aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKim Alvefur <zash@zash.se>2019-10-12 20:07:50 +0200
committerKim Alvefur <zash@zash.se>2019-10-12 20:07:50 +0200
commit3585385ab60126105f7e0c7900399ec05c56a781 (patch)
tree088ccbbe0ba2d12969c9b194f2c20fc709cb5dc1
parent73d6c64bd7b061a8790919daac19e09cd00fa5e1 (diff)
downloadprosody-3585385ab60126105f7e0c7900399ec05c56a781.tar.gz
prosody-3585385ab60126105f7e0c7900399ec05c56a781.zip
net.server_epoll: Fix to get remote IP on direct TLS connections
A Direct TLS connection (eg HTTPS) gets turned into a LuaSec handle before the :updatenames call done in the :connect method. LuaSec does not expose the :getpeername and :getsockname methods, so the addresses remain obscured, making debugging trickier since the actual IP addrerss connected to does not show up.
-rw-r--r--net/server_epoll.lua1
1 files changed, 1 insertions, 0 deletions
diff --git a/net/server_epoll.lua b/net/server_epoll.lua
index 3b134312..7a414901 100644
--- a/net/server_epoll.lua
+++ b/net/server_epoll.lua
@@ -521,6 +521,7 @@ function interface:tlshandskake()
self._tls = true;
self:debug("Starting TLS now");
self:del();
+ self:updatenames(); -- Can't getpeer/sockname after wrap()
local ok, conn, err = pcall(luasec.wrap, self.conn, self.tls_ctx);
if not ok then
conn, err = ok, conn;