Mercurial > prosody-modules

annotate mod_sslv3_warn/mod_sslv3_warn.lua @ 5119:048e339706ba

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_rest: Remove manual reference expansion in schema This hack was originally added to reduce the number of definitions of common attributes (type, to, from etc) and payloads (e.g. delay). This predated pointers and references, and until now was needed because parsing picked out the correct stanza kind from the schema, which broke internal references. Removing this hack paves the way for allowing the schema to be configured or customized more easily.
author Kim Alvefur <zash@zash.se>
date Tue, 20 Dec 2022 21:48:28 +0100
parents 37cef218ba20
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
1525
37cef218ba20 mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
Kim Alvefur <zash@zash.se>
parents:
diff changeset
1 local st = require"util.stanza";
37cef218ba20 mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
Kim Alvefur <zash@zash.se>
parents:
diff changeset
2 local host = module.host;
37cef218ba20 mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
Kim Alvefur <zash@zash.se>
parents:
diff changeset
3
37cef218ba20 mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
Kim Alvefur <zash@zash.se>
parents:
diff changeset
4 local warning_message = module:get_option_string("sslv3_warning", "Your connection is encrypted using the SSL 3.0 protocol, which has been demonstrated to be insecure and will be disabled soon. Please upgrade your client.");
37cef218ba20 mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
Kim Alvefur <zash@zash.se>
parents:
diff changeset
5
37cef218ba20 mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
Kim Alvefur <zash@zash.se>
parents:
diff changeset
6 module:hook("resource-bind", function (event)
37cef218ba20 mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
Kim Alvefur <zash@zash.se>
parents:
diff changeset
7 local session = event.session;
37cef218ba20 mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
Kim Alvefur <zash@zash.se>
parents:
diff changeset
8 module:log("debug", "mod_%s sees that %s logged in", module.name, session.username);
37cef218ba20 mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
Kim Alvefur <zash@zash.se>
parents:
diff changeset
9
37cef218ba20 mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
Kim Alvefur <zash@zash.se>
parents:
diff changeset
10 local ok, protocol = pcall(function(session)
37cef218ba20 mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
Kim Alvefur <zash@zash.se>
parents:
diff changeset
11 return session.conn:socket():info"protocol";
37cef218ba20 mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
Kim Alvefur <zash@zash.se>
parents:
diff changeset
12 end, session);
37cef218ba20 mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
Kim Alvefur <zash@zash.se>
parents:
diff changeset
13 if not ok then
37cef218ba20 mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
Kim Alvefur <zash@zash.se>
parents:
diff changeset
14 module:log("debug", protocol);
37cef218ba20 mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
Kim Alvefur <zash@zash.se>
parents:
diff changeset
15 elseif protocol == "SSLv3" then
37cef218ba20 mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
Kim Alvefur <zash@zash.se>
parents:
diff changeset
16 module:add_timer(15, function ()
37cef218ba20 mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
Kim Alvefur <zash@zash.se>
parents:
diff changeset
17 if session.type == "c2s" and session.resource then
37cef218ba20 mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
Kim Alvefur <zash@zash.se>
parents:
diff changeset
18 session.send(st.message({ from = host, type = "headline", to = session.full_jid }, warning_message));
37cef218ba20 mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
Kim Alvefur <zash@zash.se>
parents:
diff changeset
19 end
37cef218ba20 mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
Kim Alvefur <zash@zash.se>
parents:
diff changeset
20 end);
37cef218ba20 mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
Kim Alvefur <zash@zash.se>
parents:
diff changeset
21 end
37cef218ba20 mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
Kim Alvefur <zash@zash.se>
parents:
diff changeset
22 end);