mirrors/prosody
1
0
Fork 0
mirror of https://github.com/bjc/prosody.git synced 2025-04-03 21:27:38 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

mod_tls: Collect full certificate chain validation information

Browse source 
Enabling at least one of the ssl.verifyext modes enables a callback that
collects all the errors, which are used by mod_s2s to report better
problem descriptions.
This commit is contained in:
Kim Alvefur 2025-04-01 20:49:58 +02:00
parent 5dbd3b15e4
commit 1d47e2fab1
1 changed files with 2 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

3
plugins/mod_tls.lua
View file

@ -63,7 +63,8 @@ function module.load(reload)
module:log("debug", "Creating context for s2sout");
-- for outgoing server connections
ssl_ctx_s2sout, err_s2sout, ssl_cfg_s2sout = create_context(host.host, "client", host_s2s, host_ssl, global_s2s, xmpp_alpn);
ssl_ctx_s2sout, err_s2sout, ssl_cfg_s2sout = create_context(host.host, "client", host_s2s, host_ssl, global_s2s, xmpp_alpn,
custom_cert_verification);
if not ssl_ctx_s2sout then module:log("error", "Error creating contexts for s2sout: %s", err_s2sout); end
module:log("debug", "Creating context for s2sin");