Mercurial > prosody-modules
view mod_s2s_never_encrypt_blacklist/README.markdown @ 4976:75b6e5df65f9
various: Improve error reporting if missing file server module on 0.12
If there is some error loading net.http.files then it would be swallowed
by the pcall and then it would proceed to trying mod_http_files, which
might cause unexpected behavior on 0.12
Ref #1765
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Mon, 18 Jul 2022 22:47:54 +0200 |
parents | 4d73a1a6ba68 |
children |
line wrap: on
line source
--- labels: - 'Stage-Beta' summary: | Stops prosody from including starttls into available features for specified remote servers. ... Details ------- Let's you stop Prosody from sending \<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'\> feature to choppy/buggy servers which therefore would fail to re-negotiate and use a secure stream. (e.g. [OpenFire 3.7.0](http://issues.igniterealtime.org/browse/OF-405)) Usage ----- Copy the plugin into your prosody's modules directory. And add it between your enabled modules into the global section (modules\_enabled). Then list each host as follow: tls_s2s_blacklist = { "host1.tld", "host2.tld", "host3.tld" } In the unfortunate case of OpenFire... you can add the Server's ip address directly as it may not send proper rfc6121 requests. tls_s2s_blacklist_ip = { "a.a.a.a", "b.b.b.b", "c.c.c.c" } Compatibility ------------- It's supposed to work with 0.7-0.8.x