From c2ce30433a9dd12436f532be4dd3b0548c2bbae3 Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Wed, 12 May 2021 17:22:02 +0200 Subject: mod_dialback: Remove d-w-d feature Backs out 1d0862814bfc and 2fdd71b08126 Largely unused, undocumented and did not have enough tests to provide confidence in its correct operation. --- plugins/mod_dialback.lua | 22 ---------------------- plugins/mod_s2s/mod_s2s.lua | 2 +- 2 files changed, 1 insertion(+), 23 deletions(-) (limited to 'plugins') diff --git a/plugins/mod_dialback.lua b/plugins/mod_dialback.lua index c81484a9..4e9f9458 100644 --- a/plugins/mod_dialback.lua +++ b/plugins/mod_dialback.lua @@ -22,19 +22,6 @@ local xmlns_stream = "http://etherx.jabber.org/streams"; local dialback_requests = setmetatable({}, { __mode = 'v' }); local dialback_secret = sha256_hash(module:get_option_string("dialback_secret", uuid_gen()), true); -local dwd = module:get_option_boolean("dialback_without_dialback", false); - ---- Helper to check that a session peer's certificate is valid -function check_cert_status(session, host) - local conn = session.conn:socket() - local cert - if conn.getpeercertificate then - cert = conn:getpeercertificate() - end - - return module:fire_event("s2s-check-certificate", { host = host, session = session, cert = cert }); -end - function module.save() return { dialback_secret = dialback_secret }; @@ -104,15 +91,6 @@ module:hook("stanza/jabber:server:dialback:result", function(event) origin:close("improper-addressing"); end - if dwd and origin.secure then - if check_cert_status(origin, from) == false then - return - elseif origin.cert_chain_status == "valid" and origin.cert_identity_status == "valid" then - origin.sends2s(st.stanza("db:result", { to = from, from = to, id = attr.id, type = "valid" })); - module:fire_event("s2s-authenticated", { session = origin, host = from }); - return true; - end - end origin.hosts[from] = { dialback_key = stanza[1] }; diff --git a/plugins/mod_s2s/mod_s2s.lua b/plugins/mod_s2s/mod_s2s.lua index b2376b97..c3de28db 100644 --- a/plugins/mod_s2s/mod_s2s.lua +++ b/plugins/mod_s2s/mod_s2s.lua @@ -276,7 +276,7 @@ function make_authenticated(event) end --- Helper to check that a session peer's certificate is valid -function check_cert_status(session) +local function check_cert_status(session) local host = session.direction == "outgoing" and session.to_host or session.from_host local conn = session.conn:socket() local cert -- cgit v1.2.3