Mercurial > prosody-modules
annotate mod_disable_tls/mod_disable_tls.lua @ 5956:97375a78d2b5
mod_http_oauth2: Reject URLs with 'userinfo' part (thanks mimi89999)
The LuaSocket parser supports these but they're deprecated without
replacement by RFC 3986
> Use of the format "user:password" in the userinfo field is deprecated
Allowing it in OAuth2 URLs is probably bad from a security perspective.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Thu, 29 Aug 2024 16:02:46 +0200 |
| parents | 25be5fde250f |
| children |
| rev | line source |
|---|---|
|
1482
25be5fde250f
mod_disable_tls: Default to empty set if disable_tls_ports not present in config (fixes traceback)
Matthew Wild <mwild1@gmail.com>
parents:
1481
diff
changeset
|
1 local disable_tls_ports = module:get_option_set("disable_tls_ports", {}); |
|
1481
e10e74583b5f
mod_disable_tls: New module to disable c2s TLS by port number
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
2 |
|
e10e74583b5f
mod_disable_tls: New module to disable c2s TLS by port number
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
3 module:hook("stream-features", function (event) |
|
e10e74583b5f
mod_disable_tls: New module to disable c2s TLS by port number
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
4 if disable_tls_ports:contains(event.origin.conn:serverport()) then |
|
e10e74583b5f
mod_disable_tls: New module to disable c2s TLS by port number
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
5 module:log("error", "Disabling TLS for client on port %d", event.origin.conn:serverport()); |
|
e10e74583b5f
mod_disable_tls: New module to disable c2s TLS by port number
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
6 event.origin.conn.starttls = false; |
|
e10e74583b5f
mod_disable_tls: New module to disable c2s TLS by port number
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
7 end |
|
e10e74583b5f
mod_disable_tls: New module to disable c2s TLS by port number
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
8 end, 1000); |