prosody
ae906d51e3d2
plugins/mod_s2s/mod_s2s.lua
Software / code / prosody
Comparison
plugins/mod_s2s/mod_s2s.lua @ 10471:ae906d51e3d2
mod_s2s: Improve log message about forbidding insecure connections
This new wording generator is nice.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sat, 30 Nov 2019 23:29:15 +0100 |
| parent | 10465:09697a673015 |
| child | 10472:676e6a1b23d4 |
comparison
equal
deleted
inserted
replaced
| 10470:5267f12b038d | 10471:ae906d51e3d2 |
|---|---|
| 761 elseif must_secure and insecure_domains[host] then | 761 elseif must_secure and insecure_domains[host] then |
| 762 must_secure = false; | 762 must_secure = false; |
| 763 end | 763 end |
| 764 | 764 |
| 765 if must_secure and (session.cert_chain_status ~= "valid" or session.cert_identity_status ~= "valid") then | 765 if must_secure and (session.cert_chain_status ~= "valid" or session.cert_identity_status ~= "valid") then |
| 766 module:log("warn", "Forbidding insecure connection to/from %s", host or session.ip or "(unknown host)"); | |
| 767 local reason = friendly_cert_error(session); | 766 local reason = friendly_cert_error(session); |
| 767 module:log("warn", "Forbidding insecure connection to/from %s because its certificate %s", host or session.ip or "(unknown host)", reason); | |
| 768 -- XEP-0178 recommends closing outgoing connections without warning | 768 -- XEP-0178 recommends closing outgoing connections without warning |
| 769 -- but does not give a rationale for this. | 769 -- but does not give a rationale for this. |
| 770 -- In practice most cases are configuration mistakes or forgotten | 770 -- In practice most cases are configuration mistakes or forgotten |
| 771 -- certificate renewals. We think it's better to let the other party | 771 -- certificate renewals. We think it's better to let the other party |
| 772 -- know about the problem so that they can fix it. | 772 -- know about the problem so that they can fix it. |
