Code commits
Openfire (master)
-
Guus der Kinderen b13400071eb5fdbb84afe7e2b0b3946d8fd4116b
OF-3262: Improve unit test coverage (more off-by-one checks)
Also refactored some of the existing tests for robustness/consistency.- xmppserver/src/test/java/org/jivesoftware/admin/LoginLimitManagerTest.java (version b13400071eb5fdbb84afe7e2b0b3946d8fd4116b)
-
Guus der Kinderen 0e6053a10645f8769e1e52e292b388247cf95345
OF-3262 (code review) Do not unlock IP-only gate based on username success
Do not let a successful login from one IP also reduce the shared IP-only counter for other IPs that this user previously used. That weakens the secondary per-IP gate.- xmppserver/src/main/java/org/jivesoftware/admin/LoginLimitManager.java (version 0e6053a10645f8769e1e52e292b388247cf95345)
- xmppserver/src/test/java/org/jivesoftware/admin/LoginLimitManagerTest.java (version 0e6053a10645f8769e1e52e292b388247cf95345)
-
Guus der Kinderen efa090634a0b0c6934c4957d47a713db7c0a9869
OF-3262: Failed login tracking to use IP/Username combination
This improves failed-login tracking in the admin console by using a combination of username and IP address instead of relying solely on IP-based tracking alone. This primarily fixes an issue where a single user, behind a reverse proxy or NAT, can lock out all other users.
The old IP-only restriction is still left in place. Its default maximum attempts has been increased to a number higher than the IP/Username combination attempt maximum.- i18n/src/main/resources/openfire_i18n.properties (version efa090634a0b0c6934c4957d47a713db7c0a9869)
- xmppserver/src/main/java/org/jivesoftware/admin/LoginLimitManager.java (version efa090634a0b0c6934c4957d47a713db7c0a9869)
- xmppserver/src/test/java/org/jivesoftware/admin/LoginLimitManagerTest.java (version efa090634a0b0c6934c4957d47a713db7c0a9869)
-
Guus der Kinderen f1b3780d127f01d73eea68225b236661e47176e2
fixes small typo
- xmppserver/src/main/java/org/jivesoftware/admin/LoginLimitManager.java (version f1b3780d127f01d73eea68225b236661e47176e2)
-
Guus der Kinderen 46b4888c393cca228616a5fccd5cc9de0c788ffd
OF-3262 (code review): Improve unit test coverage for LoginLimitManager
This refactors the unit tests, adding explicit coverage for checking single gates.- xmppserver/src/main/java/org/jivesoftware/admin/LoginLimitManager.java (version 46b4888c393cca228616a5fccd5cc9de0c788ffd)
- xmppserver/src/test/java/org/jivesoftware/admin/LoginLimitManagerTest.java (version 46b4888c393cca228616a5fccd5cc9de0c788ffd)
-
Guus der Kinderen 636566809dc4d867616677736a317935c58ae211
(code review): fixed typo in log statement
- xmppserver/src/main/java/org/jivesoftware/admin/LoginLimitManager.java (version 636566809dc4d867616677736a317935c58ae211)
-
Guus der Kinderen 1f7a8df02bb55422265fe44ea34188c3cacc8b41
OF-3262 (code review): Improve concurrency
Make modifications to the maps that store attemps atomic to reduce potential concurrency issues.- xmppserver/src/main/java/org/jivesoftware/admin/LoginLimitManager.java (version 1f7a8df02bb55422265fe44ea34188c3cacc8b41)
-
Guus der Kinderen 042333964e57964bb3bd55a5be7f821cf2b69798
OF-3262 (code review): trivial improvements (spelling etc)
- i18n/src/main/resources/openfire_i18n.properties (version 042333964e57964bb3bd55a5be7f821cf2b69798)
- xmppserver/src/main/java/org/jivesoftware/admin/LoginLimitManager.java (version 042333964e57964bb3bd55a5be7f821cf2b69798)
-
Dan Caseley 1804f80e0e426bf8280c91b9fc69226d053fa39e
CI: Cache conversations.apk download in tests
- .github/actions/conversationstest-action/action.yml (version 1804f80e0e426bf8280c91b9fc69226d053fa39e)
- .github/actions/conversationstest-action/run-tests.sh (version 1804f80e0e426bf8280c91b9fc69226d053fa39e)
-
Dan Caseley bc607df8d0f2692fa9007ff1d291c5feb1748054
CI: Add some retries and timeouts to the curl request
The retries defend against transient problems.
The timeouts prevent a connection problem from hanging the job for a long time- .github/actions/conversationstest-action/run-tests.sh (version bc607df8d0f2692fa9007ff1d291c5feb1748054)
-
Guus der Kinderen d7754990985ddac343ccbe52a92ec7e80447ed19
OF-3274: Bump org.glassfish.jaxb:jaxb-runtime from 2.3.3 to 2.3.9
jaxb-runtime 4 is Jakarta JAXB (jakarta.xml.bind.), which is a package-rename break from javax.xml.bind.. so a direct upgrade to 4.0.x is not safe for the current code.
We should keep JAXB on the 2.3.x line for now (same javax namespace)- xmppserver/pom.xml (version d7754990985ddac343ccbe52a92ec7e80447ed19)
-
Guus der Kinderen 2e8cbdcc64007bf4a80d6ebf8cc7e94fb7b1f1b4
CI: bump actions/setup-java to v5
Node.js 20 actions are deprecated. actions/setup-java@v4 uses node 20, v5 uses node 24.- .github/actions/connectivitytests-action/action.yml (version 2e8cbdcc64007bf4a80d6ebf8cc7e94fb7b1f1b4)
- .github/actions/startserver-action/action.yml (version 2e8cbdcc64007bf4a80d6ebf8cc7e94fb7b1f1b4)
-
Milan Tyagi <milantyagi2004@gmail.com> cd3554956ef0a73bb8258def4c925c9aca21573a
OF-2970: Address review feedback for CacheControlFilter
- Replaced STATIC_RESOURCE_EXTENSIONS SystemProperty from a
comma-separated String type to a List<String> type using
buildList(String.class). This leverages the framework's native
list support and eliminates the need for manual CSV parsing
in the getStaticExtensions() helper method, which has been removed.
- Added missing i18n description entries in openfire_i18n.properties
for the two new system properties:
- adminConsole.static-resource-extensions
- adminConsole.static-resource-max-age
This fixes the "???system_property.X???" error shown on the
admin console System Properties page.- i18n/src/main/resources/openfire_i18n.properties (version cd3554956ef0a73bb8258def4c925c9aca21573a)
- xmppserver/src/main/java/org/jivesoftware/admin/CacheControlFilter.java (version cd3554956ef0a73bb8258def4c925c9aca21573a)
-
Milan Tyagi <milantyagi2004@gmail.com> 5bc15034261f11840fe620b265f05263d01e7961
OF-2970: Implement HTTP Cache-Control headers in the admin console
Static assets (JS, CSS, images, fonts) now use configurable
short-term caching (default: public, max-age=3600) instead of
long-lived immutable caching, preventing stale assets after upgrades
while still reducing redundant requests.
Dynamic/admin pages now receive no-store/no-cache/must-revalidate
headers to prevent sensitive content from being cached by browsers
or proxies.
Changes include:
- Replace immutable year-long caching with configurable short-term caching
- Add configurable SystemProperties for static resource extensions and max-age
- Apply cache headers after chain.doFilter() to inspect response status
- Restrict cache headers to successful (200/304) responses only
- Skip header application for committed responses or existing Cache-Control headers
- Remove unnecessary query parameter stripping from URI processing
- Add comprehensive unit tests covering static resources, dynamic pages,
error responses, committed responses, case-insensitive matching,
and configurable properties- xmppserver/src/main/java/org/jivesoftware/admin/CacheControlFilter.java (version 5bc15034261f11840fe620b265f05263d01e7961)
- xmppserver/src/main/webapp/WEB-INF/web.xml (version 5bc15034261f11840fe620b265f05263d01e7961)
- xmppserver/src/test/java/org/jivesoftware/admin/CacheControlFilterTest.java (version 5bc15034261f11840fe620b265f05263d01e7961)
- xmppserver/web/WEB-INF/web.xml (version 5bc15034261f11840fe620b265f05263d01e7961)
-
Milan Tyagi <milantyagi2004@gmail.com> a4c921bf869742c4b6088a3939709231e6453a1b
fix implement stream to handle custom values
- xmppserver/src/main/java/org/jivesoftware/admin/CacheControlFilter.java (version a4c921bf869742c4b6088a3939709231e6453a1b)
-
dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 9ad371ceba6ba158b97363dc019d6867f88a2fb7
chore(deps): bump org.codehaus.mojo:versions-maven-plugin
Bumps [org.codehaus.mojo:versions-maven-plugin](https://github.com/mojohaus/versions) from 2.18.0 to 2.21.0.
- [Release notes](https://github.com/mojohaus/versions/releases)
- [Changelog](https://github.com/mojohaus/versions/blob/master/ReleaseNotes.md)
- [Commits](https://github.com/mojohaus/versions/compare/2.18.0...2.21.0)
---
updated-dependencies:
- dependency-name: org.codehaus.mojo:versions-maven-plugin
dependency-version: 2.21.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>- plugins/pom.xml (version 9ad371ceba6ba158b97363dc019d6867f88a2fb7)
- pom.xml (version 9ad371ceba6ba158b97363dc019d6867f88a2fb7)
-
Guus der Kinderen 532bfa713c2089606b6689c3d55e4045a17bb98e
OF-3264: IpUtils should ignore scope/zone suffix for IPv6 values
IpUtils should successfully parse a value like `fe80::1%eth0` as an IPv6 address.- xmppserver/src/main/java/org/jivesoftware/util/IpUtils.java (version 532bfa713c2089606b6689c3d55e4045a17bb98e)
- xmppserver/src/test/java/org/jivesoftware/util/IpUtilsTest.java (version 532bfa713c2089606b6689c3d55e4045a17bb98e)
-
Guus der Kinderen 99b516227e9d3754974f08b628aadd5f46415de5
OF-3264 (code review): Consistently handle IPv6 scoped addresses
This adds the stripping of scopes consistently to all places where they can occur, and adds unit test coverage.- xmppserver/src/main/java/org/jivesoftware/util/IpUtils.java (version 99b516227e9d3754974f08b628aadd5f46415de5)
- xmppserver/src/test/java/org/jivesoftware/util/IpUtilsTest.java (version 99b516227e9d3754974f08b628aadd5f46415de5)
-
Guus der Kinderen 8184750eacf7bfd72d7385e61482ef8e2e94d638
OF-3271: Improve wording of idle user kick and ping settings in admin UI
Clarifies the behaviour of each setting and distinguishes the unconditional kick from the ping-based removal.
Removes all translations of the affected strings as these were no longer accurate due to parameter placement changes.- i18n/src/main/resources/openfire_i18n.properties (version 8184750eacf7bfd72d7385e61482ef8e2e94d638)
- i18n/src/main/resources/openfire_i18n_cs_CZ.properties (version 8184750eacf7bfd72d7385e61482ef8e2e94d638)
- i18n/src/main/resources/openfire_i18n_de.properties (version 8184750eacf7bfd72d7385e61482ef8e2e94d638)
- i18n/src/main/resources/openfire_i18n_es.properties (version 8184750eacf7bfd72d7385e61482ef8e2e94d638)
- i18n/src/main/resources/openfire_i18n_fa_IR.properties (version 8184750eacf7bfd72d7385e61482ef8e2e94d638)
- i18n/src/main/resources/openfire_i18n_fr.properties (version 8184750eacf7bfd72d7385e61482ef8e2e94d638)
- i18n/src/main/resources/openfire_i18n_he.properties (version 8184750eacf7bfd72d7385e61482ef8e2e94d638)
- i18n/src/main/resources/openfire_i18n_ja_JP.properties (version 8184750eacf7bfd72d7385e61482ef8e2e94d638)
- i18n/src/main/resources/openfire_i18n_nl.properties (version 8184750eacf7bfd72d7385e61482ef8e2e94d638)
- i18n/src/main/resources/openfire_i18n_pl_PL.properties (version 8184750eacf7bfd72d7385e61482ef8e2e94d638)
- i18n/src/main/resources/openfire_i18n_pt_BR.properties (version 8184750eacf7bfd72d7385e61482ef8e2e94d638)
- i18n/src/main/resources/openfire_i18n_pt_PT.properties (version 8184750eacf7bfd72d7385e61482ef8e2e94d638)
- i18n/src/main/resources/openfire_i18n_ru_RU.properties (version 8184750eacf7bfd72d7385e61482ef8e2e94d638)
- i18n/src/main/resources/openfire_i18n_sk.properties (version 8184750eacf7bfd72d7385e61482ef8e2e94d638)
- i18n/src/main/resources/openfire_i18n_uk_UA.properties (version 8184750eacf7bfd72d7385e61482ef8e2e94d638)
- i18n/src/main/resources/openfire_i18n_zh_CN.properties (version 8184750eacf7bfd72d7385e61482ef8e2e94d638)
- xmppserver/src/main/webapp/muc-tasks.jsp (version 8184750eacf7bfd72d7385e61482ef8e2e94d638)
-
Guus der Kinderen 8d467f9c800e6c5eabebfaff1641b0e170b3a7d7
Admin console muc tasks: fix javascript checkbox selection
- xmppserver/src/main/webapp/muc-tasks.jsp (version 8d467f9c800e6c5eabebfaff1641b0e170b3a7d7)