mod_tls_policy: Include which part of the cipher that did not match the policy in stream error
--- a/mod_tls_policy/mod_tls_policy.lua Fri Feb 20 22:45:45 2015 +0000
+++ b/mod_tls_policy/mod_tls_policy.lua Mon Feb 23 15:45:11 2015 +0100
@@ -16,7 +16,7 @@
for key, what in pairs(policy) do
module:log("debug", "Does info[%q] = %s match %s ?", key, tostring(info[key]), tostring(what));
if (type(what) == "number" and what < info[key] ) or (type(what) == "string" and not info[key]:match(what)) then
- origin:close({ condition = "policy-violation", text = "Cipher not acceptable" });
+ origin:close({ condition = "policy-violation", text = ("TLS %s '%s' not acceptable"):format(key, tostring(info[key])) });
return false;
end
module:log("debug", "Seems so");