From 18813c2ffa037c40defa58fb0470ae600e88b2e6 Mon Sep 17 00:00:00 2001
From: Kim Alvefur <zash@zash.se>
Date: Sat, 24 Feb 2024 17:45:50 +0100
Subject: mod_s2s: Comment on why we avoid hostnames in stanza bounce messages

---
 plugins/mod_s2s.lua | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'plugins/mod_s2s.lua')

diff --git a/plugins/mod_s2s.lua b/plugins/mod_s2s.lua
index fcdfbca8..88b73eba 100644
--- a/plugins/mod_s2s.lua
+++ b/plugins/mod_s2s.lua
@@ -1015,6 +1015,8 @@ function check_auth_policy(event)
 		-- In practice most cases are configuration mistakes or forgotten
 		-- certificate renewals. We think it's better to let the other party
 		-- know about the problem so that they can fix it.
+		--
+		-- Note: Bounce message must not include name of server, as it may leak half your JID in semi-anon MUCs.
 		session:close({ condition = "not-authorized", text = "Your server's certificate "..reason },
 			nil, "Remote server's certificate "..reason);
 		return false;
-- 
cgit v1.2.3