diff options
author | Matthew Wild <mwild1@gmail.com> | 2013-04-05 10:05:18 +0100 |
---|---|---|
committer | Matthew Wild <mwild1@gmail.com> | 2013-04-05 10:05:18 +0100 |
commit | fc2ce67b3159f5d5b35b8109f5c2c11fc8b37c99 (patch) | |
tree | 60c4be5a40bd2c13dcfb8435083d1b23619523a4 /plugins/mod_s2s | |
parent | 1213909d149d2ae2d697d6694ee1a30ef41c47f4 (diff) | |
parent | c84e9926d2d60a8587c1e57daa37baad489585b5 (diff) | |
download | prosody-fc2ce67b3159f5d5b35b8109f5c2c11fc8b37c99.tar.gz prosody-fc2ce67b3159f5d5b35b8109f5c2c11fc8b37c99.zip |
Merge 0.9->trunk
Diffstat (limited to 'plugins/mod_s2s')
-rw-r--r-- | plugins/mod_s2s/mod_s2s.lua | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/plugins/mod_s2s/mod_s2s.lua b/plugins/mod_s2s/mod_s2s.lua index 639f464b..1547345d 100644 --- a/plugins/mod_s2s/mod_s2s.lua +++ b/plugins/mod_s2s/mod_s2s.lua @@ -15,6 +15,7 @@ local core_process_stanza = prosody.core_process_stanza; local tostring, type = tostring, type; local t_insert = table.insert; local xpcall, traceback = xpcall, debug.traceback; +local NULL = {}; local add_task = require "util.timer".add_task; local st = require "util.stanza"; @@ -226,11 +227,19 @@ local function check_cert_status(session) end if cert then - local chain_valid, errors = conn:getpeerverification() + local chain_valid, errors; + if conn.getpeerverification then + chain_valid, errors = conn:getpeerverification(); + elseif conn.getpeerchainvalid then -- COMPAT mw/luasec-hg + chain_valid, errors = conn:getpeerchainvalid(); + errors = (not chain_valid) and { { errors } } or nil; + else + chain_valid, errors = false, { { "Chain verification not supported by this version of LuaSec" } }; + end -- Is there any interest in printing out all/the number of errors here? if not chain_valid then (session.log or log)("debug", "certificate chain validation result: invalid"); - for depth, t in ipairs(errors) do + for depth, t in ipairs(errors or NULL) do (session.log or log)("debug", "certificate error(s) at depth %d: %s", depth-1, table.concat(t, ", ")) end session.cert_chain_status = "invalid"; |