Mercurial > prosody-modules

annotate mod_warn_legacy_tls/README.markdown @ 3953:2c6d5734ae04

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_rest: Add JSON mapping of XEP-0128: Service Discovery Extensions Example XEP-0157 payload: { "disco" : { "extensions" : { "http://jabber.org/network/serverinfo" : { "abuse-addresses" : [ "mailto:abuse@shakespeare.lit", "xmpp:abuse@shakespeare.lit" ], "admin-addresses" : [ "mailto:admin@shakespeare.lit", "xmpp:admin@shakespeare.lit" ], "feedback-addresses" : [ "http://shakespeare.lit/feedback.php", "mailto:feedback@shakespeare.lit", "xmpp:feedback@shakespeare.lit" ], "sales-addresses" : [ "xmpp:bard@shakespeare.lit" ], "security-addresses" : [ "xmpp:security@shakespeare.lit" ], "support-addresses" : [ "http://shakespeare.lit/support.php", "xmpp:support@shakespeare.lit" ] } } } }
author Kim Alvefur <zash@zash.se>
date Mon, 23 Mar 2020 19:03:04 +0100
parents 5073bbd86970
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
3728
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
1 TLS 1.0 and TLS 1.1 are about to be obsolete. This module warns clients
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
2 if they are using those versions, to prepare for disabling them.
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
3
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
4 # Configuration
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
5
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
6 ``` {.lua}
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
7 modules_enabled = {
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
8 -- other modules etc
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
9 "warn_legacy_tls";
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
10 }
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
11
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
12 -- This is the default, you can leave it out if you don't wish to
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
13 -- customise or translate the message sent.
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
14 -- '%s' will be replaced with the TLS version in use.
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
15 legacy_tls_warning = [[
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
16 Your connection is encrypted using the %s protocol, which has been demonstrated to be insecure and will be disabled soon. Please upgrade your client.
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
17 ]]
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
18 ```
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
19
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
20 ## Options
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
21
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
22 `legacy_tls_warning`
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
23 : A string. The text of the message sent to clients that use outdated
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
24 TLS versions. Default as in the above example.
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
25
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
26 `legacy_tls_versions`
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
27 : Set of TLS versions, defaults to
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
28 `{ "SSLv3", "TLSv1", "TLSv1.1" }`{.lua}, i.e. TLS \< 1.2.