Comparison

plugins/mod_s2s/mod_s2s.lua @ 10472:676e6a1b23d4

mod_s2s: Log from session logger Helps locating all messages related to a specific session
author Kim Alvefur <zash@zash.se>
date Sat, 30 Nov 2019 23:33:39 +0100
parent 10471:ae906d51e3d2
child 10473:b2dd1219a321
comparison
equal deleted inserted replaced
10471:ae906d51e3d2 10472:676e6a1b23d4
762 must_secure = false; 762 must_secure = false;
763 end 763 end
764 764
765 if must_secure and (session.cert_chain_status ~= "valid" or session.cert_identity_status ~= "valid") then 765 if must_secure and (session.cert_chain_status ~= "valid" or session.cert_identity_status ~= "valid") then
766 local reason = friendly_cert_error(session); 766 local reason = friendly_cert_error(session);
767 module:log("warn", "Forbidding insecure connection to/from %s because its certificate %s", host or session.ip or "(unknown host)", reason); 767 session.log("warn", "Forbidding insecure connection to/from %s because its certificate %s", host or session.ip or "(unknown host)", reason);
768 -- XEP-0178 recommends closing outgoing connections without warning 768 -- XEP-0178 recommends closing outgoing connections without warning
769 -- but does not give a rationale for this. 769 -- but does not give a rationale for this.
770 -- In practice most cases are configuration mistakes or forgotten 770 -- In practice most cases are configuration mistakes or forgotten
771 -- certificate renewals. We think it's better to let the other party 771 -- certificate renewals. We think it's better to let the other party
772 -- know about the problem so that they can fix it. 772 -- know about the problem so that they can fix it.