From dba9b9f1781d051e3522158fb679bcd60cfe91d8 Mon Sep 17 00:00:00 2001
From: Kim Alvefur <zash@zash.se>
Date: Fri, 18 Apr 2014 07:50:44 +0200
Subject: util.xmppstream: Check for callback that may add stream header
 attributes

---
 util/xmppstream.lua | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/util/xmppstream.lua b/util/xmppstream.lua
index 1e65919b..6982aae3 100644
--- a/util/xmppstream.lua
+++ b/util/xmppstream.lua
@@ -252,6 +252,9 @@ function new(session, stream_callbacks, stanza_size_limit)
 			id = session.streamid or "",
 			from = from or session.host, to = to,
 		};
+		if session.stream_attrs then
+			session:stream_attrs(from, to, attr)
+		end
 		send("<?xml version='1.0'?>");
 		send(st.stanza("stream:stream", attr):top_tag());
 		return true;
-- 
cgit v1.2.3


From eabebea1486c9547e72083630d2ae025e2070300 Mon Sep 17 00:00:00 2001
From: Kim Alvefur <zash@zash.se>
Date: Fri, 18 Apr 2014 07:51:41 +0200
Subject: mod_s2s: Replace open_stream() with function that only adds
 s2s/dialback attributes to stream header

---
 plugins/mod_s2s/mod_s2s.lua | 16 ++--------------
 1 file changed, 2 insertions(+), 14 deletions(-)

diff --git a/plugins/mod_s2s/mod_s2s.lua b/plugins/mod_s2s/mod_s2s.lua
index 5531ca3e..73d95970 100644
--- a/plugins/mod_s2s/mod_s2s.lua
+++ b/plugins/mod_s2s/mod_s2s.lua
@@ -510,22 +510,10 @@ local function session_close(session, reason, remote_reason)
 	end
 end
 
-function session_open_stream(session, from, to)
-	local attr = {
-		["xmlns:stream"] = 'http://etherx.jabber.org/streams',
-		xmlns = 'jabber:server',
-		version = session.version and (session.version > 0 and "1.0" or nil),
-		["xml:lang"] = 'en',
-		id = session.streamid,
-		from = from, to = to,
-	}
+function session_stream_attrs(session, from, to, attr)
 	if not from or (hosts[from] and hosts[from].modules.dialback) then
 		attr["xmlns:db"] = 'jabber:server:dialback';
 	end
-
-	session.sends2s("<?xml version='1.0'?>");
-	session.sends2s(st.stanza("stream:stream", attr):top_tag());
-	return true;
 end
 
 -- Session initialization logic shared by incoming and outgoing
@@ -540,7 +528,7 @@ local function initialize_session(session)
 		session.stream:reset();
 	end
 
-	session.open_stream = session_open_stream;
+	session.stream_attrs = session_stream_attrs;
 
 	local filter = session.filter;
 	function session.data(data)
-- 
cgit v1.2.3


From be21fe5f3677f0431919357e330ab39991622606 Mon Sep 17 00:00:00 2001
From: Kim Alvefur <zash@zash.se>
Date: Sat, 19 Apr 2014 21:59:53 +0200
Subject: mod_http: Update to disable peer verification with the new
 certmanager

---
 plugins/mod_http.lua | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/plugins/mod_http.lua b/plugins/mod_http.lua
index d987ef74..49529ea2 100644
--- a/plugins/mod_http.lua
+++ b/plugins/mod_http.lua
@@ -142,7 +142,13 @@ module:provides("net", {
 	listener = server.listener;
 	default_port = 5281;
 	encryption = "ssl";
-	ssl_config = { verify = "none" };
+	ssl_config = {
+		verify = {
+			peer = false,
+			client_once = false,
+			"none",
+		}
+	};
 	multiplex = {
 		pattern = "^[A-Z]";
 	};
-- 
cgit v1.2.3


From 84ab9b78050508f04edaecdf502d111247ab1c75 Mon Sep 17 00:00:00 2001
From: Kim Alvefur <zash@zash.se>
Date: Sun, 20 Apr 2014 21:25:26 +0200
Subject: certmanager: Fix traceback if no global 'ssl' section set (thanks
 albert)

---
 core/certmanager.lua | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/core/certmanager.lua b/core/certmanager.lua
index 8f1e1520..ced17e58 100644
--- a/core/certmanager.lua
+++ b/core/certmanager.lua
@@ -111,7 +111,9 @@ function create_context(host, mode, user_ssl_config)
 	for option in pairs(set_options) do
 		local merged = {};
 		merge_set(core_defaults[option], merged);
-		merge_set(global_ssl_config[option], merged);
+		if global_ssl_config then
+			merge_set(global_ssl_config[option], merged);
+		end
 		merge_set(user_ssl_config[option], merged);
 		local final_array = {};
 		for opt, enable in pairs(merged) do
-- 
cgit v1.2.3