annotate mod_watchuntrusted.wiki @ 455:5f111a4e13fb

mod_s2s_auth_dane.wiki: drep mention of luajit, not required anymore
author Kim Alvefur <zash@zash.se>
date Mon, 19 May 2014 11:28:47 +0200
parents f7bca760e9b5
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
401
f7bca760e9b5 mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff changeset
1 #summary Warn admins about outgoing s2s connections that are refused due to invalid or untrusted certificates
f7bca760e9b5 mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff changeset
2 #labels Stage-Alpha
f7bca760e9b5 mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff changeset
3
f7bca760e9b5 mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff changeset
4 = Introduction =
f7bca760e9b5 mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff changeset
5
f7bca760e9b5 mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff changeset
6 Similar to mod_watchregistrations, this module warns admins when an s2s connection fails due for encryption or trust reasons.
f7bca760e9b5 mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff changeset
7
f7bca760e9b5 mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff changeset
8 The certificate shows the SHA1 hash, so it can easily be used together with mod_s2s_auth_fingerprint.
f7bca760e9b5 mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff changeset
9
f7bca760e9b5 mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff changeset
10 = Configuration =
f7bca760e9b5 mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff changeset
11
f7bca760e9b5 mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff changeset
12 {{{
f7bca760e9b5 mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff changeset
13 modules_enabled = {
f7bca760e9b5 mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff changeset
14 -- other modules --
f7bca760e9b5 mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff changeset
15 "watchuntrusted",
f7bca760e9b5 mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff changeset
16
f7bca760e9b5 mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff changeset
17 }
f7bca760e9b5 mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff changeset
18
f7bca760e9b5 mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff changeset
19 untrusted_fail_watchers = { "admin@example.lit" }
f7bca760e9b5 mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff changeset
20 untrusted_fail_notification = "Establishing a secure connection from $from_host to $to_host failed. Certificate hash: $sha1. $errors"
f7bca760e9b5 mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff changeset
21 }}}
f7bca760e9b5 mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff changeset
22
f7bca760e9b5 mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff changeset
23 || *Option* || *Default* || *Description* ||
f7bca760e9b5 mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff changeset
24 || untrusted_fail_watchers || All admins || The users to send the message to ||
f7bca760e9b5 mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff changeset
25 || untrusted_fail_notification || "Establishing a secure connection from $from_host to $to_host failed. Certificate hash: $sha1. $errors" || The message to send, $from_host, $to_host, $sha1 and $errors are replaced ||
f7bca760e9b5 mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff changeset
26
f7bca760e9b5 mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff changeset
27
f7bca760e9b5 mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff changeset
28 = Compatibility =
f7bca760e9b5 mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff changeset
29
f7bca760e9b5 mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff changeset
30 ||trunk||Works||