~samwhited/xmpp

all: update README and mention the move

Signed-off-by: Sam Whited <sam@samwhited.com>
.builds: re-enable SourceHut CI

Keep CI on SourceHut temporarily so that any PRs submitted to GitHub
will still have CI. We will remove this version of the CI at a later
date.

Updates #301

Signed-off-by: Sam Whited <sam@samwhited.com>
all: update GitHub references to Codeberg

Signed-off-by: Sam Whited <sam@samwhited.com>
.woodpecker: support Codeberg CI (Woodpecker)

Signed-off-by: Sam Whited <sam@samwhited.com>
internal/integration/prosody: run as root

It would be preferable (even in CI) to run Prosody as a normal user.
Unfortunately doing this in the integration testing code doesn't work
for reasons that are still unclear, we don't want to always be using
sudo, doas, or similar which may not exist on all systems, and we can't
use prosodyctl because it always daemonizes prosody.

For now, just allow Prosody to run as root.

Signed-off-by: Sam Whited <sam@samwhited.com>
internal/integration: use IPv4 loopback

It appears that Codeberg CI doesn't have IPv6 enabled and we'll need to
use the IPv4 loopback address.

Signed-off-by: Sam Whited <sam@samwhited.com>
all: run gofmt for Go 1.19 doc comments

Some changes were made to documentation comments in Go 1.19 including
adding "#" before headers (instead of detecting them with a heuristic),
and indentation using tabs.

This patch is the result of running "gofmt -s -w ." in the project root.

Fixes #298

Signed-off-by: Sam Whited <sam@samwhited.com>
styling: add docs for exportable tests

Signed-off-by: Sam Whited <sam@samwhited.com>
ibr2: deprecate old package

The ibr2 package implements an old version of the extensible in-band
registration protocol and we currently don't have plans to update it to
the latest version.

This patch adds a deprecation warning so that the package can be removed
in the next release after deprecation is complete.

The test file was removed due to a bug in our linter that caused it to
complain about the ibr2_test package importing a deprecated package (but
of course it does).

Fixes #295

Signed-off-by: Sam Whited <sam@samwhited.com>
docs: mention signed releases

Update the security docs to mention that releases are now signed.

Signed-off-by: Sam Whited <sam@samwhited.com>
docs: mention Lemmy in release procedure

Signed-off-by: Sam Whited <sam@samwhited.com>
docs: add CII best practices to README

Signed-off-by: Sam Whited <sam@samwhited.com>
component: ensure stream namespace is set

This patch ensures that we're reading the <stream> start tokens through
the session's decoder (not a new one that we create and then discard) so
that the default namespace is correctly set.
Prior to this patch no stream namespace was set and therefore anything
that matched on it (eg. the mux package) would expect a namespace of
"jabber:component:accept" but would see a namespace of "" and ignore it.

Fixes #293

Signed-off-by: Sam Whited <sam@samwhited.com>
ibb: add API to listen for specific connections

Most IBB sessions will be negotiated out of band, however there was
previously no API for accepting a specific pre-negotiated session.

Fixes #240

Signed-off-by: Sam Whited <sam@samwhited.com>
xmpp: update changelog for bind fix

Signed-off-by: Sam Whited <sam@samwhited.com>
0c8e3a77 — Julien Lavocat 3 months ago
xmpp: use correct namespace on bind response

Bind used to always send a jabber:server namespace instead of the
expected namespace based on connection type.

Fixes #287

Signed-off-by: Julien Lavocat <julien.lavocat@gmail.com>
compress: remove the legacy compression package

Fixes #277

Signed-off-by: Sam Whited <sam@samwhited.com>
internal/discover: fix a request body leak

Previously the request body was non closed during XRD file lookup until
the context timed out, resulting in a resource leak if the user did not
set a context, or set a very long timeout.

Fixes #284

Signed-off-by: Sam Whited <sam@samwhited.com>
internal/discover: limit XRD body size

Previously when reading the XRD file the size wasn't checked.
Instead, we should error if a server maliciously or accidentally sends
us a huge amount of XML to parse when all we wanted to do was look up
the host meta information.

Fixes #283

Signed-off-by: Sam Whited <sam@samwhited.com>
all: release v0.21.2

Signed-off-by: Sam Whited <sam@samwhited.com>
Next