annotate mod_warn_legacy_tls/README.markdown @ 4989:b74d592df9e2

mod_http_muc_log: Remove dead code This might be something left over since a different variant where the loop went like `for n = i-1, i-100, -1 do ... end` i.e. it went trough a fixed number of items instead of all the page until the current message. Then it would have needed something to stop going over the end, but since the checks are simple it shouldn't be much of a problem looping over even a very busy day.
author Kim Alvefur <zash@zash.se>
date Tue, 16 Aug 2022 01:27:59 +0200
parents 5073bbd86970
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
3728
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
1 TLS 1.0 and TLS 1.1 are about to be obsolete. This module warns clients
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
2 if they are using those versions, to prepare for disabling them.
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
3
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
4 # Configuration
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
5
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
6 ``` {.lua}
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
7 modules_enabled = {
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
8 -- other modules etc
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
9 "warn_legacy_tls";
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
10 }
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
11
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
12 -- This is the default, you can leave it out if you don't wish to
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
13 -- customise or translate the message sent.
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
14 -- '%s' will be replaced with the TLS version in use.
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
15 legacy_tls_warning = [[
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
16 Your connection is encrypted using the %s protocol, which has been demonstrated to be insecure and will be disabled soon. Please upgrade your client.
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
17 ]]
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
18 ```
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
19
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
20 ## Options
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
21
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
22 `legacy_tls_warning`
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
23 : A string. The text of the message sent to clients that use outdated
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
24 TLS versions. Default as in the above example.
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
25
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
26 `legacy_tls_versions`
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
27 : Set of TLS versions, defaults to
5073bbd86970 mod_warn_legacy_tls: Add a README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
28 `{ "SSLv3", "TLSv1", "TLSv1.1" }`{.lua}, i.e. TLS \< 1.2.