diff options
| author | Kim Alvefur <zash@zash.se> | 2021-08-10 20:55:43 +0200 |
|---|---|---|
| committer | Kim Alvefur <zash@zash.se> | 2021-08-10 20:55:43 +0200 |
| commit | 702d8a9ab49e326fbdd73229a9ab7fda42ecfa84 (patch) | |
| tree | 7352d81b1ea0a289a257f0f68c8d3dc46aea072f | |
| parent | c42a125cc727bd0a9f5856054a6e75b415bbee92 (diff) | |
| download | prosody-702d8a9ab49e326fbdd73229a9ab7fda42ecfa84.tar.gz prosody-702d8a9ab49e326fbdd73229a9ab7fda42ecfa84.zip | |
mod_s2s: Add a Direct TLS listener
Mirroring the c2s 'direct_tls'. Naming things is hard.
direct_tls_s2s_ports = { 5269+1 }
| -rw-r--r-- | CHANGES | 2 | ||||
| -rw-r--r-- | doc/doap.xml | 2 | ||||
| -rw-r--r-- | plugins/mod_s2s.lua | 14 |
3 files changed, 16 insertions, 2 deletions
@@ -26,7 +26,7 @@ TRUNK - statistics scheduling can be done by plugin - mod_server_contact_info now loaded on components if enabled - Statistics now based on OpenMetrics -- Direct TLS support +- Direct TLS support (c2s and incoming s2s) - Offline messages aren't sent to MAM clients - Network backend server_select deprecated diff --git a/doc/doap.xml b/doc/doap.xml index b2863b19..191f4caa 100644 --- a/doc/doap.xml +++ b/doc/doap.xml @@ -641,7 +641,7 @@ <xmpp:version>1.1.0</xmpp:version> <xmpp:status>partial</xmpp:status> <xmpp:since>0.2.0</xmpp:since> - <xmpp:note>c2s only direct_tls_ports, formerly legacy_ssl_ports</xmpp:note> + <xmpp:note>direct_tls_ports (formerly legacy_ssl_ports) for c2s and direct_tls_s2s_ports for s2s</xmpp:note> </xmpp:SupportedXep> </implements> <implements> diff --git a/plugins/mod_s2s.lua b/plugins/mod_s2s.lua index f4cf9444..80e4a124 100644 --- a/plugins/mod_s2s.lua +++ b/plugins/mod_s2s.lua @@ -967,3 +967,17 @@ module:provides("net", { }; }); + +module:provides("net", { + name = "direct_tls_s2s"; + listener = listener; + encryption = "ssl"; + ssl_config = { + verify = { "peer", "client_once", }; + }; + multiplex = { + protocol = "xmpp-server"; + pattern = "^<.*:stream.*%sxmlns%s*=%s*(['\"])jabber:server%1.*>"; + }; +}); + |