Software /
code /
prosody-modules
File
mod_warn_legacy_tls/mod_warn_legacy_tls.lua @ 4832:bfd4af4caddc
mod_password_policy: Support for additional policies provided by other modules
E.g. check a password contains an uppercase character:
module:provides("password-policy", {
name = "contains_uppercase";
check_password = function (password, policy)
return (policy ~= true) or (not not password:match("%u"));
end;
})
Config:
password_policy = {
contains_uppercase = true;
}
author | Matthew Wild <mwild1@gmail.com> |
---|---|
date | Wed, 22 Dec 2021 14:48:46 +0000 |
parent | 3731:406b32b50457 |
line wrap: on
line source
local st = require"util.stanza"; local host = module.host; local deprecated_protocols = module:get_option_set("legacy_tls_versions", { "SSLv3", "TLSv1", "TLSv1.1" }); local warning_message = module:get_option_string("legacy_tls_warning", "Your connection is encrypted using the %s protocol, which has known problems and will be disabled soon. Please upgrade your client."); module:hook("resource-bind", function (event) local session = event.session; module:log("debug", "mod_%s sees that %s logged in", module.name, session.username); local ok, protocol = pcall(function(session) return session.conn:socket():info"protocol"; end, session); if not ok then module:log("debug", "Could not determine TLS version: %s", protocol); elseif deprecated_protocols:contains(protocol) then session.log("warn", "Uses %s", protocol); module:add_timer(15, function () if session.type == "c2s" and session.resource then session.send(st.message({ from = host, type = "headline", to = session.full_jid }, warning_message:format(protocol))); end end); else module:log("debug", "Using acceptable TLS version: %s", protocol); end end);