prosody
bb85be686a01
plugins/mod_s2s_bidi.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

Annotate

plugins/mod_s2s_bidi.lua @ 12473:bb85be686a01

mod_s2s: Distinguish DANE TLSA errors from generic cert chain errors Otherwise it would just report "is not trusted" unless you inspect the logs. This message is sent to to the remote server, and will hopefully show up in their logs, allowing the admin to fix their DANE setup.
author Kim Alvefur <zash@zash.se>
date Mon, 25 Apr 2022 14:41:54 +0200
parent 12330:38b5b05407be
child 12809:71bd009a9789
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
10250
1006739de449 mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff changeset
1 -- Prosody IM
1006739de449 mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff changeset
2 -- Copyright (C) 2019 Kim Alvefur
1006739de449 mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff changeset
3 --
1006739de449 mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff changeset
4 -- This project is MIT/X11 licensed. Please see the
1006739de449 mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff changeset
5 -- COPYING file in the source package for more information.
1006739de449 mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff changeset
6 --
1006739de449 mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff changeset
7
1006739de449 mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff changeset
8 local st = require "util.stanza";
1006739de449 mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff changeset
9
1006739de449 mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff changeset
10 local xmlns_bidi_feature = "urn:xmpp:features:bidi"
1006739de449 mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff changeset
11 local xmlns_bidi = "urn:xmpp:bidi";
1006739de449 mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff changeset
12
12330
38b5b05407be various: Require encryption by default for real
Kim Alvefur <zash@zash.se>
parents: 10458
diff changeset
13 local require_encryption = module:get_option_boolean("s2s_require_encryption", true);
10458
602dd1e2f399 mod_s2s_bidi: Ignore unencrypted connections if s2s_require_encryption is set
Kim Alvefur <zash@zash.se>
parents: 10250
diff changeset
14
10250
1006739de449 mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff changeset
15 module:hook("s2s-stream-features", function(event)
1006739de449 mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff changeset
16 local origin, features = event.origin, event.features;
10458
602dd1e2f399 mod_s2s_bidi: Ignore unencrypted connections if s2s_require_encryption is set
Kim Alvefur <zash@zash.se>
parents: 10250
diff changeset
17 if origin.type == "s2sin_unauthed" and (not require_encryption or origin.secure) then
10250
1006739de449 mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff changeset
18 features:tag("bidi", { xmlns = xmlns_bidi_feature }):up();
1006739de449 mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff changeset
19 end
1006739de449 mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff changeset
20 end);
1006739de449 mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff changeset
21
1006739de449 mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff changeset
22 module:hook_tag("http://etherx.jabber.org/streams", "features", function (session, stanza)
10458
602dd1e2f399 mod_s2s_bidi: Ignore unencrypted connections if s2s_require_encryption is set
Kim Alvefur <zash@zash.se>
parents: 10250
diff changeset
23 if session.type == "s2sout_unauthed" and (not require_encryption or session.secure) then
10250
1006739de449 mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff changeset
24 local bidi = stanza:get_child("bidi", xmlns_bidi_feature);
1006739de449 mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff changeset
25 if bidi then
1006739de449 mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff changeset
26 session.incoming = true;
1006739de449 mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff changeset
27 session.log("debug", "Requesting bidirectional stream");
1006739de449 mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff changeset
28 session.sends2s(st.stanza("bidi", { xmlns = xmlns_bidi }));
1006739de449 mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff changeset
29 end
1006739de449 mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff changeset
30 end
1006739de449 mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff changeset
31 end, 200);
1006739de449 mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff changeset
32
1006739de449 mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff changeset
33 module:hook_tag("urn:xmpp:bidi", "bidi", function(session)
10458
602dd1e2f399 mod_s2s_bidi: Ignore unencrypted connections if s2s_require_encryption is set
Kim Alvefur <zash@zash.se>
parents: 10250
diff changeset
34 if session.type == "s2sin_unauthed" and (not require_encryption or session.secure) then
10250
1006739de449 mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff changeset
35 session.log("debug", "Requested bidirectional stream");
1006739de449 mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff changeset
36 session.outgoing = true;
1006739de449 mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff changeset
37 return true;
1006739de449 mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff changeset
38 end
1006739de449 mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff changeset
39 end);
1006739de449 mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff changeset
40