Comparison

mod_dwd/mod_dwd.lua @ 928:4584c3303bb4

mod_dwd: Initial commit.
author Kim Alvefur <zash@zash.se>
date Tue, 12 Mar 2013 13:49:36 +0100
child 932:4e235e565693
comparison
equal deleted inserted replaced
927:a9dfa7232d88 928:4584c3303bb4
1 local hosts = _G.hosts;
2 local st = require "util.stanza";
3 local s2s_make_authenticated = require "core.s2smanager".make_authenticated;
4 local nameprep = require "util.encodings".stringprep.nameprep;
5 local cert_verify_identity = require "util.x509".verify_identity;
6
7 module:hook("stanza/jabber:server:dialback:result", function(event)
8 local origin, stanza = event.origin, event.stanza;
9
10 if origin.cert_chain_status == "valid" and origin.type == "s2sin_unauthed" or origin.type == "s2sin" then
11 local attr = stanza.attr;
12 local to, from = nameprep(attr.to), nameprep(attr.from);
13
14 local conn = origin.conn:socket()
15 local cert;
16 if conn.getpeercertificate then
17 cert = conn:getpeercertificate()
18 end
19
20 if cert and hosts[to] and cert_verify_identity(from, "xmpp-server", cert) then
21
22 -- COMPAT: ejabberd, gmail and perhaps others do not always set 'to' and 'from'
23 -- on streams. We fill in the session's to/from here instead.
24 if not origin.from_host then
25 origin.from_host = from;
26 end
27 if not origin.to_host then
28 origin.to_host = to;
29 end
30
31 module:log("info", "Accepting Dialback without Dialback for %s", from);
32 s2s_make_authenticated(origin, from);
33 origin.sends2s(
34 st.stanza("db:result", { from = attr.to, to = attr.from, id = attr.id, type = "valid" }));
35
36 return true;
37 end
38 end
39 end, 100);
40
41