aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKim Alvefur <zash@zash.se>2021-10-05 16:30:41 +0200
committerKim Alvefur <zash@zash.se>2021-10-05 16:30:41 +0200
commitcc49e02caeb7f658f01ddea2822b1fa1a2d0d7f6 (patch)
tree520dc057455a2755ae576d4bcf2130bc235875f3
parentcdffc6aac24cc44445d267416e16b52bb1731735 (diff)
downloadprosody-cc49e02caeb7f658f01ddea2822b1fa1a2d0d7f6.tar.gz
prosody-cc49e02caeb7f658f01ddea2822b1fa1a2d0d7f6.zip
mod_s2s_auth_certs: Collect stats on validation results (for #975)
-rw-r--r--plugins/mod_s2s_auth_certs.lua4
1 files changed, 4 insertions, 0 deletions
diff --git a/plugins/mod_s2s_auth_certs.lua b/plugins/mod_s2s_auth_certs.lua
index 37519aa1..992ee934 100644
--- a/plugins/mod_s2s_auth_certs.lua
+++ b/plugins/mod_s2s_auth_certs.lua
@@ -4,6 +4,9 @@ local cert_verify_identity = require "util.x509".verify_identity;
local NULL = {};
local log = module._log;
+local measure_cert_statuses = module:metric("counter", "checked", "", "Certificate validation results",
+ { "chain"; "identity" })
+
module:hook("s2s-check-certificate", function(event)
local session, host, cert = event.session, event.host, event.cert;
local conn = session.conn:socket();
@@ -43,5 +46,6 @@ module:hook("s2s-check-certificate", function(event)
log("debug", "certificate identity validation result: %s", session.cert_identity_status);
end
end
+ measure_cert_statuses:with_labels(session.cert_chain_status or "unknown", session.cert_identity_status or "unknown"):add(1);
end, 509);