prosody
4acc1598f391
plugins/mod_s2s/mod_s2s.lua
Software / code / prosody
Comparison
plugins/mod_s2s/mod_s2s.lua @ 5423:4acc1598f391
mod_s2s: Add COMPAT cahin verification code for older LuaSec versions
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Thu, 04 Apr 2013 19:21:47 +0200 |
| parent | 5408:767ecb0091a6 |
| child | 5454:5f69fddf6fb9 |
comparison
equal
deleted
inserted
replaced
| 5422:396072d62695 | 5423:4acc1598f391 |
|---|---|
| 13 local core_process_stanza = prosody.core_process_stanza; | 13 local core_process_stanza = prosody.core_process_stanza; |
| 14 | 14 |
| 15 local tostring, type = tostring, type; | 15 local tostring, type = tostring, type; |
| 16 local t_insert = table.insert; | 16 local t_insert = table.insert; |
| 17 local xpcall, traceback = xpcall, debug.traceback; | 17 local xpcall, traceback = xpcall, debug.traceback; |
| 18 local NULL = {}; | |
| 18 | 19 |
| 19 local add_task = require "util.timer".add_task; | 20 local add_task = require "util.timer".add_task; |
| 20 local st = require "util.stanza"; | 21 local st = require "util.stanza"; |
| 21 local initialize_filters = require "util.filters".initialize; | 22 local initialize_filters = require "util.filters".initialize; |
| 22 local nameprep = require "util.encodings".stringprep.nameprep; | 23 local nameprep = require "util.encodings".stringprep.nameprep; |
| 224 if conn.getpeercertificate then | 225 if conn.getpeercertificate then |
| 225 cert = conn:getpeercertificate() | 226 cert = conn:getpeercertificate() |
| 226 end | 227 end |
| 227 | 228 |
| 228 if cert then | 229 if cert then |
| 229 local chain_valid, errors = conn:getpeerverification() | 230 local chain_valid, errors; |
| 231 if conn.getpeerverification then | |
| 232 chain_valid, errors = conn:getpeerverification(); | |
| 233 elseif conn.getpeerchainvalid then -- COMPAT mw/luasec-hg | |
| 234 chain_valid, errors = conn:getpeerchainvalid(); | |
| 235 errors = (not chain_valid) and { { errors } } or nil; | |
| 236 else | |
| 237 chain_valid, errors = false, { { "Chain verification not supported by this version of LuaSec" } }; | |
| 238 end | |
| 230 -- Is there any interest in printing out all/the number of errors here? | 239 -- Is there any interest in printing out all/the number of errors here? |
| 231 if not chain_valid then | 240 if not chain_valid then |
| 232 (session.log or log)("debug", "certificate chain validation result: invalid"); | 241 (session.log or log)("debug", "certificate chain validation result: invalid"); |
| 233 for depth, t in ipairs(errors) do | 242 for depth, t in ipairs(errors or NULL) do |
| 234 (session.log or log)("debug", "certificate error(s) at depth %d: %s", depth-1, table.concat(t, ", ")) | 243 (session.log or log)("debug", "certificate error(s) at depth %d: %s", depth-1, table.concat(t, ", ")) |
| 235 end | 244 end |
| 236 session.cert_chain_status = "invalid"; | 245 session.cert_chain_status = "invalid"; |
| 237 else | 246 else |
| 238 (session.log or log)("debug", "certificate chain validation result: valid"); | 247 (session.log or log)("debug", "certificate chain validation result: valid"); |
