mod_s2s: Retrieve TLS context for outgoing Direct TLS connections from mod_tls

So that the same TLS context is used for both Direct TLS and starttls,
since they are supposed to be functionally identical apart from the few
extra round trips.

A new event is added because the 's2s-created' event fires much later,
after a connection has already been established, where we need the TLS
context before that.

1 files changed, 6 insertions, 1 deletions

diff --git a/plugins/mod_tls.lua b/plugins/mod_tls.lua
index a97f7027..f62032b6 100644
--- a/plugins/mod_tls.lua
+++ b/plugins/mod_tls.lua
@@ -79,7 +79,7 @@ end
 module:hook_global("config-reloaded", module.load);
 
 local function can_do_tls(session)
-	if not session.conn.starttls then
+	if session.conn and not session.conn.starttls then
 		if not session.secure then
 			session.log("debug", "Underlying connection does not support STARTTLS");
 		end
@@ -116,6 +116,11 @@ local function can_do_tls(session)
 	return session.ssl_ctx;
 end
 
+module:hook("s2sout-created", function (event)
+	-- Initialize TLS context for outgoing connections
+	can_do_tls(event.session);
+end);
+
 -- Hook <starttls/>
 module:hook("stanza/urn:ietf:params:xml:ns:xmpp-tls:starttls", function(event)
 	local origin = event.origin;