diff mod_tls_policy/mod_tls_policy.lua @ 1615:d0fd8a29b724

mod_tls_policy: Include which part of the cipher that did not match the policy in stream error
author Kim Alvefur <zash@zash.se>
date Mon, 23 Feb 2015 15:45:11 +0100
parents c5ca63ac0e1b
children a43ed0d28918
line wrap: on
line diff
--- a/mod_tls_policy/mod_tls_policy.lua	Fri Feb 20 22:45:45 2015 +0000
+++ b/mod_tls_policy/mod_tls_policy.lua	Mon Feb 23 15:45:11 2015 +0100
@@ -16,7 +16,7 @@
 			for key, what in pairs(policy) do
 				module:log("debug", "Does info[%q] = %s match %s ?", key, tostring(info[key]), tostring(what));
 				if (type(what) == "number" and what < info[key] ) or (type(what) == "string" and not info[key]:match(what)) then
-					origin:close({ condition = "policy-violation", text = "Cipher not acceptable" });
+					origin:close({ condition = "policy-violation", text = ("TLS %s '%s' not acceptable"):format(key, tostring(info[key])) });
 					return false;
 				end
 				module:log("debug", "Seems so");