aboutsummaryrefslogtreecommitdiffstats
path: root/plugins/mod_tls.lua
diff options
context:
space:
mode:
authorMatthew Wild <mwild1@gmail.com>2009-10-17 16:25:28 +0100
committerMatthew Wild <mwild1@gmail.com>2009-10-17 16:25:28 +0100
commita3472930c03e481cc93668ac95004d881817c7e1 (patch)
treeaf2f90842fc1eaeb46d0b48c1da6847fcaec6ec3 /plugins/mod_tls.lua
parentd1e347d1599f601b290f029818afa764c47e547f (diff)
downloadprosody-a3472930c03e481cc93668ac95004d881817c7e1.tar.gz
prosody-a3472930c03e481cc93668ac95004d881817c7e1.zip
mod_tls: Offer the host-specific cert (when there is one) to incoming c2s/s2s connections, fixes #30 (thanks, albert, Flo, johnny, and all who nagged me :) )
Diffstat (limited to 'plugins/mod_tls.lua')
-rw-r--r--plugins/mod_tls.lua6
1 files changed, 6 insertions, 0 deletions
diff --git a/plugins/mod_tls.lua b/plugins/mod_tls.lua
index 79a74deb..8a450803 100644
--- a/plugins/mod_tls.lua
+++ b/plugins/mod_tls.lua
@@ -19,6 +19,9 @@ module:add_handler("c2s_unauthed", "starttls", xmlns_starttls,
if session.conn.starttls then
session.send(st.stanza("proceed", { xmlns = xmlns_starttls }));
session:reset_stream();
+ if session.host and hosts[session.host].ssl_ctx_in then
+ session.conn.set_sslctx(hosts[session.host].ssl_ctx_in);
+ end
session.conn.starttls();
session.log("info", "TLS negotiation started...");
session.secure = false;
@@ -33,6 +36,9 @@ module:add_handler("s2sin_unauthed", "starttls", xmlns_starttls,
if session.conn.starttls then
session.sends2s(st.stanza("proceed", { xmlns = xmlns_starttls }));
session:reset_stream();
+ if session.to_host and hosts[session.to_host].ssl_ctx_in then
+ session.conn.set_sslctx(hosts[session.to_host].ssl_ctx_in);
+ end
session.conn.starttls();
session.log("info", "TLS negotiation started for incoming s2s...");
session.secure = false;