prosody
783706350faa
plugins/mod_s2s.lua
Software / code / prosody
Comparison
plugins/mod_s2s.lua @ 13444:783706350faa
mod_s2s: Comment on why we avoid hostnames in stanza bounce messages
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sat, 24 Feb 2024 17:45:50 +0100 |
| parent | 13382:f70311588c77 |
| child | 13504:2159a206684e |
comparison
equal
deleted
inserted
replaced
| 13443:98a6ec4ce140 | 13444:783706350faa |
|---|---|
| 1013 -- XEP-0178 recommends closing outgoing connections without warning | 1013 -- XEP-0178 recommends closing outgoing connections without warning |
| 1014 -- but does not give a rationale for this. | 1014 -- but does not give a rationale for this. |
| 1015 -- In practice most cases are configuration mistakes or forgotten | 1015 -- In practice most cases are configuration mistakes or forgotten |
| 1016 -- certificate renewals. We think it's better to let the other party | 1016 -- certificate renewals. We think it's better to let the other party |
| 1017 -- know about the problem so that they can fix it. | 1017 -- know about the problem so that they can fix it. |
| 1018 -- | |
| 1019 -- Note: Bounce message must not include name of server, as it may leak half your JID in semi-anon MUCs. | |
| 1018 session:close({ condition = "not-authorized", text = "Your server's certificate "..reason }, | 1020 session:close({ condition = "not-authorized", text = "Your server's certificate "..reason }, |
| 1019 nil, "Remote server's certificate "..reason); | 1021 nil, "Remote server's certificate "..reason); |
| 1020 return false; | 1022 return false; |
| 1021 end | 1023 end |
| 1022 end | 1024 end |
