prosody
83d6d6a70edf
AUTHORS

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

File

AUTHORS @ 11749:83d6d6a70edf

net.http: fail open if surrounding code does not configure TLS Previously, if surrounding code was not configuring the TLS context used default in net.http, it would not validate certificates at all. This is not a security issue with prosody, because prosody updates the context with `verify = "peer"` as well as paths to CA certificates in util.startup.init_http_client. Nevertheless... Let's not leave this pitfall out there in the open.
author Jonas Schäfer <jonas@wielicki.name>
date Sun, 29 Aug 2021 15:04:47 +0200
parent 5403:d7ecf6cd584e
line wrap: on
line source


The Prosody project is open to contributions (see HACKERS file), but is
maintained daily by:

  - Matthew Wild (mail: matthew [at] prosody.im)
  - Waqas Hussain (mail: waqas [at] prosody.im)
  - Kim Alvefur (mail: zash [at] prosody.im)

You can reach us collectively by email: developers [at] prosody.im
or in realtime in the Prosody chatroom: prosody@conference.prosody.im