Software /
code /
prosody
File
tools/http-status-codes.lua @ 11749:83d6d6a70edf
net.http: fail open if surrounding code does not configure TLS
Previously, if surrounding code was not configuring the TLS context
used default in net.http, it would not validate certificates at all.
This is not a security issue with prosody, because prosody updates the
context with `verify = "peer"` as well as paths to CA certificates in
util.startup.init_http_client.
Nevertheless... Let's not leave this pitfall out there in the open.
author | Jonas Schäfer <jonas@wielicki.name> |
---|---|
date | Sun, 29 Aug 2021 15:04:47 +0200 |
parent | 9166:cce55767004a |
child | 12271:f31bb79f51d7 |
line wrap: on
line source
-- Generate net/http/codes.lua from IANA HTTP status code registry local xml = require "util.xml"; local registry = xml.parse(io.read("*a")); io.write([[ local response_codes = { -- Source: http://www.iana.org/assignments/http-status-codes ]]); for record in registry:get_child("registry"):childtags("record") do -- Extract values local value = record:get_child_text("value"); local description = record:get_child_text("description"); local ref = record:get_child_text("xref"); local code = tonumber(value); -- Space between major groups if code and code % 100 == 0 then io.write("\n"); end -- Reserved and Unassigned entries should be not be included if description == "Reserved" or description == "Unassigned" or description == "(Unused)" then code = nil; end -- Non-empty references become comments if ref and ref:find("%S") then ref = " -- " .. ref; else ref = ""; end io.write((code and "\t[%d] = %q;%s\n" or "\t-- [%s] = %q;%s\n"):format(code or value, description, ref)); end io.write([[}; for k,v in pairs(response_codes) do response_codes[k] = k.." "..v; end return setmetatable(response_codes, { __index = function(_, k) return k.." Unassigned"; end }) ]]);