mod_s2s: Comment on why we avoid hostnames in stanza bounce messages

author: Kim Alvefur <zash@zash.se> 2024-02-24 17:45:50 +0100
committer: Kim Alvefur <zash@zash.se> 2024-02-24 17:45:50 +0100
commit: 18813c2ffa037c40defa58fb0470ae600e88b2e6 (patch)
tree: 13df1e240dfb16324344c164e5b76af4790d8dc1 /plugins
parent: 01a44e88db7061b2e908d5d77cb689009beb549c (diff)
download: prosody-18813c2ffa037c40defa58fb0470ae600e88b2e6.tar.gz
prosody-18813c2ffa037c40defa58fb0470ae600e88b2e6.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/plugins/mod_s2s.lua b/plugins/mod_s2s.lua
index fcdfbca8..88b73eba 100644
--- a/plugins/mod_s2s.lua
+++ b/plugins/mod_s2s.lua
@@ -1015,6 +1015,8 @@ function check_auth_policy(event)
 		-- In practice most cases are configuration mistakes or forgotten
 		-- certificate renewals. We think it's better to let the other party
 		-- know about the problem so that they can fix it.
+		--
+		-- Note: Bounce message must not include name of server, as it may leak half your JID in semi-anon MUCs.
 		session:close({ condition = "not-authorized", text = "Your server's certificate "..reason },
 			nil, "Remote server's certificate "..reason);
 		return false;
author	Kim Alvefur <zash@zash.se>	2024-02-24 17:45:50 +0100
committer	Kim Alvefur <zash@zash.se>	2024-02-24 17:45:50 +0100
commit	18813c2ffa037c40defa58fb0470ae600e88b2e6 (patch)
tree	13df1e240dfb16324344c164e5b76af4790d8dc1 /plugins
parent	01a44e88db7061b2e908d5d77cb689009beb549c (diff)
download	prosody-18813c2ffa037c40defa58fb0470ae600e88b2e6.tar.gz prosody-18813c2ffa037c40defa58fb0470ae600e88b2e6.zip