prosody
d8029b2e0f43
plugins/mod_tls.lua
Software / code / prosody
Comparison
plugins/mod_tls.lua @ 7898:d8029b2e0f43
mod_tls: Log reasons for not being able to do TLS
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Wed, 15 Feb 2017 23:03:22 +0100 |
| parent | 7869:eb5fba4c8074 |
| child | 7913:64daa21450f9 |
comparison
equal
deleted
inserted
replaced
| 7897:08bde6a6fd56 | 7898:d8029b2e0f43 |
|---|---|
| 61 if not ssl_ctx_s2sin then module:log("error", "Error creating contexts for s2sin: %s", err); end | 61 if not ssl_ctx_s2sin then module:log("error", "Error creating contexts for s2sin: %s", err); end |
| 62 end | 62 end |
| 63 | 63 |
| 64 local function can_do_tls(session) | 64 local function can_do_tls(session) |
| 65 if not session.conn.starttls then | 65 if not session.conn.starttls then |
| 66 session.log("debug", "Underlying connection does not support STARTTLS"); | |
| 66 return false; | 67 return false; |
| 67 elseif session.ssl_ctx ~= nil then | 68 elseif session.ssl_ctx ~= nil then |
| 68 return session.ssl_ctx; | 69 return session.ssl_ctx; |
| 69 end | 70 end |
| 70 if session.type == "c2s_unauthed" then | 71 if session.type == "c2s_unauthed" then |
| 75 session.ssl_cfg = ssl_cfg_s2sin; | 76 session.ssl_cfg = ssl_cfg_s2sin; |
| 76 elseif session.direction == "outgoing" and allow_s2s_tls then | 77 elseif session.direction == "outgoing" and allow_s2s_tls then |
| 77 session.ssl_ctx = ssl_ctx_s2sout; | 78 session.ssl_ctx = ssl_ctx_s2sout; |
| 78 session.ssl_cfg = ssl_cfg_s2sout; | 79 session.ssl_cfg = ssl_cfg_s2sout; |
| 79 else | 80 else |
| 81 session.log("debug", "Unknown session type, don't know which TLS context to use"); | |
| 80 return false; | 82 return false; |
| 81 end | 83 end |
| 82 if not session.ssl_ctx then | 84 if not session.ssl_ctx then |
| 83 session.log("debug", "Should be able to do TLS but no context available"); | 85 session.log("debug", "Should be able to do TLS but no context available"); |
| 84 return false; | 86 return false; |
