From 4b75f2857c55522da732ee0c62303c592e591b72 Mon Sep 17 00:00:00 2001
From: Matthew Wild <mwild1@gmail.com>
Date: Sun, 3 Jan 2010 18:55:42 +0000
Subject: s2smanager, hostmanager: Make dialback secrets per-host

---
 core/hostmanager.lua | 11 +++++++----
 core/s2smanager.lua  |  3 +--
 2 files changed, 8 insertions(+), 6 deletions(-)

(limited to 'core')

diff --git a/core/hostmanager.lua b/core/hostmanager.lua
index 713788dd..b3493e67 100644
--- a/core/hostmanager.lua
+++ b/core/hostmanager.lua
@@ -14,6 +14,8 @@ local eventmanager = require "core.eventmanager";
 local modulemanager = require "core.modulemanager";
 local events_new = require "util.events".new;
 
+local uuid_gen = require "util.uuid".generate;
+
 if not _G.prosody.incoming_s2s then
 	require "core.s2smanager";
 end
@@ -47,10 +49,11 @@ eventmanager.add_event_hook("server-starting", load_enabled_hosts);
 
 function activate(host, host_config)
 	hosts[host] = {type = "local", connected = true, sessions = {}, 
-	               host = host, s2sout = {}, events = events_new(), 
-	               disallow_s2s = configmanager.get(host, "core", "disallow_s2s") 
-	                 or (configmanager.get(host, "core", "anonymous_login") 
-	                     and (configmanager.get(host, "core", "disallow_s2s") ~= false))
+			host = host, s2sout = {}, events = events_new(), 
+			disallow_s2s = configmanager.get(host, "core", "disallow_s2s") 
+				or (configmanager.get(host, "core", "anonymous_login") 
+				and (configmanager.get(host, "core", "disallow_s2s") ~= false));
+			dialback_secret = configmanager.get(host, "core", "dialback_secret") or uuid_gen();
 	              };
 	for option_name in pairs(host_config.core) do
 		if option_name:match("_ports$") then
diff --git a/core/s2smanager.lua b/core/s2smanager.lua
index 9eb3bb24..37957acf 100644
--- a/core/s2smanager.lua
+++ b/core/s2smanager.lua
@@ -41,7 +41,6 @@ local config = require "core.configmanager";
 local connect_timeout = config.get("*", "core", "s2s_timeout") or 60;
 local dns_timeout = config.get("*", "core", "dns_timeout") or 60;
 local max_dns_depth = config.get("*", "core", "dns_max_depth") or 3;
-local dialback_secret = config.get("*", "core", "dialback_secret") or uuid_gen();
 
 incoming_s2s = {};
 _G.prosody.incoming_s2s = incoming_s2s;
@@ -431,7 +430,7 @@ function initiate_dialback(session)
 end
 
 function generate_dialback(id, to, from)
-	return sha256_hash(id..to..from..dialback_secret, true);
+	return sha256_hash(id..to..from..hosts[from].dialback_secret, true);
 end
 
 function verify_dialback(id, to, from, key)
-- 
cgit v1.2.3