diff options
author | Matthew Wild <mwild1@gmail.com> | 2022-04-25 15:07:49 +0100 |
---|---|---|
committer | Matthew Wild <mwild1@gmail.com> | 2022-04-25 15:07:49 +0100 |
commit | f86d1517ce1c6ad3eeebcfb9f57d3689f6f9e943 (patch) | |
tree | 44debe06df4f9ef201075d0ef46fc15f870845a4 /core/certmanager.lua | |
parent | 89934124b819b592f5a56f7135c3b037c373d919 (diff) | |
download | prosody-f86d1517ce1c6ad3eeebcfb9f57d3689f6f9e943.tar.gz prosody-f86d1517ce1c6ad3eeebcfb9f57d3689f6f9e943.zip |
mod_s2s: Improve robustness of outgoing s2s certificate verification
This change ensures we have positively verified the certificates of the server
we are connecting to before marking the session as authenticated. It protects
against situations where the verify-or-close stage of the connection was
interrupted (e.g. due to an uncaught error).
Thanks to Zash for discovery and testing.
Diffstat (limited to 'core/certmanager.lua')
0 files changed, 0 insertions, 0 deletions