From 4cc85dc0566faf031f8848d6ba19e658d9402eb7 Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Wed, 7 Sep 2022 11:29:00 +0100 Subject: mod_c2s: Add session.ssl_cfg/ssl_ctx for direct TLS connections --- plugins/mod_c2s.lua | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/plugins/mod_c2s.lua b/plugins/mod_c2s.lua index b80485f5..d6c8a7b8 100644 --- a/plugins/mod_c2s.lua +++ b/plugins/mod_c2s.lua @@ -11,9 +11,11 @@ module:set_global(); local add_task = require "prosody.util.timer".add_task; local new_xmpp_stream = require "prosody.util.xmppstream".new; local nameprep = require "prosody.util.encodings".stringprep.nameprep; +local certmanager = require "prosody.core.certmanager"; local sessionmanager = require "prosody.core.sessionmanager"; local statsmanager = require "prosody.core.statsmanager"; local st = require "prosody.util.stanza"; +local pm_get_tls_config_at = require "core.portmanager".get_tls_config_at; local sm_new_session, sm_destroy_session = sessionmanager.new_session, sessionmanager.destroy_session; local uuid_generate = require "prosody.util.uuid".generate; local async = require "prosody.util.async"; @@ -308,6 +310,12 @@ function listener.onconnect(conn) session.secure = true; session.encrypted = true; + local server = conn:server(); + local tls_config = pm_get_tls_config_at(server:ip(), server:serverport()); + local autocert = certmanager.find_host_cert(session.conn:socket():getsniname()); + session.ssl_cfg = autocert or tls_config; + session.ssl_ctx = conn:sslctx(); + -- Check if TLS compression is used local info = conn:ssl_info(); if type(info) == "table" then -- cgit v1.2.3