Software /
code /
prosody
Comparison
plugins/mod_s2s/mod_s2s.lua @ 10472:676e6a1b23d4
mod_s2s: Log from session logger
Helps locating all messages related to a specific session
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Sat, 30 Nov 2019 23:33:39 +0100 |
parent | 10471:ae906d51e3d2 |
child | 10473:b2dd1219a321 |
comparison
equal
deleted
inserted
replaced
10471:ae906d51e3d2 | 10472:676e6a1b23d4 |
---|---|
762 must_secure = false; | 762 must_secure = false; |
763 end | 763 end |
764 | 764 |
765 if must_secure and (session.cert_chain_status ~= "valid" or session.cert_identity_status ~= "valid") then | 765 if must_secure and (session.cert_chain_status ~= "valid" or session.cert_identity_status ~= "valid") then |
766 local reason = friendly_cert_error(session); | 766 local reason = friendly_cert_error(session); |
767 module:log("warn", "Forbidding insecure connection to/from %s because its certificate %s", host or session.ip or "(unknown host)", reason); | 767 session.log("warn", "Forbidding insecure connection to/from %s because its certificate %s", host or session.ip or "(unknown host)", reason); |
768 -- XEP-0178 recommends closing outgoing connections without warning | 768 -- XEP-0178 recommends closing outgoing connections without warning |
769 -- but does not give a rationale for this. | 769 -- but does not give a rationale for this. |
770 -- In practice most cases are configuration mistakes or forgotten | 770 -- In practice most cases are configuration mistakes or forgotten |
771 -- certificate renewals. We think it's better to let the other party | 771 -- certificate renewals. We think it's better to let the other party |
772 -- know about the problem so that they can fix it. | 772 -- know about the problem so that they can fix it. |