diff options
| author | Matthew Wild <mwild1@gmail.com> | 2022-09-07 11:29:00 +0100 |
|---|---|---|
| committer | Matthew Wild <mwild1@gmail.com> | 2022-09-07 11:29:00 +0100 |
| commit | 4cc85dc0566faf031f8848d6ba19e658d9402eb7 (patch) | |
| tree | fc16b1a2531af4003ead878d54603976ef99bed5 | |
| parent | b4ed12096371bb9224311b95a36a13280829e46b (diff) | |
| download | prosody-4cc85dc0566faf031f8848d6ba19e658d9402eb7.tar.gz prosody-4cc85dc0566faf031f8848d6ba19e658d9402eb7.zip | |
mod_c2s: Add session.ssl_cfg/ssl_ctx for direct TLS connections
| -rw-r--r-- | plugins/mod_c2s.lua | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/plugins/mod_c2s.lua b/plugins/mod_c2s.lua index b80485f5..d6c8a7b8 100644 --- a/plugins/mod_c2s.lua +++ b/plugins/mod_c2s.lua @@ -11,9 +11,11 @@ module:set_global(); local add_task = require "prosody.util.timer".add_task; local new_xmpp_stream = require "prosody.util.xmppstream".new; local nameprep = require "prosody.util.encodings".stringprep.nameprep; +local certmanager = require "prosody.core.certmanager"; local sessionmanager = require "prosody.core.sessionmanager"; local statsmanager = require "prosody.core.statsmanager"; local st = require "prosody.util.stanza"; +local pm_get_tls_config_at = require "core.portmanager".get_tls_config_at; local sm_new_session, sm_destroy_session = sessionmanager.new_session, sessionmanager.destroy_session; local uuid_generate = require "prosody.util.uuid".generate; local async = require "prosody.util.async"; @@ -308,6 +310,12 @@ function listener.onconnect(conn) session.secure = true; session.encrypted = true; + local server = conn:server(); + local tls_config = pm_get_tls_config_at(server:ip(), server:serverport()); + local autocert = certmanager.find_host_cert(session.conn:socket():getsniname()); + session.ssl_cfg = autocert or tls_config; + session.ssl_ctx = conn:sslctx(); + -- Check if TLS compression is used local info = conn:ssl_info(); if type(info) == "table" then |