From a32c615bc8170ff7a5a5cb48db751ef7f3803afa Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Sun, 10 Mar 2013 17:49:07 +0000 Subject: mod_s2s: Fire s2s-check-certificate event after validating a certificate, to allow plugins to override standard procedure --- plugins/mod_s2s/mod_s2s.lua | 1 + 1 file changed, 1 insertion(+) (limited to 'plugins') diff --git a/plugins/mod_s2s/mod_s2s.lua b/plugins/mod_s2s/mod_s2s.lua index 1b0ae982..cabe8ea2 100644 --- a/plugins/mod_s2s/mod_s2s.lua +++ b/plugins/mod_s2s/mod_s2s.lua @@ -168,6 +168,7 @@ local function check_cert_status(session) end end end + module:fire_event("s2s-check-certificate", { host = host, session = session, cert = cert }); end --- XMPP stream event handlers -- cgit v1.2.3 From 404b1966b175f26175a10c4a91194d7797f46fab Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Mon, 11 Mar 2013 21:39:15 +0100 Subject: mod_s2s: Make sure host variable is reachable --- plugins/mod_s2s/mod_s2s.lua | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'plugins') diff --git a/plugins/mod_s2s/mod_s2s.lua b/plugins/mod_s2s/mod_s2s.lua index cabe8ea2..74014457 100644 --- a/plugins/mod_s2s/mod_s2s.lua +++ b/plugins/mod_s2s/mod_s2s.lua @@ -136,6 +136,7 @@ end --- Helper to check that a session peer's certificate is valid local function check_cert_status(session) + local host = session.direction == "incoming" and session.from_host or session.to_host local conn = session.conn:socket() local cert if conn.getpeercertificate then @@ -155,8 +156,6 @@ local function check_cert_status(session) (session.log or log)("debug", "certificate chain validation result: valid"); session.cert_chain_status = "valid"; - local host = session.direction == "incoming" and session.from_host or session.to_host - -- We'll go ahead and verify the asserted identity if the -- connecting server specified one. if host then -- cgit v1.2.3 From 740e6e69a25e4aaa6fb7049e371dfebe7dd83998 Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Tue, 12 Mar 2013 12:30:08 +0000 Subject: mod_s2s: Do not include xmlns:db declaration in stream header if mod_dialback is not loaded --- plugins/mod_s2s/mod_s2s.lua | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'plugins') diff --git a/plugins/mod_s2s/mod_s2s.lua b/plugins/mod_s2s/mod_s2s.lua index 74014457..6d4900fa 100644 --- a/plugins/mod_s2s/mod_s2s.lua +++ b/plugins/mod_s2s/mod_s2s.lua @@ -249,7 +249,8 @@ function stream_callbacks.streamopened(session, attr) if session.secure and not session.cert_chain_status then check_cert_status(session); end send(""); - send(st.stanza("stream:stream", { xmlns='jabber:server', ["xmlns:db"]='jabber:server:dialback', + send(st.stanza("stream:stream", { xmlns='jabber:server', + ["xmlns:db"]= hosts[to].modules.dialback and 'jabber:server:dialback' or nil, ["xmlns:stream"]='http://etherx.jabber.org/streams', id=session.streamid, from=to, to=from, version=(session.version > 0 and "1.0" or nil) }):top_tag()); if session.version >= 1.0 then local features = st.stanza("stream:features"); -- cgit v1.2.3