diff options
author | Kim Alvefur <zash@zash.se> | 2014-05-11 18:51:08 +0200 |
---|---|---|
committer | Kim Alvefur <zash@zash.se> | 2014-05-11 18:51:08 +0200 |
commit | c9891dd868041285f928b0f6661eee88e7c2a119 (patch) | |
tree | 230f2857d449ac90f5c2c882faa107ad2fd263a4 /plugins | |
parent | 3224f0cee2dccb23550debe2c59333bef25921c2 (diff) | |
download | prosody-c9891dd868041285f928b0f6661eee88e7c2a119.tar.gz prosody-c9891dd868041285f928b0f6661eee88e7c2a119.zip |
mod_admin_telnet: Add s2s:show_tls() for showing ciphers used on s2s connections
Diffstat (limited to 'plugins')
-rw-r--r-- | plugins/mod_admin_telnet.lua | 26 |
1 files changed, 24 insertions, 2 deletions
diff --git a/plugins/mod_admin_telnet.lua b/plugins/mod_admin_telnet.lua index db7c3425..4bf939e9 100644 --- a/plugins/mod_admin_telnet.lua +++ b/plugins/mod_admin_telnet.lua @@ -223,6 +223,7 @@ function commands.help(session, data) print [[c2s:close(jid) - Close all sessions for the specified JID]] elseif section == "s2s" then print [[s2s:show(domain) - Show all s2s connections for the given domain (or all if no domain given)]] + print [[s2s:show_tls(domain) - Show TLS cipher info for encrypted sessions]] print [[s2s:close(from, to) - Close a connection from one domain to another]] print [[s2s:closeall(host) - Close all the incoming/outgoing s2s sessions to specified host]] elseif section == "module" then @@ -517,6 +518,22 @@ local function session_flags(session, line) return table.concat(line, " "); end +local function tls_info(session, line) + line = line or {}; + if session.secure then + local sock = session.conn and session.conn.socket and session.conn:socket(); + if sock and sock.info then + local info = sock:info(); + line[#line+1] = ("(%s with %s)"):format(info.protocol, info.cipher); + else + line[#line+1] = "(cipher info unavailable)"; + end + else + line[#line+1] = "(insecure)"; + end + return table.concat(line, " "); +end + def_env.c2s = {}; local function show_c2s(callback) @@ -591,8 +608,9 @@ end def_env.s2s = {}; -function def_env.s2s:show(match_jid) +function def_env.s2s:show(match_jid, annotate) local print = self.session.print; + annotate = annotate or session_flags; local count_in, count_out = 0,0; local s2s_list = { }; @@ -610,7 +628,7 @@ function def_env.s2s:show(match_jid) remotehost, localhost = session.from_host or "?", session.to_host or "?"; end local sess_lines = { l = localhost, r = remotehost, - session_flags(session, { "", direction, remotehost or "?", + annotate(session, { "", direction, remotehost or "?", "["..session.type..tostring(session):match("[a-f0-9]*$").."]" })}; if (not match_jid) or remotehost:match(match_jid) or localhost:match(match_jid) then @@ -666,6 +684,10 @@ function def_env.s2s:show(match_jid) return true, "Total: "..count_out.." outgoing, "..count_in.." incoming connections"; end +function def_env.s2s:show_tls(match_jid) + return self:show(match_jid, tls_info); +end + local function print_subject(print, subject) for _, entry in ipairs(subject) do print( |