summaryrefslogtreecommitdiff
path: root/chat/prosody
AgeCommit message (Collapse)AuthorFilesLines
2015-04-15Update prosody to version 0.9.8.nros3-12/+12
Changelog: Changes ordered by priority. High: * Ensure only valid UTF-8 is passed to libidn. It was found (CVE-2015-2059) that libidn can read beyond the boundaries of the provided buffer when an input string contains invalid UTF-8 sequences. Systems where Prosody is compiled with libICU are not affected by this issue. Medium: * DNS: Fix traceback caused when DNS server IP is unroutable (issue 473) * HTTP client: More robust handling of chunked encoding across packet boundaries * Stanza router: Fix handling of 'error' <iq>'s with multiple children Low: * c2s: Fix error reply when clients try to bind multiple resources on the same stream (issue 484) * s2s: Ensure to/from attributes are always present on stream headers, even if empty (issue 468) * Build scripts: Add --libdir option to ./configure to simplify building on some platforms * Fix traceback in datamanager when used outside of Prosody (e.g. in some migration tools) * mod_admin_telnet: Fix potential traceback in server:memory() command (issue 471) * HTTP server: Improved debug logging
2014-12-15Make sure to pass full LDFLAGS. Fixes build on NetBSD.fhajny1-2/+2
2014-11-27Fix missing conditionalfhajny1-1/+3
2014-11-27Update prosody to 0.9.7.fhajny4-35/+81
Clean up Makefile for readibility. Add SMF manifest. Changes in 0.9.7: - Fix server-to-server interoperability issue with Isode M-Link (since 0.9.6) - Fix traceback in 'prosodyctl about' command with LuaRocks 2.2.0+ installed Changes in 0.9.6: - certmanager, net.http: Disable SSLv3 by default - net.http.parser: Support status code 101 and allow handling of the received data by plugins - util.filters: Ignore filters being added twice (fixes issues on removal, i.e. when some plugins are reloaded/unloaded) - mod_s2s: Close offending s2s streams missing an 'id' attribute with a stream error instead of throwing an unhandled error - Networking API: Add 'ondetach' callback for listener objects, to prevent leaks when connections have their listener changed - core.stanza_router: Stricter validation of stanzas - mod_admin_adhoc: Mark 'accountjids' field as required in 'end user sessions' command (thanks Lloyd) - mod_admin_adhoc: Add required to field in user deletion form too - net.dns: Avoid duplicate cache entries - util.stanza: Escape newlines and tabs (\r\n\t) when serializing stanzas. - util/dataforms: Make sure we iterate over field tags only - mod_s2s: Capitalize log message - mod_pubsub: Fix error type of 'forbidden' (change from 'cancel' to 'auth') Changes in 0.9.5: - C2S: Fix traceback if a client opens a stream to component, which could cause a crash in combination with some versions of LuaEvent - C2S, S2S: Log received invalid stream headers - S2S: Fix case where stream headers were sometimes sent twice - DNS: Ensure all pending requests get notified of a timeout when looking up a record - DNS: Fix duplicated cache insertions by limiting outstanding queries per name to one - xmppstream: Disable LuaExpat's buffering - xmppstream: Disable CharacterData merging after stream restarts - xmppstream: Pass invalid stream headers to error handling - Privacy lists: Correctly sort privacy list rules by order - prosody: Check dependencies later in the startup sequence - Config: Delay importing LuaFileSystem until needed by an Include line - Config: Normalize VirtualHost and Component names - prosodyctl: Normalize JIDs for adduser/passwd/deluser - POSIX: Fix error reporting from disk space allocation - POSIX: Verify that 'pidfile' is a string, show friendly error otherwise - Dependency checking: Check that prosody is running under Lua 5.1. We don't currently support any other versions. (LuaJIT identifies as 5.1) - Compliance: Reset stream ID when resetting stream - Compression: Log compression setup errors - Console: Fix commands for adding and replacing name servers - Console MUC commands: Fix error when a non-existent host is entered - Filters: Prevent filters from being added twice - Network: Transfer all available data between linked sockets - dataforms: Add support for XEP-0221: Data Forms Media Element
2014-10-19Revbump after lang/lua51 update.alnsn1-2/+2
2014-06-19Add lang/lua/tool.mk to fix build with lang/lua52.fhajny1-1/+2
2014-05-03Adapt to Lua multiversion support.alnsn1-1/+4
2014-04-07Update prosody to 0.9.4.fhajny2-6/+6
Fix for a DoS vulnerability, see https://www.debian.org/security/2014/dsa-2895 Changes in 0.9.4: - Compression: Disallow compression on unauthenticated streams - Core: Limit default read size and maximum stanza size - Core: Enable SASL EXTERNAL by default for component s2s - S2S: Warn if s2s_secure_auth and s2s_require_encryption have been set in conflicting ways - S2S: Warn if no local network addresses were found, preventing successful s2s - MUC: Fix traceback when a non-occupant tried to change an occupant's role - MUC: API: Fire an event when temporary rooms are destroyed after the last person leaves - Telnet: Fixed traceback when listing users - Telnet: Apply normalization to JIDs in user management commands - HTTP: Fix directory detection in file server on Windows - Plugins: Fix paths on Windows - MOTD: Don't strip blank lines from the message provided in the config - prosodyctl: Better error reporting when generating certificates - Makefile: Improve FreeBSD compatibility - Multiple fixes to our migration tools, and support for importing MUCs from ejabberd
2014-03-11Remove example rc.d scripts from PLISTs.jperkin1-2/+1
These are now handled dynamically if INIT_SYSTEM is set to "rc.d", or ignored otherwise.
2014-03-10Update prosody to 0.9.3.fhajny7-22/+29
Changes in 0.9.3: - A config file passed as command line argument is no longer forgotten when config is reloaded - MUC: Allow admins to always bypass restrict_room_creation - Strip trailing '.' when normalizing hostnames - HTTP: Prevent silent connection failures - Components: Allow easier overriding of component authentication by plugins - Components: Enable TCP keepalives - Migrator: Better error reporting and improved robustness - S2S: Include IP in log messages, if hostname is unavailable - TLS: Log error when initialization fails Changes in 0.9.2: - Debian/Ubuntu packages fixed to always generate per-system certs - TLS: Improved cipher string, and use Prosody's preferred ciphers - MUC: Fix for Spark clients not displaying room lists
2014-02-12Recursive PKGREVISION bump for OpenSSL API version bump.tron1-2/+2
2013-10-30Bump PKGREVISION of packages whose Lua depends changed form, but whosedholland1-1/+2
own PKGNAME is unchanged.
2013-10-30Update Lua module depends for multiversion environment; use REPLACE_LUA.dholland1-9/+8
2013-09-13Update prosody to 0.9.1fhajny6-49/+92
Changes in 0.9.1: * Config: Fix the workaround for LuaSec 0.4.x to apply the ssl 'ciphers' option correctly * Config: Ability to specify the ssl 'dhparam' option simply as a path to a file, instead of a callback function * Windows: Fix s2s issues * Windows: Fix the ability to specify absolute paths to SSL certificates in the config * Build: Fix compilation issue on non-Linux systems that have glibc (such as Debian GNU/kFreeBSD) * API: Fix to our set library, that caused the :include() and :exclude() methods to behave incorrectly Changes in 0.9.0: * IPv6 support for c2s, s2s and all other services (e.g. HTTP) * Server-to-server authentication using certificates (SASL EXTERNAL) * A new HTTP subsystem, supporting virtual hosts, and fully reloadable modules * Client and server connections are now handled by modules: mod_c2s, mod_s2s * mod_pubsub: Basic pubsub service (some features not yet implemented) * prosodyctl about - show information about a Prosody installation * prosodyctl cert - command to generate XMPP certificates and CSRs * Many very nice enhancements to our module API * MUC: Configurable per-room history length * MUC: Plugins can now extend the room configuration form See notes on upgrading from 0.8.x: https://prosody.im/doc/release/0.9.0#upgrading
2013-07-04Revbump after updating lang/lua to 5.2.2.adam1-2/+2
2013-02-06PKGREVISION bumps for the security/openssl 1.0.1d update.jperkin1-2/+2
2012-10-03Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days.asau1-3/+1
2011-09-30Fix rpath linking & typo in patch file, add a rc.d script (thanks ewdafa)fhajny5-9/+40
This fixes PR pkg/45357. Bump PKGREVISION.
2011-06-21Update to 0.8.2. From the release announcement:schnoebe2-6/+6
Just a small release for you this time, with a handful of bugfixes. Thanks to '@eoranged' and the other PostgreSQL users who helped with feedback and testing of the SQL fixes (the PostgreSQL server we use for testing is now behaving properly!). A summary of changes in this release: * mod_storage_sql: Fix compatibility with PostgreSQL databases (0.8.1 issue) * mod_bosh: Fix for sessions not timing out after inactivity in some cases * mod_dialback: Fix multiple concurrent dialback requests for the same domain (was sometimes causing s2s failure with certain ejabberds)
2011-06-06Update to prosody 0.8.1.schnoebe7-73/+65
A security and bug fix release. The security aspect is to mitigate the "billion laughs" denial-of-service attack against XML parsers and XMPP servers. Other changes: - Reject XML DTDs, comments and processing instructions, preventing the "billion laughs" attack - Switch to MEDIUMTEXT in the schema for MySQL to avoid truncating large data (such as large avatars) Prosody automatically upgrades the table in-place if possible, see: http://prosody.im/doc/mysql - Fix for endless loop when parsing certain invalid JSON - Fix PostgreSQL compatibility in prosody-migrator - Fix timestamp parsing for DST (affecting MUC scrollback retrieval) - mod_legacyauth now correctly disabled for unencrypted connections by default - Components properly inherit SSL settings and certificates from their 'parent' hosts - Prevent startup with no VirtualHost entries in the config file
2011-04-22recursive bump from gettext-lib shlib bump.obache1-1/+2
2010-09-21Import prosody-0.7.0 as chat/prosody.fhajny8-0/+339
Prosody is a flexible communications server for Jabber/XMPP written in Lua. It aims to be easy to use, and light on resources. For developers it aims to be easy to extend and give a flexible system on which to rapidly develop added functionality, or prototype new protocols. (Based on wip/prosody.)