Mercurial > prosody-modules
view mod_s2s_auth_fingerprint/README.markdown @ 3953:2c6d5734ae04
mod_rest: Add JSON mapping of XEP-0128: Service Discovery Extensions
Example XEP-0157 payload:
{
"disco" : {
"extensions" : {
"http://jabber.org/network/serverinfo" : {
"abuse-addresses" : [
"mailto:abuse@shakespeare.lit",
"xmpp:abuse@shakespeare.lit"
],
"admin-addresses" : [
"mailto:admin@shakespeare.lit",
"xmpp:admin@shakespeare.lit"
],
"feedback-addresses" : [
"http://shakespeare.lit/feedback.php",
"mailto:feedback@shakespeare.lit",
"xmpp:feedback@shakespeare.lit"
],
"sales-addresses" : [
"xmpp:bard@shakespeare.lit"
],
"security-addresses" : [
"xmpp:security@shakespeare.lit"
],
"support-addresses" : [
"http://shakespeare.lit/support.php",
"xmpp:support@shakespeare.lit"
]
}
}
}
}
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Mon, 23 Mar 2020 19:03:04 +0100 |
| parents | 8de50be756e5 |
| children |
line wrap: on
line source
--- labels: - 'Stage-Alpha' - 'Type-S2SAuth' summary: Fingerprint based s2s authentication ... Introduction ============ This module allows you to manually pin certificate fingerprints of remote servers. Details ======= Servers not listed in the configuration are not affected. Configuration ============= After installing and enabling this module, you can put fingerprints of remote servers in your config like this: ``` {.lua} s2s_auth_fingerprint_digest = "sha1" -- This is the default. Other options are "sha256" and "sha512" s2s_trusted_fingerprints = { ["jabber.org"] = "11:C2:3D:87:3F:95:F8:13:F8:CA:81:33:71:36:A7:00:E0:01:95:ED"; ["matthewwild.co.uk"] = { "FD:7F:B2:B9:4C:C4:CB:E2:E7:48:FB:0D:98:11:C7:D8:4D:2A:62:AA"; "CF:F3:EC:43:A9:D5:D1:4D:D4:57:09:55:52:BC:5D:73:06:1A:A1:A0"; }; } -- If you don't want to fall back to dialback, you can list the domains s2s_secure_domains too s2s_secure_domains = { "jabber.org"; } ``` Compatibility ============= ------- -------------- trunk Works 0.9 Works 0.8 Doesn't work ------- --------------