# HG changeset patch
# User Kim Alvefur <zash@zash.se>
# Date 1429701647 -7200
# Node ID 116488cced160cf32c4d174852fafab5e518d52f
# Parent  7f4c64cfed09fb06f6d6906fb9f2c11a482f4e86
mod_watchuntrusted: Only notify once per host per day

diff -r 7f4c64cfed09 -r 116488cced16 mod_watchuntrusted/mod_watchuntrusted.lua
--- a/mod_watchuntrusted/mod_watchuntrusted.lua	Mon Apr 13 13:36:38 2015 +0200
+++ b/mod_watchuntrusted/mod_watchuntrusted.lua	Wed Apr 22 13:20:47 2015 +0200
@@ -9,6 +9,8 @@
 
 local st = require "util.stanza";
 
+local notified_about_already = { };
+
 module:hook_global("s2s-check-certificate", function (event)
     local session, host = event.session, event.host;
     local conn = session.conn:socket();
@@ -25,7 +27,8 @@
             must_secure = false;
     end
 
-    if must_secure and (session.cert_chain_status ~= "valid" or session.cert_identity_status ~= "valid") then
+    if must_secure and (session.cert_chain_status ~= "valid" or session.cert_identity_status ~= "valid") and not notified_about_already[host] then
+		notified_about_already[host] = os.time();
 		local _, errors = conn:getpeerverification();
 		local error_message = "";
 
@@ -54,3 +57,10 @@
 	end
 end, -0.5);
 
+module:add_timer(14400, function (now)
+	for host, time in pairs(notified_about_already) do
+		if time + 86400 > now then
+			notified_about_already[host] = nil;
+		end
+	end
+end)