mirrors/prosody
1
0
Fork 0
mirror of https://github.com/bjc/prosody.git synced 2025-04-03 21:27:38 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions
prosody/plugins
History
Matthew Wild c914afdc49 mod_tls: Enable Prosody's certificate checking for incoming s2s connections (fixes #1916) (thanks Damian, Zash) 
Various options in Prosody allow control over the behaviour of the certificate
verification process For example, some deployments choose to allow falling
back to traditional "dialback" authentication (XEP-0220), while others verify
via DANE, hard-coded fingerprints, or other custom plugins.

Implementing this flexibility requires us to override OpenSSL's default
certificate verification, to allow Prosody to verify the certificate itself,
apply custom policies and make decisions based on the outcome.

To enable our custom logic, we have to suppress OpenSSL's default behaviour of
aborting the connection with a TLS alert message. With LuaSec, this can be
achieved by using the verifyext "lsec_continue" flag.

We also need to use the lsec_ignore_purpose flag, because XMPP s2s uses server
certificates as "client" certificates (for mutual TLS verification in outgoing
s2s connections).

Commit 99d2100d2918 moved these settings out of the defaults and into mod_s2s,
because we only really need these changes for s2s, and they should be opt-in,
rather than automatically applied to all TLS services we offer.

That commit was incomplete, because it only added the flags for incoming
direct TLS connections. StartTLS connections are handled by mod_tls, which was
not applying the lsec_* flags. It previously worked because they were already
in the defaults.

This resulted in incoming s2s connections with "invalid" certificates being
aborted early by OpenSSL, even if settings such as `s2s_secure_auth = false`
or DANE were present in the config.

Outgoing s2s connections inherit verify "none" from the defaults, which means
OpenSSL will receive the cert but will not terminate the connection when it is
deemed invalid. This means we don't need lsec_continue there, and we also
don't need lsec_ignore_purpose (because the remote peer is a "server").

Wondering why we can't just use verify "none" for incoming s2s? It's because
in that mode, OpenSSL won't request a certificate from the peer for incoming
connections. Setting verify "peer" is how you ask OpenSSL to request a
certificate from the client, but also what triggers its built-in verification.
2025-04-01 17:26:56 +01:00
..
adhoc Spelling: Fix various spelling mistakes (thanks timeless) 2022-03-07 00:13:56 +01:00
mod_debug_stanzas plugins: Prefix module imports with prosody namespace 2023-03-24 13:15:28 +01:00
mod_mam doap: Add XEP-0333 2025-03-23 19:59:45 +01:00
mod_pubsub mod_pubsub: Remove duplicate create_node command 2025-01-14 12:26:14 +00:00
muc doap: Add XEP-0333 2025-03-23 19:59:45 +01:00
mod_account_activity.lua mod_account_activity: Fix error when no duration specified in shell command 2025-02-13 16:15:16 +00:00
mod_admin_adhoc.lua Merge 0.12->trunk 2024-10-26 12:43:53 +02:00
mod_admin_shell.lua mod_admin_shell, prosodyctl shell: Report command failure when no password entered (fixes #1907) 2025-03-31 17:30:50 +01:00
mod_admin_socket.lua mod_admin_socket: Fire event on admin client disconnect 2025-01-07 18:16:23 +00:00
mod_admin_telnet.lua plugins: Prefix module imports with prosody namespace 2023-03-24 13:15:28 +01:00
mod_announce.lua mod_announce: Suppress luacheck warnings 2024-04-26 10:37:20 +01:00
mod_auth_anonymous.lua plugins: Prefix module imports with prosody namespace 2023-03-24 13:15:28 +01:00
mod_auth_insecure.lua plugins: Prefix module imports with prosody namespace 2023-03-24 13:15:28 +01:00
mod_auth_internal_hashed.lua mod_auth_internal_{hashed,plain}: Respect flag for disabled accounts in test_password() 2024-08-09 20:23:46 +02:00
mod_auth_internal_plain.lua mod_auth_internal_{hashed,plain}: Respect flag for disabled accounts in test_password() 2024-08-09 20:23:46 +02:00
mod_auth_ldap.lua mod_auth_ldap: Use enum option method 2023-07-18 12:31:29 +02:00
mod_authz_internal.lua mod_authz_internal: Fix error messages 2025-02-13 15:31:14 +00:00
mod_blocklist.lua Merge 0.12->trunk 2024-04-27 15:59:46 +02:00
mod_bookmarks.lua mod_bookmarks: Clarify log messages on failure to sync to modern PEP bookmarks 2024-11-08 10:28:29 +00:00
mod_bosh.lua mod_bosh,mod_websocket: Don't load mod_http_altconnect in global context 2025-02-22 21:45:34 +01:00
mod_c2s.lua mod_c2s: Code formatting change 2025-03-11 18:37:16 +00:00
mod_carbons.lua mod_carbons: Allow plugging into decision of whether to carbon-copy 2022-02-21 11:24:58 +01:00
mod_cloud_notify.lua mod_cloud_notify, mod_cron, mod_invites: Add 'prosody.' prefix to requires 2025-02-15 10:31:37 +00:00
mod_component.lua mod_component: Don't return error reply for errors, fixes #1897 2025-02-22 21:48:07 +01:00
mod_cron.lua mod_cloud_notify, mod_cron, mod_invites: Add 'prosody.' prefix to requires 2025-02-15 10:31:37 +00:00
mod_csi.lua mod_csi: Update correct variables when counting states 2024-09-21 22:07:36 +02:00
mod_csi_simple.lua mod_csi_simple: Disable revert-to-inactive timer when going to active mode 2023-05-01 15:10:32 +02:00
mod_debug_reset.lua mod_debug_reset: Remove now unused import of util.time (thanks luacheck) 2023-04-06 14:49:11 +01:00
mod_debug_sql.lua
mod_dialback.lua mod_dialback: Remove d-w-d feature 2021-05-12 17:22:02 +02:00
mod_disco.lua Merge 0.12->trunk 2023-12-17 19:02:56 +01:00
mod_external_services.lua mod_external_services: Also use TURN REST credential algo for 'turns' (thanks moreroid) 2025-03-01 16:19:43 +00:00
mod_flags.lua mod_flags: New module to view and manage flags on user accounts via shell/API 2025-01-03 11:45:48 +00:00
mod_groups.lua plugins: Prefix module imports with prosody namespace 2023-03-24 13:15:28 +01:00
mod_http.lua mod_http: Fix error if 'access_control_allow_origins' is set 2023-06-10 12:33:58 +02:00
mod_http_altconnect.lua mod_http_altconnect: Imported from prosody-modules 6d5a19bdd718 w/changes 2025-02-16 13:19:05 +00:00
mod_http_errors.lua mod_http_errors: Simplify CSS via built-in dark mode 2023-12-06 23:52:45 +01:00
mod_http_file_share.lua mod_http_file_share: Explicitly reject all unsupported ranges 2025-03-23 12:36:47 +01:00
mod_http_files.lua mod_http_files: Log warning about legacy modules using mod_http_files 2022-07-17 17:05:28 +02:00
mod_http_openmetrics.lua plugins: Prefix module imports with prosody namespace 2023-03-24 13:15:28 +01:00
mod_invites.lua mod_invites: Hide --group flag unless mod_invites_groups is enabled 2025-02-17 23:06:06 +00:00
mod_invites_adhoc.lua mod_invites_adhoc: Add password reset command 2024-10-20 12:11:21 +02:00
mod_invites_register.lua mod_invites_register: Push invitee contact entry to inviter 2022-03-15 21:59:51 +01:00
mod_iq.lua plugins: Prefix module imports with prosody namespace 2023-03-24 13:15:28 +01:00
mod_lastactivity.lua plugins: Prefix module imports with prosody namespace 2023-03-24 13:15:28 +01:00
mod_legacyauth.lua mod_legacyauth: Default to require encryption 2022-02-10 15:48:34 +00:00
mod_limits.lua plugins: Switch to :get_option_period() for time range options 2023-07-16 20:49:33 +02:00
mod_message.lua plugins: Prefix module imports with prosody namespace 2023-03-24 13:15:28 +01:00
mod_mimicking.lua plugins: Prefix module imports with prosody namespace 2023-03-24 13:15:28 +01:00
mod_motd.lua plugins: Prefix module imports with prosody namespace 2023-03-24 13:15:28 +01:00
mod_muc_mam.lua mod_muc_mam: Improve wording of enable setting 2023-10-15 14:43:11 +02:00
mod_muc_unique.lua plugins: Prefix module imports with prosody namespace 2023-03-24 13:15:28 +01:00
mod_net_multiplex.lua plugins: Use integer config API with interval specification where sensible 2023-07-17 01:38:54 +02:00
mod_offline.lua plugins: Prefix module imports with prosody namespace 2023-03-24 13:15:28 +01:00
mod_pep.lua mod_pep: Support for node/item management commands 2025-01-07 14:27:34 +00:00
mod_pep_plus.lua
mod_pep_simple.lua plugins: Prefix module imports with prosody namespace 2023-03-24 13:15:28 +01:00
mod_ping.lua plugins: Prefix module imports with prosody namespace 2023-03-24 13:15:28 +01:00
mod_posix.lua mod_posix: Move everything to util.startup 2024-03-23 20:48:19 +01:00
mod_presence.lua mod_presence: Fix traceback if origin gets disconnected during processing 2025-02-13 14:00:08 +00:00
mod_private.lua plugins: Prefix module imports with prosody namespace 2023-03-24 13:15:28 +01:00
mod_proxy65.lua mod_proxy65: Restrict access to local c2s connections by default 2021-05-12 13:59:49 +01:00
mod_register.lua mod_register: Add a dependency on mod_watchregistrations 2020-06-29 21:03:13 +02:00
mod_register_ibr.lua various: Require encryption by default for real 2021-12-25 16:23:40 +01:00
mod_register_limits.lua plugins: Use integer config API with interval specification where sensible 2023-07-17 01:38:54 +02:00
mod_roster.lua mod_roster: Fix shell commands when a component is involved (fixes #1908) 2025-03-31 21:19:14 +02:00
mod_s2s.lua core.certmanager: Move LuaSec verification tweaks to mod_s2s 2025-02-15 00:19:01 +01:00
mod_s2s_auth_certs.lua mod_s2s_auth_certs: Handle potential string error 2024-02-21 21:29:16 +01:00
mod_s2s_auth_dane_in.lua mod_s2s_auth_dane_in: Try single TLSA lookup per draft-ietf-dance-client-auth 2024-01-11 07:54:11 +01:00
mod_s2s_bidi.lua mod_s2s_bidi: Include empty list of labels in metrics 2024-08-16 18:39:46 +02:00
mod_saslauth.lua mod_saslauth: Use fully qualified import here too 2024-11-24 14:53:49 +01:00
mod_scansion_record.lua util.id: Adjust entropy levels, with rationales 2021-12-02 01:14:55 +01:00
mod_server_contact_info.lua mod_server_contact_info: Sort form fields to please scansion 2024-04-06 16:51:27 +02:00
mod_server_info.lua mod_server_info: New module to manage the serverinfo disco extension form 2024-02-23 21:13:10 +00:00
mod_smacks.lua mod_smacks: Run session destruction code in session's async context 2024-11-21 17:02:55 +00:00
mod_stanza_debug.lua plugins: Prefix module imports with prosody namespace 2023-03-24 13:15:28 +01:00
mod_storage_internal.lua mod_storage_internal: Use UUIDv7 for message ids 2025-03-10 11:54:52 +00:00
mod_storage_memory.lua plugins: Use integer config API with interval specification where sensible 2023-07-17 01:38:54 +02:00
mod_storage_none.lua
mod_storage_sql.lua mod_storage_sql: Drop legacy index without confirmation to ease upgrades 2025-03-23 12:15:16 +01:00
mod_storage_xep0227.lua mod_storage_xep0227: Fix mapping of nodes without explicit configuration 2022-04-08 23:35:31 +02:00
mod_time.lua plugins: Prefix module imports with prosody namespace 2023-03-24 13:15:28 +01:00
mod_tls.lua mod_tls: Enable Prosody's certificate checking for incoming s2s connections (fixes #1916) (thanks Damian, Zash) 2025-04-01 17:26:56 +01:00
mod_tokenauth.lua mod_tokenauth: Fix expiry lasting one second too much 2025-02-01 20:45:28 +01:00
mod_tombstones.lua mod_tombstones: Add caching to improve performance on busy servers (fixes #1728) 2022-03-28 11:08:18 +01:00
mod_turn_external.lua mod_turn_external: Update status and friendlier handling of missing secret option (fixes #1727) 2022-03-28 10:47:21 +01:00
mod_unknown.lua
mod_uptime.lua plugins: Prefix module imports with prosody namespace 2023-03-24 13:15:28 +01:00
mod_user_account_management.lua mod_user_account_management: Clear pending deletion if account re-enabled 2023-12-07 12:08:01 +00:00
mod_vcard.lua mod_vcard: Switch store name for MUC hosts (thanks lissine) 2025-02-06 17:37:59 +00:00
mod_vcard4.lua plugins: Prefix module imports with prosody namespace 2023-03-24 13:15:28 +01:00
mod_vcard_legacy.lua plugins: Prefix module imports with prosody namespace 2023-03-24 13:15:28 +01:00
mod_version.lua mod_version: Fix uname result style (thanks riau) 2024-04-07 18:36:00 +02:00
mod_watchregistrations.lua plugins: Use get_option_enum where appropriate 2021-01-16 21:04:58 +01:00
mod_websocket.lua mod_websocket: Merge session close handling changes from mod_c2s (bug fixes) 2025-03-11 18:44:40 +00:00
mod_welcome.lua plugins: Prefix module imports with prosody namespace 2023-03-24 13:15:28 +01:00
mod_windows.lua