prosody-modules: mod_secure_interfaces/mod_secure_interfaces.lua annotate

annotate mod_secure_interfaces/mod_secure_interfaces.lua @ 2726:55f3ab952d06

mod_secure_interfaces: Add debug log in non-secure case also

author	Matthew Wild <mwild1@gmail.com>
date	Thu, 06 Jul 2017 10:48:39 +0100
parents	a464261deba8
children	cd828b1cb5b9

rev	line source
1177 a464261deba8 mod_secure_interfaces: New module to mark c2s sessions on given interfaces as 'secure' without encryption Matthew Wild <mwild1@gmail.com> parents: diff changeset	1 local secure_interfaces = module:get_option_set("secure_interfaces", { "127.0.0.1" });
a464261deba8 mod_secure_interfaces: New module to mark c2s sessions on given interfaces as 'secure' without encryption Matthew Wild <mwild1@gmail.com> parents: diff changeset	2
a464261deba8 mod_secure_interfaces: New module to mark c2s sessions on given interfaces as 'secure' without encryption Matthew Wild <mwild1@gmail.com> parents: diff changeset	3 module:hook("stream-features", function (event)
a464261deba8 mod_secure_interfaces: New module to mark c2s sessions on given interfaces as 'secure' without encryption Matthew Wild <mwild1@gmail.com> parents: diff changeset	4 local session = event.origin;
a464261deba8 mod_secure_interfaces: New module to mark c2s sessions on given interfaces as 'secure' without encryption Matthew Wild <mwild1@gmail.com> parents: diff changeset	5 if session.type ~= "c2s_unauthed" then return; end
a464261deba8 mod_secure_interfaces: New module to mark c2s sessions on given interfaces as 'secure' without encryption Matthew Wild <mwild1@gmail.com> parents: diff changeset	6 local socket = session.conn:socket();
2726 55f3ab952d06 mod_secure_interfaces: Add debug log in non-secure case also Matthew Wild <mwild1@gmail.com> parents: 1177 diff changeset	7 if not socket.getsockname then
55f3ab952d06 mod_secure_interfaces: Add debug log in non-secure case also Matthew Wild <mwild1@gmail.com> parents: 1177 diff changeset	8 module:log("debug", "Unable to determine local address of incoming connection");
55f3ab952d06 mod_secure_interfaces: Add debug log in non-secure case also Matthew Wild <mwild1@gmail.com> parents: 1177 diff changeset	9 return;
55f3ab952d06 mod_secure_interfaces: Add debug log in non-secure case also Matthew Wild <mwild1@gmail.com> parents: 1177 diff changeset	10 end
1177 a464261deba8 mod_secure_interfaces: New module to mark c2s sessions on given interfaces as 'secure' without encryption Matthew Wild <mwild1@gmail.com> parents: diff changeset	11 local localip = socket:getsockname();
a464261deba8 mod_secure_interfaces: New module to mark c2s sessions on given interfaces as 'secure' without encryption Matthew Wild <mwild1@gmail.com> parents: diff changeset	12 if secure_interfaces:contains(localip) then
2726 55f3ab952d06 mod_secure_interfaces: Add debug log in non-secure case also Matthew Wild <mwild1@gmail.com> parents: 1177 diff changeset	13 module:log("debug", "Marking session from %s to %s as secure", session.ip or "[?]", localip);
1177 a464261deba8 mod_secure_interfaces: New module to mark c2s sessions on given interfaces as 'secure' without encryption Matthew Wild <mwild1@gmail.com> parents: diff changeset	14 session.secure = true;
2726 55f3ab952d06 mod_secure_interfaces: Add debug log in non-secure case also Matthew Wild <mwild1@gmail.com> parents: 1177 diff changeset	15 else
55f3ab952d06 mod_secure_interfaces: Add debug log in non-secure case also Matthew Wild <mwild1@gmail.com> parents: 1177 diff changeset	16 module:log("debug", "Not marking session from %s to %s as secure", session.ip or "[?]", localip);
1177 a464261deba8 mod_secure_interfaces: New module to mark c2s sessions on given interfaces as 'secure' without encryption Matthew Wild <mwild1@gmail.com> parents: diff changeset	17 end
a464261deba8 mod_secure_interfaces: New module to mark c2s sessions on given interfaces as 'secure' without encryption Matthew Wild <mwild1@gmail.com> parents: diff changeset	18 end, 2500);