Mercurial > prosody-modules

view mod_sslv3_warn/mod_sslv3_warn.lua @ 5223:8b2a36847912

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_http_oauth2: Support HTTP Basic auth on token endpoint This is described in RFC 6749 section 2.3.1 and draft-ietf-oauth-v2-1-07 2.3.1 as the recommended way to transmit the client's credentials. The older spec even calls it the "client password", but the new spec clarifies that this is just another term for the client secret.
author Matthew Wild <mwild1@gmail.com>
date Tue, 07 Mar 2023 15:27:50 +0000
parents 37cef218ba20
children
line wrap: on
line source

local st = require"util.stanza";
local host = module.host;

local warning_message = module:get_option_string("sslv3_warning", "Your connection is encrypted using the SSL 3.0 protocol, which has been demonstrated to be insecure and will be disabled soon.  Please upgrade your client.");

module:hook("resource-bind", function (event)
	local session = event.session;
	module:log("debug", "mod_%s sees that %s logged in", module.name, session.username);

	local ok, protocol = pcall(function(session)
		return session.conn:socket():info"protocol";
	end, session);
	if not ok then
		module:log("debug", protocol);
	elseif protocol == "SSLv3" then
		module:add_timer(15, function ()
			if session.type == "c2s" and session.resource then
				session.send(st.message({ from = host, type = "headline", to = session.full_jid }, warning_message));
			end
		end);
	end
end);