prosody
3bbb1af92514
plugins/mod_s2s.lua
Software / code / prosody
Comparison
plugins/mod_s2s.lua @ 11560:3bbb1af92514
Merge 0.11->trunk
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Thu, 13 May 2021 11:17:13 +0100 |
| parent | 11558:plugins/mod_s2s/mod_s2s.lua@d0e9ffccdef9 |
| parent | 11526:plugins/mod_s2s/mod_s2s.lua@15a3db955ad3 |
| child | 11608:b2610460d9ab |
comparison
equal
deleted
inserted
replaced
| 11538:30feeb4d9d0b | 11560:3bbb1af92514 |
|---|---|
| 37 local opt_keepalives = module:get_option_boolean("s2s_tcp_keepalives", module:get_option_boolean("tcp_keepalives", true)); | 37 local opt_keepalives = module:get_option_boolean("s2s_tcp_keepalives", module:get_option_boolean("tcp_keepalives", true)); |
| 38 local secure_auth = module:get_option_boolean("s2s_secure_auth", false); -- One day... | 38 local secure_auth = module:get_option_boolean("s2s_secure_auth", false); -- One day... |
| 39 local secure_domains, insecure_domains = | 39 local secure_domains, insecure_domains = |
| 40 module:get_option_set("s2s_secure_domains", {})._items, module:get_option_set("s2s_insecure_domains", {})._items; | 40 module:get_option_set("s2s_secure_domains", {})._items, module:get_option_set("s2s_insecure_domains", {})._items; |
| 41 local require_encryption = module:get_option_boolean("s2s_require_encryption", false); | 41 local require_encryption = module:get_option_boolean("s2s_require_encryption", false); |
| 42 local stanza_size_limit = module:get_option_number("s2s_stanza_size_limit"); -- TODO come up with a sensible default (util.xmppstream defaults to 10M) | 42 local stanza_size_limit = module:get_option_number("s2s_stanza_size_limit", 1024*512); |
| 43 | 43 |
| 44 local measure_connections_inbound = module:metric( | 44 local measure_connections_inbound = module:metric( |
| 45 "gauge", "connections_inbound", "", | 45 "gauge", "connections_inbound", "", |
| 46 "Established incoming s2s connections", | 46 "Established incoming s2s connections", |
| 47 {"host", "type", "ip_family"} | 47 {"host", "type", "ip_family"} |
| 341 | 341 |
| 342 return true; | 342 return true; |
| 343 end | 343 end |
| 344 | 344 |
| 345 --- Helper to check that a session peer's certificate is valid | 345 --- Helper to check that a session peer's certificate is valid |
| 346 function check_cert_status(session) | 346 local function check_cert_status(session) |
| 347 local host = session.direction == "outgoing" and session.to_host or session.from_host | 347 local host = session.direction == "outgoing" and session.to_host or session.from_host |
| 348 local conn = session.conn:socket() | 348 local conn = session.conn:socket() |
| 349 local cert | 349 local cert |
| 350 if conn.getpeercertificate then | 350 if conn.getpeercertificate then |
| 351 cert = conn:getpeercertificate() | 351 cert = conn:getpeercertificate() |
