mod_c2s,mod_s2s: Collect stats on TLS versions and ciphers

2 files changed, 13 insertions, 0 deletions

diff --git a/plugins/mod_c2s.lua b/plugins/mod_c2s.lua
index 38a275f5..cd4b0f71 100644
--- a/plugins/mod_c2s.lua
+++ b/plugins/mod_c2s.lua
@@ -39,6 +39,12 @@ local stream_callbacks = { default_ns = "jabber:client" };
 local listener = {};
 local runner_callbacks = {};
 
+local m_tls_params = module:metric(
+	"counter", "encrypted", "",
+	"Encrypted connections",
+	{"protocol"; "cipher"}
+);
+
 module:hook("stats-update", function ()
 	-- for push backends, avoid sending out updates for each increment of
 	-- the metric below.
@@ -115,6 +121,7 @@ function stream_callbacks._streamopened(session, attr)
 			local info = sock:info();
 			(session.log or log)("info", "Stream encrypted (%s with %s)", info.protocol, info.cipher);
 			session.compressed = info.compression;
+			m_tls_params:with_labels(info.protocol, info.cipher):add(1)
 		else
 			(session.log or log)("info", "Stream encrypted");
 		end
diff --git a/plugins/mod_s2s.lua b/plugins/mod_s2s.lua
index 9c45fc31..19c94b2d 100644
--- a/plugins/mod_s2s.lua
+++ b/plugins/mod_s2s.lua
@@ -71,6 +71,11 @@ local m_closed_connections = module:metric(
 	"Closed connections",
 	{"host", "direction", "error"}
 );
+local m_tls_params = module:metric(
+	"counter", "encrypted", "",
+	"Encrypted connections",
+	{"protocol"; "cipher"}
+);
 
 local sessions = module:shared("sessions");
 
@@ -384,6 +389,7 @@ function stream_callbacks._streamopened(session, attr)
 			local info = sock:info();
 			(session.log or log)("info", "Stream encrypted (%s with %s)", info.protocol, info.cipher);
 			session.compressed = info.compression;
+			m_tls_params:with_labels(info.protocol, info.cipher):add(1)
 		else
 			(session.log or log)("info", "Stream encrypted");
 		end