author | Kim Alvefur <zash@zash.se> |
Wed, 03 Mar 2021 11:43:38 +0100 | |
changeset 4494 | cf2bdb2aaa57 |
parent 1525 | 37cef218ba20 |
permissions | -rw-r--r-- |
1525
37cef218ba20
mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
1 |
local st = require"util.stanza"; |
37cef218ba20
mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
2 |
local host = module.host; |
37cef218ba20
mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
3 |
|
37cef218ba20
mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
4 |
local warning_message = module:get_option_string("sslv3_warning", "Your connection is encrypted using the SSL 3.0 protocol, which has been demonstrated to be insecure and will be disabled soon. Please upgrade your client."); |
37cef218ba20
mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
5 |
|
37cef218ba20
mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
6 |
module:hook("resource-bind", function (event) |
37cef218ba20
mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
7 |
local session = event.session; |
37cef218ba20
mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
8 |
module:log("debug", "mod_%s sees that %s logged in", module.name, session.username); |
37cef218ba20
mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
9 |
|
37cef218ba20
mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
10 |
local ok, protocol = pcall(function(session) |
37cef218ba20
mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
11 |
return session.conn:socket():info"protocol"; |
37cef218ba20
mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
12 |
end, session); |
37cef218ba20
mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
13 |
if not ok then |
37cef218ba20
mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
14 |
module:log("debug", protocol); |
37cef218ba20
mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
15 |
elseif protocol == "SSLv3" then |
37cef218ba20
mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
16 |
module:add_timer(15, function () |
37cef218ba20
mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
17 |
if session.type == "c2s" and session.resource then |
37cef218ba20
mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
18 |
session.send(st.message({ from = host, type = "headline", to = session.full_jid }, warning_message)); |
37cef218ba20
mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
19 |
end |
37cef218ba20
mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
20 |
end); |
37cef218ba20
mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
21 |
end |
37cef218ba20
mod_sslv3_warn: Module to notice users connected with SSLv3 that they need to upgrade becasue SSLv3 is insecure
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
22 |
end); |