Software `/` code `/` prosody-modules

Comparison

mod_s2s_auth_dane/mod_s2s_auth_dane.lua @ 4490:cf2bdb2aaa57

mod_s2s_auth_dane: Disable now redundant validation done in trunk Outgoing connections can now be validated natively in trunk since a38f9e09ca31 so we only need to check incoming connections.

author	Kim Alvefur <zash@zash.se>
date	Wed, 03 Mar 2021 11:43:38 +0100
parent	2869:77498ea07795
child	4491:35381608d323

comparison

equal deleted inserted replaced

-:725768d83830
+:cf2bdb2aaa57
 			module:add_timer(0, _resume, host_session);
 		end
 	end
 end
+local new_dane = module:get_option_boolean("use_dane", false);
 function module.add_host(module)
 	local function on_new_s2s(event)
 		local host_session = event.origin;
 		if host_session.type == "s2sout" or host_session.type == "s2sin" then
 			return; -- Already authenticated
 		end
 		dane_lookup(host_session, resume);
 		-- Let it run in parallel until we need to check the cert
 	end
-	-- New outgoing connections
+	if not new_dane then
-	module:hook("stanza/http://etherx.jabber.org/streams:features", on_new_s2s, 501);
+		-- New outgoing connections
-	module:hook("s2sout-authenticate-legacy", on_new_s2s, 200);
+		module:hook("stanza/http://etherx.jabber.org/streams:features", on_new_s2s, 501);
+		module:hook("s2sout-authenticate-legacy", on_new_s2s, 200);
+	end
 	-- New incoming connections
 	module:hook("s2s-stream-features", on_new_s2s, 10);
 	module:hook("s2s-authenticated", function(event)

prosody-modules

cf2bdb2aaa57

mod_s2s_auth_dane/mod_s2s_auth_dane.lua

Software / code / prosody-modules

Comparison

mod_s2s_auth_dane/mod_s2s_auth_dane.lua @ 4490:cf2bdb2aaa57

Software `/` code `/` prosody-modules