#803 ssl_ports of net_multiplexer makes the port plaintext instead

Reporter Ge0rG
Owner Zash
Created
Updated
Stars ★ (1)
Tags
  • Priority-Medium
  • Milestone-0.9
  • Type-Defect
  • Status-Fixed
  1. Ge0rG on

    While attempting to circumvent evil firewalls, I tried to make prosody listen on TCP:443. First, I added `setcap cap_net_bind_service=+ep /usr/bin/lua5.1` to my init script to allow binding to privileged ports. Then I added the following to prosody.cfg.lua: ssl_ports = { 443 } After reloading the config and mod_net_multiplex, prosody was listening on port 443. However, SSL connections time out (no certificate is sent by the server). The port does react to plaintex xmpp though: >>> <stream:stream xmlns="jabber:client"> <<< <?xml version='1.0'?><stream:stream xmlns:stream='http://etherx.jabber.org/streams' xml:lang='en' xmlns='jabber:client'><stream:error><not-well-formed xmlns='urn:ietf:params:xml:ns:xmpp-streams'/></stream:error></stream:stream> Connection closed by foreign host.

  2. Zash on

    https://hg.prosody.im/0.9/rev/00bca79ae778

    Changes
    • owner Zash
    • tags Status-Fixed Milestone-0.9

New comment

Not published. Used for spam prevention and optional update notifications.