aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKim Alvefur <zash@zash.se>2014-05-11 18:51:08 +0200
committerKim Alvefur <zash@zash.se>2014-05-11 18:51:08 +0200
commitc9891dd868041285f928b0f6661eee88e7c2a119 (patch)
tree230f2857d449ac90f5c2c882faa107ad2fd263a4
parent3224f0cee2dccb23550debe2c59333bef25921c2 (diff)
downloadprosody-c9891dd868041285f928b0f6661eee88e7c2a119.tar.gz
prosody-c9891dd868041285f928b0f6661eee88e7c2a119.zip
mod_admin_telnet: Add s2s:show_tls() for showing ciphers used on s2s connections
-rw-r--r--plugins/mod_admin_telnet.lua26
1 files changed, 24 insertions, 2 deletions
diff --git a/plugins/mod_admin_telnet.lua b/plugins/mod_admin_telnet.lua
index db7c3425..4bf939e9 100644
--- a/plugins/mod_admin_telnet.lua
+++ b/plugins/mod_admin_telnet.lua
@@ -223,6 +223,7 @@ function commands.help(session, data)
print [[c2s:close(jid) - Close all sessions for the specified JID]]
elseif section == "s2s" then
print [[s2s:show(domain) - Show all s2s connections for the given domain (or all if no domain given)]]
+ print [[s2s:show_tls(domain) - Show TLS cipher info for encrypted sessions]]
print [[s2s:close(from, to) - Close a connection from one domain to another]]
print [[s2s:closeall(host) - Close all the incoming/outgoing s2s sessions to specified host]]
elseif section == "module" then
@@ -517,6 +518,22 @@ local function session_flags(session, line)
return table.concat(line, " ");
end
+local function tls_info(session, line)
+ line = line or {};
+ if session.secure then
+ local sock = session.conn and session.conn.socket and session.conn:socket();
+ if sock and sock.info then
+ local info = sock:info();
+ line[#line+1] = ("(%s with %s)"):format(info.protocol, info.cipher);
+ else
+ line[#line+1] = "(cipher info unavailable)";
+ end
+ else
+ line[#line+1] = "(insecure)";
+ end
+ return table.concat(line, " ");
+end
+
def_env.c2s = {};
local function show_c2s(callback)
@@ -591,8 +608,9 @@ end
def_env.s2s = {};
-function def_env.s2s:show(match_jid)
+function def_env.s2s:show(match_jid, annotate)
local print = self.session.print;
+ annotate = annotate or session_flags;
local count_in, count_out = 0,0;
local s2s_list = { };
@@ -610,7 +628,7 @@ function def_env.s2s:show(match_jid)
remotehost, localhost = session.from_host or "?", session.to_host or "?";
end
local sess_lines = { l = localhost, r = remotehost,
- session_flags(session, { "", direction, remotehost or "?",
+ annotate(session, { "", direction, remotehost or "?",
"["..session.type..tostring(session):match("[a-f0-9]*$").."]" })};
if (not match_jid) or remotehost:match(match_jid) or localhost:match(match_jid) then
@@ -666,6 +684,10 @@ function def_env.s2s:show(match_jid)
return true, "Total: "..count_out.." outgoing, "..count_in.." incoming connections";
end
+function def_env.s2s:show_tls(match_jid)
+ return self:show(match_jid, tls_info);
+end
+
local function print_subject(print, subject)
for _, entry in ipairs(subject) do
print(