aboutsummaryrefslogtreecommitdiffstats
path: root/plugins/mod_s2s.lua
diff options
context:
space:
mode:
authorKim Alvefur <zash@zash.se>2022-01-21 18:42:38 +0100
committerKim Alvefur <zash@zash.se>2022-01-21 18:42:38 +0100
commit90215f635bf8fd031d3505d54a88aa0440bea29b (patch)
treef6405c8c9cf0e09a5af5d5b9bd83400c20efdf29 /plugins/mod_s2s.lua
parent268dfa38c09c78b0bdab2cb1e3590b1ffa3ad86e (diff)
downloadprosody-90215f635bf8fd031d3505d54a88aa0440bea29b.tar.gz
prosody-90215f635bf8fd031d3505d54a88aa0440bea29b.zip
mod_s2s: Retrieve TLS context for outgoing Direct TLS connections from mod_tls
So that the same TLS context is used for both Direct TLS and starttls, since they are supposed to be functionally identical apart from the few extra round trips. A new event is added because the 's2s-created' event fires much later, after a connection has already been established, where we need the TLS context before that.
Diffstat (limited to 'plugins/mod_s2s.lua')
-rw-r--r--plugins/mod_s2s.lua18
1 files changed, 11 insertions, 7 deletions
diff --git a/plugins/mod_s2s.lua b/plugins/mod_s2s.lua
index 66b4c56b..579dfe86 100644
--- a/plugins/mod_s2s.lua
+++ b/plugins/mod_s2s.lua
@@ -218,14 +218,18 @@ function route_to_new_session(event)
log("debug", "stanza [%s] queued until connection complete", stanza.name);
-- FIXME Cleaner solution to passing extra data from resolvers to net.server
-- This mt-clone allows resolvers to add extra data, currently used for DANE TLSA records
+ module:context(from_host):fire_event("s2sout-created", { session = host_session });
local xmpp_extra = setmetatable({}, s2s_service_options_mt);
- local sslctx = require"core.certmanager".create_context(from_host, "client"); -- TODO this should live in mod_tls ?
- local xmpps_extra = setmetatable({ default_port = false; servername = to_host; sslctx = sslctx }, s2s_service_options_mt);
- local direct_and_normal = resolver_chain.new({
- service.new(to_host, "xmpps-server", "tcp", xmpps_extra);
- service.new(to_host, "xmpp-server", "tcp", xmpp_extra);
- });
- connect(direct_and_normal, listener, nil, { session = host_session });
+ local resolver = service.new(to_host, "xmpp-server", "tcp", xmpp_extra);
+ if host_session.ssl_ctx then
+ local sslctx = host_session.ssl_ctx;
+ local xmpps_extra = setmetatable({ default_port = false; servername = to_host; sslctx = sslctx }, s2s_service_options_mt);
+ resolver = resolver_chain.new({
+ service.new(to_host, "xmpps-server", "tcp", xmpps_extra);
+ resolver;
+ });
+ end
+ connect(resolver, listener, nil, { session = host_session });
m_initiated_connections:with_labels(from_host):add(1)
return true;
end