Mercurial > prosody-modules
view mod_s2s_log_certs/README.markdown @ 5243:d5dc8edb2695
mod_http_oauth2: Use more compact IDs
UUIDs are nice but so verbose!
The reduction in entropy for the nonce should be fine since the
timestamp is also counts towards this, and it changes every second
(modulo clock shenanigans), so the chances of someone managing to get
the same client_secret by registering with the same information at the
same time as another entity should be negligible.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Sat, 11 Mar 2023 22:46:27 +0100 |
parents | ea6b5321db50 |
children |
line wrap: on
line source
--- summary: Log certificate status and fingerprint of remote servers ... Introduction ============ This module produces info level log messages with the certificate status and fingerprint every time an s2s connection is established. It can also optionally store this in persistent storage. **info** jabber.org has a trusted valid certificate with SHA1: 11:C2:3D:87:3F:95:F8:13:F8:CA:81:33:71:36:A7:00:E0:01:95:ED Fingerprints could then be added to [mod\_s2s\_auth\_fingerprint](mod_s2s_auth_fingerprint.html). Configuration ============= Add the module to the `modules_enabled` list. modules_enabled = { ... "s2s_log_certs"; } If you want to keep track of how many times, and when a certificate is seen add `s2s_log_certs_persist = true` Compatibility ============= ------- -------------- trunk Works 0.10 Works 0.9 Works 0.8 Doesn't work ------- --------------