host):contains("turn_external"); if has_external_turn then + local hostapi = api(host); table.insert(turn_enabled_hosts, host); - local turn_host = configmanager.get(host, "turn_external_host") or host; - local turn_port = configmanager.get(host, "turn_external_port") or 3478; - local turn_secret = configmanager.get(host, "turn_external_secret"); + local turn_host = hostapi:get_option_string("turn_external_host", host); + local turn_port = hostapi:get_option_number("turn_external_port", 3478); + local turn_secret = hostapi:get_option_string("turn_external_secret"); if not turn_secret then print("Error: Your configuration is missing a turn_external_secret for "..host); print("Error: TURN will not be advertised for this host.");
