From a32c615bc8170ff7a5a5cb48db751ef7f3803afa Mon Sep 17 00:00:00 2001
From: Matthew Wild <mwild1@gmail.com>
Date: Sun, 10 Mar 2013 17:49:07 +0000
Subject: mod_s2s: Fire s2s-check-certificate event after validating a
 certificate, to allow plugins to override standard procedure

---
 plugins/mod_s2s/mod_s2s.lua | 1 +
 1 file changed, 1 insertion(+)

(limited to 'plugins/mod_s2s/mod_s2s.lua')

diff --git a/plugins/mod_s2s/mod_s2s.lua b/plugins/mod_s2s/mod_s2s.lua
index 1b0ae982..cabe8ea2 100644
--- a/plugins/mod_s2s/mod_s2s.lua
+++ b/plugins/mod_s2s/mod_s2s.lua
@@ -168,6 +168,7 @@ local function check_cert_status(session)
 			end
 		end
 	end
+	module:fire_event("s2s-check-certificate", { host = host, session = session, cert = cert });
 end
 
 --- XMPP stream event handlers
-- 
cgit v1.2.3


From 404b1966b175f26175a10c4a91194d7797f46fab Mon Sep 17 00:00:00 2001
From: Kim Alvefur <zash@zash.se>
Date: Mon, 11 Mar 2013 21:39:15 +0100
Subject: mod_s2s: Make sure host variable is reachable

---
 plugins/mod_s2s/mod_s2s.lua | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'plugins/mod_s2s/mod_s2s.lua')

diff --git a/plugins/mod_s2s/mod_s2s.lua b/plugins/mod_s2s/mod_s2s.lua
index cabe8ea2..74014457 100644
--- a/plugins/mod_s2s/mod_s2s.lua
+++ b/plugins/mod_s2s/mod_s2s.lua
@@ -136,6 +136,7 @@ end
 
 --- Helper to check that a session peer's certificate is valid
 local function check_cert_status(session)
+	local host = session.direction == "incoming" and session.from_host or session.to_host
 	local conn = session.conn:socket()
 	local cert
 	if conn.getpeercertificate then
@@ -155,8 +156,6 @@ local function check_cert_status(session)
 			(session.log or log)("debug", "certificate chain validation result: valid");
 			session.cert_chain_status = "valid";
 
-			local host = session.direction == "incoming" and session.from_host or session.to_host
-
 			-- We'll go ahead and verify the asserted identity if the
 			-- connecting server specified one.
 			if host then
-- 
cgit v1.2.3


From 740e6e69a25e4aaa6fb7049e371dfebe7dd83998 Mon Sep 17 00:00:00 2001
From: Matthew Wild <mwild1@gmail.com>
Date: Tue, 12 Mar 2013 12:30:08 +0000
Subject: mod_s2s: Do not include xmlns:db declaration in stream header if
 mod_dialback is not loaded

---
 plugins/mod_s2s/mod_s2s.lua | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'plugins/mod_s2s/mod_s2s.lua')

diff --git a/plugins/mod_s2s/mod_s2s.lua b/plugins/mod_s2s/mod_s2s.lua
index 74014457..6d4900fa 100644
--- a/plugins/mod_s2s/mod_s2s.lua
+++ b/plugins/mod_s2s/mod_s2s.lua
@@ -249,7 +249,8 @@ function stream_callbacks.streamopened(session, attr)
 		if session.secure and not session.cert_chain_status then check_cert_status(session); end
 
 		send("<?xml version='1.0'?>");
-		send(st.stanza("stream:stream", { xmlns='jabber:server', ["xmlns:db"]='jabber:server:dialback',
+		send(st.stanza("stream:stream", { xmlns='jabber:server',
+				["xmlns:db"]= hosts[to].modules.dialback and 'jabber:server:dialback' or nil,
 				["xmlns:stream"]='http://etherx.jabber.org/streams', id=session.streamid, from=to, to=from, version=(session.version > 0 and "1.0" or nil) }):top_tag());
 		if session.version >= 1.0 then
 			local features = st.stanza("stream:features");
-- 
cgit v1.2.3