Mercurial > prosody-modules

view mod_secure_interfaces/mod_secure_interfaces.lua @ 3953:2c6d5734ae04

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_rest: Add JSON mapping of XEP-0128: Service Discovery Extensions Example XEP-0157 payload: { "disco" : { "extensions" : { "http://jabber.org/network/serverinfo" : { "abuse-addresses" : [ "mailto:abuse@shakespeare.lit", "xmpp:abuse@shakespeare.lit" ], "admin-addresses" : [ "mailto:admin@shakespeare.lit", "xmpp:admin@shakespeare.lit" ], "feedback-addresses" : [ "http://shakespeare.lit/feedback.php", "mailto:feedback@shakespeare.lit", "xmpp:feedback@shakespeare.lit" ], "sales-addresses" : [ "xmpp:bard@shakespeare.lit" ], "security-addresses" : [ "xmpp:security@shakespeare.lit" ], "support-addresses" : [ "http://shakespeare.lit/support.php", "xmpp:support@shakespeare.lit" ] } } } }
author Kim Alvefur <zash@zash.se>
date Mon, 23 Mar 2020 19:03:04 +0100
parents 6c806a99f802
children
line wrap: on
line source

local secure_interfaces = module:get_option_set("secure_interfaces", { "127.0.0.1", "::1" });

module:hook("stream-features", function (event)
	local session = event.origin;
	if session.type ~= "c2s_unauthed" then return; end
	local socket = session.conn:socket();
	if not socket.getsockname then
		module:log("debug", "Unable to determine local address of incoming connection");
		return;
	end
	local localip = socket:getsockname();
	if secure_interfaces:contains(localip) then
		module:log("debug", "Marking session from %s to %s as secure", session.ip or "[?]", localip);
		session.secure = true;
		session.conn.starttls = false;
	else
		module:log("debug", "Not marking session from %s to %s as secure", session.ip or "[?]", localip);
	end
end, 2500);