aboutsummaryrefslogtreecommitdiffstats
path: root/plugins/mod_tls.lua
Commit message (Collapse)AuthorAgeFilesLines
* mod_tls: Let s2s_secure_auth override s2s_require_encryption and warn if ↵Kim Alvefur2014-01-151-0/+6
| | | | they differ
* mod_tls: Rename variables to be less confusingKim Alvefur2014-01-151-4/+4
|
* mod_tls: Log error when TLS initialization failsMatthew Wild2014-01-121-2/+9
|
* mod_tls: More use of config sections removedKim Alvefur2013-03-231-2/+2
|
* mod_announce, mod_auth_anonymous, mod_c2s, mod_c2s, mod_component, mod_iq, ↵Kim Alvefur2013-03-231-0/+1
| | | | mod_message, mod_presence, mod_tls: Access prosody.{hosts,bare_sessions,full_sessions} instead of the old globals
* mod_tls: Fix log statement (thanks Zash)Matthew Wild2012-01-181-1/+1
|
* mod_tls: Fix for components to more reliably inherit SSL settings from their ↵Matthew Wild2011-04-061-4/+3
| | | | parenthost (thanks Link Mauve)
* mod_tls: Drop 'TLS negotiation started for ...' to debug level from infoMatthew Wild2011-02-221-1/+1
|
* mod_tls: Let hosts without an 'ssl' option inherit it from their parent hosts.Waqas Hussain2010-11-101-1/+7
|
* mod_tls: Pass the hostname rather than host session to ↵Matthew Wild2010-11-081-2/+2
| | | | certmanager.create_context() (thanks darkrain)
* certmanager, hostmanager, mod_tls: Move responsibility for creating per-host ↵Matthew Wild2010-11-061-0/+12
| | | | SSL contexts to mod_tls, meaning reloading certs is now as trivial as reloading mod_tls
* mod_tls: Remove extraneous flag to starttls() for s2sout connecectionsMatthew Wild2010-07-221-1/+1
|
* Merge 0.6->0.7Matthew Wild2010-03-241-2/+3
|\
| * mod_tls: Add s2s_allow_encryption option which, when set to false, disabled ↵Matthew Wild2010-03-241-18/+27
| | | | | | | | TLS for s2s
* | Merge 0.6->0.7Matthew Wild2010-03-221-2/+2
|\|
| * Update copyright headers for 2010Matthew Wild2010-03-221-2/+2
| |
| * Merge 0.6.2/waqas with 0.6.2/MattJMatthew Wild2010-03-031-5/+9
| |\
| | * mod_tls: Don't offer TLS on hosts that don't have any certsMatthew Wild2010-02-121-2/+4
| | |
| | * mod_tls: Fixed an extra :up() in s2s stream feature generation.Waqas Hussain2010-02-121-1/+1
| | |
| | * mod_tls: Respond with proper error when TLS cannot be negotiated.Waqas Hussain2010-02-121-2/+4
| | |
| * | mod_tls: Set the sslctx on outgoing connections (possibly the cause of ↵Matthew Wild2010-01-311-0/+2
| |/ | | | | | | outgoing s2s connections not being encrypted)
* | mod_tls: Only negotiate TLS on outgoing s2s connections if we have an SSL ↵Matthew Wild2010-02-161-1/+3
| | | | | | | | context (thanks Flo...)
* | mod_tls: Ban TLS after auth, not before.Waqas Hussain2010-02-141-2/+2
| |
* | mod_tls: Fixed traceback during S2S TLS (nil global access).Waqas Hussain2010-02-141-1/+1
| |
* | mod_tls: Refactor to simplify detection of whether we can do TLS on a connectionMatthew Wild2010-02-121-3/+13
| |
* | mod_tls: Don't offer TLS on hosts that don't have any certsMatthew Wild2010-02-121-2/+4
| |
* | s2smanager, mod_compression, mod_tls: Changed event.session to event.origin ↵Waqas Hussain2010-02-121-2/+2
| | | | | | | | for s2s-stream-features event for consistency.
* | mod_tls: Hook stream-features event using new events API.Waqas Hussain2010-02-121-2/+3
| |
* | mod_tls: Cleanup.Waqas Hussain2010-02-121-50/+40
| |
* | mod_tls: Fixed an extra :up() in s2s stream feature generation.Waqas Hussain2010-02-121-1/+1
| |
* | mod_tls: Remove origin type check when TLS is requested (thanks MattJ).Waqas Hussain2010-02-121-1/+1
| |
* | mod_tls: Respond with proper error when TLS cannot be negotiated.Waqas Hussain2010-02-121-1/+2
| |
* | mod_tls: Inlined some code.Waqas Hussain2010-02-121-18/+9
| |
* | mod_tls: Merged duplicate code.Waqas Hussain2010-02-121-23/+8
| |
* | mod_tls: Switched to new events API.Waqas Hussain2010-02-121-2/+12
| |
* | mod_tls: Slight refactoring.Waqas Hussain2010-02-121-29/+30
| |
* | mod_tls: Don't advertise TLS after authentication.Waqas Hussain2010-02-101-2/+2
| |
* | mod_tls: Remove some redundant variable declarationsMatthew Wild2010-01-311-1/+0
| |
* | mod_tls: Set the sslctx on outgoing connections (possibly the cause of ↵Matthew Wild2010-01-311-1/+2
| | | | | | | | outgoing s2s connections not being encrypted)
* | mod_tls: Update for new server SSL syntaxMatthew Wild2010-01-311-8/+6
| |
* | mod_tls: Switch to : syntax for connection methodsMatthew Wild2009-11-211-5/+5
|/
* mod_tls: Offer the host-specific cert (when there is one) to incoming ↵Matthew Wild2009-10-171-0/+6
| | | | c2s/s2s connections, fixes #30 (thanks, albert, Flo, johnny, and all who nagged me :) )
* mod_tls: Don't try to start TLS if we can't actually do it (thanks Florob)Matthew Wild2009-10-091-1/+1
|
* mod_tls: Catch s2s-stream-features and add starttls feature if possibleMatthew Wild2009-10-081-5/+4
|
* mod_tls: Mark sessions as not secure when negotiating outward TLS, so they ↵Matthew Wild2009-10-061-0/+1
| | | | get marked secure later. Fixes missing (encrypted) for outgoing sessions in s2s:show(). Thanks albert, McKael :)
* mod_tls: require_s2s_encryption -> s2s_require_encryptionMatthew Wild2009-10-051-1/+1
|
* require_encryption deprecated, use c2s_require_encryption insteadMatthew Wild2009-10-051-1/+1
|
* mod_tls: Mark starttls feature as <required/> if require_s2s_encryption is ↵Matthew Wild2009-10-051-2/+6
| | | | enabled
* mod_tls: Mark session as not secure before negotiating TLSMatthew Wild2009-10-051-0/+1
|
* mod_tls: Only advertise TLS if the server told us which host they are ↵Matthew Wild2009-10-051-1/+1
| | | | connecting to