prosody-modules
5fbca7de2088
mod_watchuntrusted/README.markdown

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody-modules

File

mod_watchuntrusted/README.markdown @ 2491:5fbca7de2088

mod_smacks: Send out more ack requests where needed Under some circumstances it was possible that more than "max_unacked_stanzas" where left in the outgoing stanza queue without forcing an ack. This could happen, when more stanzas entered the queue while the last ack request was still unanswered. Now the test "#queue > max_unacked_stanzas" is done upon receiving an ack as well as when sending out stanzas, which fixes this bug.
author tmolitor <thilo@eightysoft.de>
date Sun, 12 Feb 2017 19:27:50 +0100
parent 1803:4d73a1a6ba68
child 3020:ec671ad1a8a9
line wrap: on
line source

---
labels:
- 'Stage-Alpha'
summary: |
    Warn admins about outgoing s2s connections that are refused due to
    invalid or untrusted certificates
...

Introduction
============

Similar to mod\_watchregistrations, this module warns admins when an s2s
connection fails due for encryption or trust reasons.

The certificate shows the SHA1 hash, so it can easily be used together
with mod\_s2s\_auth\_fingerprint.

Configuration
=============

    modules_enabled = {
        -- other modules --
        "watchuntrusted",

    }

    untrusted_fail_watchers = { "admin@example.lit" }
    untrusted_fail_notification = "Establishing a secure connection from $from_host to $to_host failed. Certificate hash: $sha1. $errors"

  Option                          Default                                                                                                         Description
  ------------------------------- --------------------------------------------------------------------------------------------------------------- ---------------------------------------------------------------------------------
  untrusted\_fail\_watchers       All admins                                                                                                      The users to send the message to
  untrusted\_fail\_notification   "Establishing a secure connection from \$from\_host to \$to\_host failed. Certificate hash: \$sha1. \$errors"   The message to send, \$from\_host, \$to\_host, \$sha1 and \$errors are replaced

Compatibility
=============

  ------- -------
  trunk   Works
  ------- -------