aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKim Alvefur <zash@zash.se>2021-06-16 00:00:17 +0200
committerKim Alvefur <zash@zash.se>2021-06-16 00:00:17 +0200
commitaa041ffa1060e07be9a02ef6b523623f364f962a (patch)
tree44c07acee9815639210d9487210291f65f4e78eb
parentdf48c1e8670e9e9a84fb4b9058116efe99ff91ec (diff)
downloadprosody-aa041ffa1060e07be9a02ef6b523623f364f962a.tar.gz
prosody-aa041ffa1060e07be9a02ef6b523623f364f962a.zip
mod_c2s,mod_s2s: Collect stats on TLS versions and ciphers
-rw-r--r--plugins/mod_c2s.lua7
-rw-r--r--plugins/mod_s2s.lua6
2 files changed, 13 insertions, 0 deletions
diff --git a/plugins/mod_c2s.lua b/plugins/mod_c2s.lua
index 38a275f5..cd4b0f71 100644
--- a/plugins/mod_c2s.lua
+++ b/plugins/mod_c2s.lua
@@ -39,6 +39,12 @@ local stream_callbacks = { default_ns = "jabber:client" };
local listener = {};
local runner_callbacks = {};
+local m_tls_params = module:metric(
+ "counter", "encrypted", "",
+ "Encrypted connections",
+ {"protocol"; "cipher"}
+);
+
module:hook("stats-update", function ()
-- for push backends, avoid sending out updates for each increment of
-- the metric below.
@@ -115,6 +121,7 @@ function stream_callbacks._streamopened(session, attr)
local info = sock:info();
(session.log or log)("info", "Stream encrypted (%s with %s)", info.protocol, info.cipher);
session.compressed = info.compression;
+ m_tls_params:with_labels(info.protocol, info.cipher):add(1)
else
(session.log or log)("info", "Stream encrypted");
end
diff --git a/plugins/mod_s2s.lua b/plugins/mod_s2s.lua
index 9c45fc31..19c94b2d 100644
--- a/plugins/mod_s2s.lua
+++ b/plugins/mod_s2s.lua
@@ -71,6 +71,11 @@ local m_closed_connections = module:metric(
"Closed connections",
{"host", "direction", "error"}
);
+local m_tls_params = module:metric(
+ "counter", "encrypted", "",
+ "Encrypted connections",
+ {"protocol"; "cipher"}
+);
local sessions = module:shared("sessions");
@@ -384,6 +389,7 @@ function stream_callbacks._streamopened(session, attr)
local info = sock:info();
(session.log or log)("info", "Stream encrypted (%s with %s)", info.protocol, info.cipher);
session.compressed = info.compression;
+ m_tls_params:with_labels(info.protocol, info.cipher):add(1)
else
(session.log or log)("info", "Stream encrypted");
end