Mercurial > prosody-wiki
annotate mod_watchuntrusted.wiki @ 401:f7bca760e9b5
mod_watchuntrusted: Created a wiki page describing this module
author | thijsalkemade@gmail.com |
---|---|
date | Wed, 11 Sep 2013 23:32:56 +0000 |
parents | |
children |
rev | line source |
---|---|
401
f7bca760e9b5
mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff
changeset
|
1 #summary Warn admins about outgoing s2s connections that are refused due to invalid or untrusted certificates |
f7bca760e9b5
mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff
changeset
|
2 #labels Stage-Alpha |
f7bca760e9b5
mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff
changeset
|
3 |
f7bca760e9b5
mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff
changeset
|
4 = Introduction = |
f7bca760e9b5
mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff
changeset
|
5 |
f7bca760e9b5
mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff
changeset
|
6 Similar to mod_watchregistrations, this module warns admins when an s2s connection fails due for encryption or trust reasons. |
f7bca760e9b5
mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff
changeset
|
7 |
f7bca760e9b5
mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff
changeset
|
8 The certificate shows the SHA1 hash, so it can easily be used together with mod_s2s_auth_fingerprint. |
f7bca760e9b5
mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff
changeset
|
9 |
f7bca760e9b5
mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff
changeset
|
10 = Configuration = |
f7bca760e9b5
mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff
changeset
|
11 |
f7bca760e9b5
mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff
changeset
|
12 {{{ |
f7bca760e9b5
mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff
changeset
|
13 modules_enabled = { |
f7bca760e9b5
mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff
changeset
|
14 -- other modules -- |
f7bca760e9b5
mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff
changeset
|
15 "watchuntrusted", |
f7bca760e9b5
mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff
changeset
|
16 |
f7bca760e9b5
mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff
changeset
|
17 } |
f7bca760e9b5
mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff
changeset
|
18 |
f7bca760e9b5
mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff
changeset
|
19 untrusted_fail_watchers = { "admin@example.lit" } |
f7bca760e9b5
mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff
changeset
|
20 untrusted_fail_notification = "Establishing a secure connection from $from_host to $to_host failed. Certificate hash: $sha1. $errors" |
f7bca760e9b5
mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff
changeset
|
21 }}} |
f7bca760e9b5
mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff
changeset
|
22 |
f7bca760e9b5
mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff
changeset
|
23 || *Option* || *Default* || *Description* || |
f7bca760e9b5
mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff
changeset
|
24 || untrusted_fail_watchers || All admins || The users to send the message to || |
f7bca760e9b5
mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff
changeset
|
25 || untrusted_fail_notification || "Establishing a secure connection from $from_host to $to_host failed. Certificate hash: $sha1. $errors" || The message to send, $from_host, $to_host, $sha1 and $errors are replaced || |
f7bca760e9b5
mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff
changeset
|
26 |
f7bca760e9b5
mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff
changeset
|
27 |
f7bca760e9b5
mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff
changeset
|
28 = Compatibility = |
f7bca760e9b5
mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff
changeset
|
29 |
f7bca760e9b5
mod_watchuntrusted: Created a wiki page describing this module
thijsalkemade@gmail.com
parents:
diff
changeset
|
30 ||trunk||Works|| |