prosody
83d6d6a70edf
HACKERS

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

File

HACKERS @ 11749:83d6d6a70edf

net.http: fail open if surrounding code does not configure TLS Previously, if surrounding code was not configuring the TLS context used default in net.http, it would not validate certificates at all. This is not a security issue with prosody, because prosody updates the context with `verify = "peer"` as well as paths to CA certificates in util.startup.init_http_client. Nevertheless... Let's not leave this pitfall out there in the open.
author Jonas Schäfer <jonas@wielicki.name>
date Sun, 29 Aug 2021 15:04:47 +0200
parent 9858:54147de1d1b1
line wrap: on
line source

Welcome hackers!

This project accepts and *encourages* contributions. If you would like to get 
involved you can join us on our mailing list and discussion rooms. More 
information on these at https://prosody.im/discuss

Patches are welcome, though before sending we would appreciate if you read 
docs/coding_style.md for guidelines on how to format your code, and other tips.

Documentation for developers can be found at https://prosody.im/doc/developers

Have fun :)