mod_tls: Add "support" for <failure> by closing gracefully

Nicer than the "unsupported stanza type" error we get otherwise.
2025-04-03 21:27:38 +03:00 · 2021-05-21 19:04:01 +02:00 · 2021-05-21 19:04:01 +02:00 · d7b7a25e73
commit d7b7a25e73
parent 15d7143bb3
1 changed files with 6 additions and 0 deletions
--- a/plugins/mod_tls.lua
+++ b/plugins/mod_tls.lua
@ -174,3 +174,9 @@ module:hook_tag(xmlns_starttls, "proceed", function (session, stanza) -- luachec
 		return true;
 	end
 end);
+
+module:hook_tag(xmlns_starttls, "failure", function (session, stanza) -- luacheck: ignore 212/stanza
+	module:log("warn", "TLS negotiation with %s failed.", session.to_host);
+	session:close(nil, "TLS negotiation failed");
+	return false;
+end);