diff options
author | Kim Alvefur <zash@zash.se> | 2021-06-16 00:00:17 +0200 |
---|---|---|
committer | Kim Alvefur <zash@zash.se> | 2021-06-16 00:00:17 +0200 |
commit | aa041ffa1060e07be9a02ef6b523623f364f962a (patch) | |
tree | 44c07acee9815639210d9487210291f65f4e78eb | |
parent | df48c1e8670e9e9a84fb4b9058116efe99ff91ec (diff) | |
download | prosody-aa041ffa1060e07be9a02ef6b523623f364f962a.tar.gz prosody-aa041ffa1060e07be9a02ef6b523623f364f962a.zip |
mod_c2s,mod_s2s: Collect stats on TLS versions and ciphers
-rw-r--r-- | plugins/mod_c2s.lua | 7 | ||||
-rw-r--r-- | plugins/mod_s2s.lua | 6 |
2 files changed, 13 insertions, 0 deletions
diff --git a/plugins/mod_c2s.lua b/plugins/mod_c2s.lua index 38a275f5..cd4b0f71 100644 --- a/plugins/mod_c2s.lua +++ b/plugins/mod_c2s.lua @@ -39,6 +39,12 @@ local stream_callbacks = { default_ns = "jabber:client" }; local listener = {}; local runner_callbacks = {}; +local m_tls_params = module:metric( + "counter", "encrypted", "", + "Encrypted connections", + {"protocol"; "cipher"} +); + module:hook("stats-update", function () -- for push backends, avoid sending out updates for each increment of -- the metric below. @@ -115,6 +121,7 @@ function stream_callbacks._streamopened(session, attr) local info = sock:info(); (session.log or log)("info", "Stream encrypted (%s with %s)", info.protocol, info.cipher); session.compressed = info.compression; + m_tls_params:with_labels(info.protocol, info.cipher):add(1) else (session.log or log)("info", "Stream encrypted"); end diff --git a/plugins/mod_s2s.lua b/plugins/mod_s2s.lua index 9c45fc31..19c94b2d 100644 --- a/plugins/mod_s2s.lua +++ b/plugins/mod_s2s.lua @@ -71,6 +71,11 @@ local m_closed_connections = module:metric( "Closed connections", {"host", "direction", "error"} ); +local m_tls_params = module:metric( + "counter", "encrypted", "", + "Encrypted connections", + {"protocol"; "cipher"} +); local sessions = module:shared("sessions"); @@ -384,6 +389,7 @@ function stream_callbacks._streamopened(session, attr) local info = sock:info(); (session.log or log)("info", "Stream encrypted (%s with %s)", info.protocol, info.cipher); session.compressed = info.compression; + m_tls_params:with_labels(info.protocol, info.cipher):add(1) else (session.log or log)("info", "Stream encrypted"); end |