mod_log_ringbuffer: Detach event handlers on logging reload (thanks Menel)
Otherwise the global event handlers accumulate, one added each time
logging is reoladed, and each invocation of the signal or event triggers
one dump of each created ringbuffer.
assert(require"ssl.core".info, "Incompatible LuaSec version");
local function hook(event_name, typ, policy)
if not policy then return end
if policy == "FS" then
policy = { cipher = "^E?C?DHE%-" };
elseif type(policy) == "string" then
policy = { cipher = policy };
end
module:hook(event_name, function (event)
local origin = event.origin;
if origin.conn and origin.conn:ssl() then
local info = origin.conn:socket():info();
for key, what in pairs(policy) do
module:log("debug", "Does info[%q] = %s match %s ?", key, tostring(info[key]), tostring(what));
if (type(what) == "number" and what < info[key] ) or (type(what) == "string" and not info[key]:match(what)) then
origin:close({ condition = "policy-violation", text = ("TLS %s '%s' not acceptable"):format(key, tostring(info[key])) });
return false;
end
module:log("debug", "Seems so");
end
module:log("debug", "Policy matches");
end
end, 1000);
end
local policy = module:get_option(module.name, {});
if type(policy) == "string" then
policy = { c2s = policy, s2s = policy };
end
hook("stream-features", "c2s", policy.c2s);
hook("s2s-stream-features", "s2sin", policy.s2sin or policy.s2s);
hook("stanza/http://etherx.jabber.org/streams:features", "s2sout", policy.s2sout or policy.s2s);