Software / code / prosody-modules
Changeset
1525:37cef218ba20
mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Wed, 15 Oct 2014 11:37:39 +0200 |
| parents | 1524:604a8cee9d58 |
| children | 1526:120817435151 |
| files | mod_sslv3_warn/mod_sslv3_warn.lua |
| diffstat | 1 files changed, 22 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/mod_sslv3_warn/mod_sslv3_warn.lua Wed Oct 15 11:37:39 2014 +0200 @@ -0,0 +1,22 @@ +local st = require"util.stanza"; +local host = module.host; + +local warning_message = module:get_option_string("sslv3_warning", "Your connection is encrypted using the SSL 3.0 protocol, which has been demonstrated to be insecure and will be disabled soon. Please upgrade your client."); + +module:hook("resource-bind", function (event) + local session = event.session; + module:log("debug", "mod_%s sees that %s logged in", module.name, session.username); + + local ok, protocol = pcall(function(session) + return session.conn:socket():info"protocol"; + end, session); + if not ok then + module:log("debug", protocol); + elseif protocol == "SSLv3" then + module:add_timer(15, function () + if session.type == "c2s" and session.resource then + session.send(st.message({ from = host, type = "headline", to = session.full_jid }, warning_message)); + end + end); + end +end);
