aboutsummaryrefslogtreecommitdiffstats
path: root/plugins
diff options
context:
space:
mode:
authorKim Alvefur <zash@zash.se>2017-03-01 02:38:05 +0100
committerKim Alvefur <zash@zash.se>2017-03-01 02:38:05 +0100
commit55ba289bedc1580f49af034b8a849958b698de77 (patch)
tree9e8179e3cdc021aa83812cf4bbdb4fd0d9cbc814 /plugins
parentda6eaea135e293573a6aeaf651ac49288e47e47f (diff)
parent9e586ac1dfdf187a7a5d5f80a818c92b13b16f0c (diff)
downloadprosody-55ba289bedc1580f49af034b8a849958b698de77.tar.gz
prosody-55ba289bedc1580f49af034b8a849958b698de77.zip
Merge 0.10->trunk
Diffstat (limited to 'plugins')
-rw-r--r--plugins/mod_admin_telnet.lua6
-rw-r--r--plugins/mod_register.lua5
-rw-r--r--plugins/mod_tls.lua4
-rw-r--r--plugins/mod_websocket.lua2
4 files changed, 15 insertions, 2 deletions
diff --git a/plugins/mod_admin_telnet.lua b/plugins/mod_admin_telnet.lua
index 3250e2ed..0913eb6d 100644
--- a/plugins/mod_admin_telnet.lua
+++ b/plugins/mod_admin_telnet.lua
@@ -1167,6 +1167,12 @@ function def_env.http:list()
return true;
end
+module:hook("server-stopping", function(event)
+ for conn, session in pairs(sessions) do
+ session.print("Shutting down: "..(event.reason or "unknown reason"));
+ end
+end);
+
-------------
function printbanner(session)
diff --git a/plugins/mod_register.lua b/plugins/mod_register.lua
index ee3f88ba..72e91368 100644
--- a/plugins/mod_register.lua
+++ b/plugins/mod_register.lua
@@ -21,6 +21,7 @@ local new_cache = require "util.cache".new;
local compat = module:get_option_boolean("registration_compat", true);
local allow_registration = module:get_option_boolean("allow_registration", false);
local additional_fields = module:get_option("additional_registration_fields", {});
+local require_encryption = module:get_option("c2s_require_encryption") or module:get_option("require_encryption");
local account_details = module:open_store("account_details");
@@ -83,7 +84,7 @@ module:hook("stream-features", function(event)
local session, features = event.origin, event.features;
-- Advertise registration to unauthorized clients only.
- if not(allow_registration) or session.type ~= "c2s_unauthed" then
+ if not(allow_registration) or session.type ~= "c2s_unauthed" or (require_encryption and not session.secure) then
return
end
@@ -213,6 +214,8 @@ module:hook("stanza/iq/jabber:iq:register:query", function(event)
if not(allow_registration) or session.type ~= "c2s_unauthed" then
log("debug", "Attempted registration when disabled or already authenticated");
session.send(st.error_reply(stanza, "cancel", "service-unavailable"));
+ elseif require_encryption and not session.secure then
+ session.send(st.error_reply(stanza, "modify", "policy-violation", "Encryption is required"));
else
local query = stanza.tags[1];
if stanza.attr.type == "get" then
diff --git a/plugins/mod_tls.lua b/plugins/mod_tls.lua
index 3903a760..fbeb344b 100644
--- a/plugins/mod_tls.lua
+++ b/plugins/mod_tls.lua
@@ -63,7 +63,9 @@ end
local function can_do_tls(session)
if not session.conn.starttls then
- session.log("debug", "Underlying connection does not support STARTTLS");
+ if not session.secure then
+ session.log("debug", "Underlying connection does not support STARTTLS");
+ end
return false;
elseif session.ssl_ctx ~= nil then
return session.ssl_ctx;
diff --git a/plugins/mod_websocket.lua b/plugins/mod_websocket.lua
index c19ad566..47d170a1 100644
--- a/plugins/mod_websocket.lua
+++ b/plugins/mod_websocket.lua
@@ -136,6 +136,8 @@ function handle_request(event)
local request, response = event.request, event.response;
local conn = response.conn;
+ conn.starttls = false; -- Prevent mod_tls from believing starttls can be done
+
if not request.headers.sec_websocket_key then
response.headers.content_type = "text/html";
return [[<!DOCTYPE html><html><head><title>Websocket</title></head><body>