prosody-modules
ffd0184cd478
mod_warn_legacy_tls/mod_warn_legacy_tls.lua
Software / code / prosody-modules
File
mod_warn_legacy_tls/mod_warn_legacy_tls.lua @ 6111:ffd0184cd478
mod_compliance_latest: New module that depends on and therefore loads the latest compliance tester mod.
diff --git a/mod_compliance_latest/README.md b/mod_compliance_latest/README.md
new file mode 100644
--- /dev/null
+++ b/mod_compliance_latest/README.md
@@ -0,0 +1,25 @@
+---
+summary: XMPP Compliance Suites self-test
+labels:
+- Stage-Beta
+rockspec:
+ dependencies:
+ - mod_compliance_2023
+...
+
+# Introduction
+
+This module will always require and load to the lastest compliance tester we have in the community modules.
+Currently this is [mod_compliance_2023].
+
+# Configuration
+
+Just load this module as any other module and it will automatically install [mod_compliance_2023] if you use the Prosody plugin installer.
+See the linked module for further details.
+
+# Compatibility
+
+ Prosody-Version Status
+ --------------- ----------------------
+ trunk Works as of 2024-12-22
+ 0.12 Works
diff --git a/mod_compliance_latest/mod_compliance_latest.lua b/mod_compliance_latest/mod_compliance_latest.lua
new file mode 100644
--- /dev/null
+++ b/mod_compliance_latest/mod_compliance_latest.lua
@@ -0,0 +1,1 @@
+module:depends("compliance_2023");
| author | Menel <menel@snikket.de> |
|---|---|
| date | Sun, 22 Dec 2024 18:12:42 +0100 |
| parent | 3731:406b32b50457 |
line wrap: on
line source
local st = require"util.stanza"; local host = module.host; local deprecated_protocols = module:get_option_set("legacy_tls_versions", { "SSLv3", "TLSv1", "TLSv1.1" }); local warning_message = module:get_option_string("legacy_tls_warning", "Your connection is encrypted using the %s protocol, which has known problems and will be disabled soon. Please upgrade your client."); module:hook("resource-bind", function (event) local session = event.session; module:log("debug", "mod_%s sees that %s logged in", module.name, session.username); local ok, protocol = pcall(function(session) return session.conn:socket():info"protocol"; end, session); if not ok then module:log("debug", "Could not determine TLS version: %s", protocol); elseif deprecated_protocols:contains(protocol) then session.log("warn", "Uses %s", protocol); module:add_timer(15, function () if session.type == "c2s" and session.resource then session.send(st.message({ from = host, type = "headline", to = session.full_jid }, warning_message:format(protocol))); end end); else module:log("debug", "Using acceptable TLS version: %s", protocol); end end);
