prosody-modules: mod_secure_interfaces/mod_secure_interfaces.lua annotate

annotate mod_secure_interfaces/mod_secure_interfaces.lua @ 3715:f03a023cd523

mod_http_muc_log: Compose page title from room data More flexible than composing the title from name and date in the controller. Also opens the door to using other room data fields.

author	Kim Alvefur <zash@zash.se>
date	Sun, 13 Oct 2019 16:16:14 +0200
parents	6c806a99f802
children

rev	line source
2730 cd828b1cb5b9 mod_secure_interfaces: Add ::1 to the default secure_interfaces. Emmanuel Gil Peyrot <linkmauve@linkmauve.fr> parents: 2726 diff changeset	1 local secure_interfaces = module:get_option_set("secure_interfaces", { "127.0.0.1", "::1" });
1177 a464261deba8 mod_secure_interfaces: New module to mark c2s sessions on given interfaces as 'secure' without encryption Matthew Wild <mwild1@gmail.com> parents: diff changeset	2
a464261deba8 mod_secure_interfaces: New module to mark c2s sessions on given interfaces as 'secure' without encryption Matthew Wild <mwild1@gmail.com> parents: diff changeset	3 module:hook("stream-features", function (event)
a464261deba8 mod_secure_interfaces: New module to mark c2s sessions on given interfaces as 'secure' without encryption Matthew Wild <mwild1@gmail.com> parents: diff changeset	4 local session = event.origin;
a464261deba8 mod_secure_interfaces: New module to mark c2s sessions on given interfaces as 'secure' without encryption Matthew Wild <mwild1@gmail.com> parents: diff changeset	5 if session.type ~= "c2s_unauthed" then return; end
a464261deba8 mod_secure_interfaces: New module to mark c2s sessions on given interfaces as 'secure' without encryption Matthew Wild <mwild1@gmail.com> parents: diff changeset	6 local socket = session.conn:socket();
2726 55f3ab952d06 mod_secure_interfaces: Add debug log in non-secure case also Matthew Wild <mwild1@gmail.com> parents: 1177 diff changeset	7 if not socket.getsockname then
55f3ab952d06 mod_secure_interfaces: Add debug log in non-secure case also Matthew Wild <mwild1@gmail.com> parents: 1177 diff changeset	8 module:log("debug", "Unable to determine local address of incoming connection");
55f3ab952d06 mod_secure_interfaces: Add debug log in non-secure case also Matthew Wild <mwild1@gmail.com> parents: 1177 diff changeset	9 return;
55f3ab952d06 mod_secure_interfaces: Add debug log in non-secure case also Matthew Wild <mwild1@gmail.com> parents: 1177 diff changeset	10 end
1177 a464261deba8 mod_secure_interfaces: New module to mark c2s sessions on given interfaces as 'secure' without encryption Matthew Wild <mwild1@gmail.com> parents: diff changeset	11 local localip = socket:getsockname();
a464261deba8 mod_secure_interfaces: New module to mark c2s sessions on given interfaces as 'secure' without encryption Matthew Wild <mwild1@gmail.com> parents: diff changeset	12 if secure_interfaces:contains(localip) then
2726 55f3ab952d06 mod_secure_interfaces: Add debug log in non-secure case also Matthew Wild <mwild1@gmail.com> parents: 1177 diff changeset	13 module:log("debug", "Marking session from %s to %s as secure", session.ip or "[?]", localip);
1177 a464261deba8 mod_secure_interfaces: New module to mark c2s sessions on given interfaces as 'secure' without encryption Matthew Wild <mwild1@gmail.com> parents: diff changeset	14 session.secure = true;
3415 6c806a99f802 mod_secure_interfaces: Prevent starttls on connections marked secure (fixes #1274) Kim Alvefur <zash@zash.se> parents: 2730 diff changeset	15 session.conn.starttls = false;
2726 55f3ab952d06 mod_secure_interfaces: Add debug log in non-secure case also Matthew Wild <mwild1@gmail.com> parents: 1177 diff changeset	16 else
55f3ab952d06 mod_secure_interfaces: Add debug log in non-secure case also Matthew Wild <mwild1@gmail.com> parents: 1177 diff changeset	17 module:log("debug", "Not marking session from %s to %s as secure", session.ip or "[?]", localip);
1177 a464261deba8 mod_secure_interfaces: New module to mark c2s sessions on given interfaces as 'secure' without encryption Matthew Wild <mwild1@gmail.com> parents: diff changeset	18 end
a464261deba8 mod_secure_interfaces: New module to mark c2s sessions on given interfaces as 'secure' without encryption Matthew Wild <mwild1@gmail.com> parents: diff changeset	19 end, 2500);