Mercurial > prosody-modules
annotate mod_disable_tls/mod_disable_tls.lua @ 5748:dfbced5e54b9
mod_audit_auth: Ignore FAST authentication events by default
FAST is more like a cookie that allows linking new connections to a previous
(e.g. password) authentication. Since we assume that FAST tokens are secure
(not user generated) and not shareable, it reduces a lot of noise by filtering
out uninteresting authentication events.
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Fri, 01 Dec 2023 11:34:52 +0000 |
| parents | 25be5fde250f |
| children |
| rev | line source |
|---|---|
|
1482
25be5fde250f
mod_disable_tls: Default to empty set if disable_tls_ports not present in config (fixes traceback)
Matthew Wild <mwild1@gmail.com>
parents:
1481
diff
changeset
|
1 local disable_tls_ports = module:get_option_set("disable_tls_ports", {}); |
|
1481
e10e74583b5f
mod_disable_tls: New module to disable c2s TLS by port number
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
2 |
|
e10e74583b5f
mod_disable_tls: New module to disable c2s TLS by port number
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
3 module:hook("stream-features", function (event) |
|
e10e74583b5f
mod_disable_tls: New module to disable c2s TLS by port number
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
4 if disable_tls_ports:contains(event.origin.conn:serverport()) then |
|
e10e74583b5f
mod_disable_tls: New module to disable c2s TLS by port number
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
5 module:log("error", "Disabling TLS for client on port %d", event.origin.conn:serverport()); |
|
e10e74583b5f
mod_disable_tls: New module to disable c2s TLS by port number
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
6 event.origin.conn.starttls = false; |
|
e10e74583b5f
mod_disable_tls: New module to disable c2s TLS by port number
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
7 end |
|
e10e74583b5f
mod_disable_tls: New module to disable c2s TLS by port number
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
8 end, 1000); |