prosody-modules: mod_s2s_auth_fingerprint/README.markdown annotate

annotate mod_s2s_auth_fingerprint/README.markdown @ 5256:44f7edd4f845

mod_http_oauth2: Reject non-local hosts in more code paths We're not issuing tokens for users on remote hosts, we can't even authenticate them since they're remote. Thus the host is always the local module.host so no need to pass around the host in most cases or use it for anything but enforcing the same host.

author	Kim Alvefur <zash@zash.se>
date	Thu, 16 Mar 2023 17:52:10 +0100
parents	8de50be756e5
children

rev	line source
1803 4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	1 ---
4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	2 labels:
4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	3 - 'Stage-Alpha'
4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	4 - 'Type-S2SAuth'
4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	5 summary: Fingerprint based s2s authentication
4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	6 ...
1782 29f3d6b7ad16 Import wiki pages Kim Alvefur <zash@zash.se> parents: diff changeset	7
1803 4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	8 Introduction
4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	9 ============
1782 29f3d6b7ad16 Import wiki pages Kim Alvefur <zash@zash.se> parents: diff changeset	10
1803 4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	11 This module allows you to manually pin certificate fingerprints of
4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	12 remote servers.
1782 29f3d6b7ad16 Import wiki pages Kim Alvefur <zash@zash.se> parents: diff changeset	13
1803 4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	14 Details
4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	15 =======
1782 29f3d6b7ad16 Import wiki pages Kim Alvefur <zash@zash.se> parents: diff changeset	16
29f3d6b7ad16 Import wiki pages Kim Alvefur <zash@zash.se> parents: diff changeset	17 Servers not listed in the configuration are not affected.
29f3d6b7ad16 Import wiki pages Kim Alvefur <zash@zash.se> parents: diff changeset	18
1803 4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	19 Configuration
4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	20 =============
1782 29f3d6b7ad16 Import wiki pages Kim Alvefur <zash@zash.se> parents: diff changeset	21
1803 4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	22 After installing and enabling this module, you can put fingerprints of
4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	23 remote servers in your config like this:
1782 29f3d6b7ad16 Import wiki pages Kim Alvefur <zash@zash.se> parents: diff changeset	24
1820 8de50be756e5 Various README files: Correct indentation levels, fix syntax and other small fixes Kim Alvefur <zash@zash.se> parents: 1803 diff changeset	25 ``` {.lua}
8de50be756e5 Various README files: Correct indentation levels, fix syntax and other small fixes Kim Alvefur <zash@zash.se> parents: 1803 diff changeset	26 s2s_auth_fingerprint_digest = "sha1" -- This is the default. Other options are "sha256" and "sha512"
8de50be756e5 Various README files: Correct indentation levels, fix syntax and other small fixes Kim Alvefur <zash@zash.se> parents: 1803 diff changeset	27 s2s_trusted_fingerprints = {
8de50be756e5 Various README files: Correct indentation levels, fix syntax and other small fixes Kim Alvefur <zash@zash.se> parents: 1803 diff changeset	28 ["jabber.org"] = "11:C2:3D:87:3F:95:F8:13:F8:CA:81:33:71:36:A7:00:E0:01:95:ED";
8de50be756e5 Various README files: Correct indentation levels, fix syntax and other small fixes Kim Alvefur <zash@zash.se> parents: 1803 diff changeset	29 ["matthewwild.co.uk"] = {
8de50be756e5 Various README files: Correct indentation levels, fix syntax and other small fixes Kim Alvefur <zash@zash.se> parents: 1803 diff changeset	30 "FD:7F:B2:B9:4C:C4:CB:E2:E7:48:FB:0D:98:11:C7:D8:4D:2A:62:AA";
8de50be756e5 Various README files: Correct indentation levels, fix syntax and other small fixes Kim Alvefur <zash@zash.se> parents: 1803 diff changeset	31 "CF:F3:EC:43:A9:D5:D1:4D:D4:57:09:55:52:BC:5D:73:06:1A:A1:A0";
8de50be756e5 Various README files: Correct indentation levels, fix syntax and other small fixes Kim Alvefur <zash@zash.se> parents: 1803 diff changeset	32 };
8de50be756e5 Various README files: Correct indentation levels, fix syntax and other small fixes Kim Alvefur <zash@zash.se> parents: 1803 diff changeset	33 }
1782 29f3d6b7ad16 Import wiki pages Kim Alvefur <zash@zash.se> parents: diff changeset	34
1820 8de50be756e5 Various README files: Correct indentation levels, fix syntax and other small fixes Kim Alvefur <zash@zash.se> parents: 1803 diff changeset	35 -- If you don't want to fall back to dialback, you can list the domains s2s_secure_domains too
8de50be756e5 Various README files: Correct indentation levels, fix syntax and other small fixes Kim Alvefur <zash@zash.se> parents: 1803 diff changeset	36 s2s_secure_domains = {
8de50be756e5 Various README files: Correct indentation levels, fix syntax and other small fixes Kim Alvefur <zash@zash.se> parents: 1803 diff changeset	37 "jabber.org";
8de50be756e5 Various README files: Correct indentation levels, fix syntax and other small fixes Kim Alvefur <zash@zash.se> parents: 1803 diff changeset	38 }
8de50be756e5 Various README files: Correct indentation levels, fix syntax and other small fixes Kim Alvefur <zash@zash.se> parents: 1803 diff changeset	39 ```
1782 29f3d6b7ad16 Import wiki pages Kim Alvefur <zash@zash.se> parents: diff changeset	40
1803 4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	41 Compatibility
4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	42 =============
1782 29f3d6b7ad16 Import wiki pages Kim Alvefur <zash@zash.se> parents: diff changeset	43
1803 4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	44 ------- --------------
4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	45 trunk Works
4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	46 0.9 Works
4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	47 0.8 Doesn't work
4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	48 ------- --------------

Mercurial > prosody-modules

annotate mod_s2s_auth_fingerprint/README.markdown @ 5256:44f7edd4f845