Mercurial > prosody-modules
annotate mod_disable_tls/mod_disable_tls.lua @ 5407:149634647b48
mod_http_oauth2: Don't issue client_secret when not using authentication
This is pretty much only for implicit flow, which is considered insecure
anyway, so this is of limited value. If we delete all the implicit flow
code, this could be reverted.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Tue, 02 May 2023 16:39:32 +0200 |
| parents | 25be5fde250f |
| children |
| rev | line source |
|---|---|
|
1482
25be5fde250f
mod_disable_tls: Default to empty set if disable_tls_ports not present in config (fixes traceback)
Matthew Wild <mwild1@gmail.com>
parents:
1481
diff
changeset
|
1 local disable_tls_ports = module:get_option_set("disable_tls_ports", {}); |
|
1481
e10e74583b5f
mod_disable_tls: New module to disable c2s TLS by port number
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
2 |
|
e10e74583b5f
mod_disable_tls: New module to disable c2s TLS by port number
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
3 module:hook("stream-features", function (event) |
|
e10e74583b5f
mod_disable_tls: New module to disable c2s TLS by port number
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
4 if disable_tls_ports:contains(event.origin.conn:serverport()) then |
|
e10e74583b5f
mod_disable_tls: New module to disable c2s TLS by port number
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
5 module:log("error", "Disabling TLS for client on port %d", event.origin.conn:serverport()); |
|
e10e74583b5f
mod_disable_tls: New module to disable c2s TLS by port number
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
6 event.origin.conn.starttls = false; |
|
e10e74583b5f
mod_disable_tls: New module to disable c2s TLS by port number
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
7 end |
|
e10e74583b5f
mod_disable_tls: New module to disable c2s TLS by port number
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
8 end, 1000); |