prosody
65e252940337
plugins/mod_s2s.lua
Software / code / prosody
Comparison
plugins/mod_s2s.lua @ 12207:65e252940337
mod_s2s: Retrieve TLS context for outgoing Direct TLS connections from mod_tls
So that the same TLS context is used for both Direct TLS and starttls,
since they are supposed to be functionally identical apart from the few
extra round trips.
A new event is added because the 's2s-created' event fires much later,
after a connection has already been established, where we need the TLS
context before that.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Fri, 21 Jan 2022 18:42:38 +0100 |
| parent | 12206:77ac0d96ac24 |
| child | 12280:74f8739b967a |
comparison
equal
deleted
inserted
replaced
| 12206:77ac0d96ac24 | 12207:65e252940337 |
|---|---|
| 216 host_session.bounce_sendq = bounce_sendq; | 216 host_session.bounce_sendq = bounce_sendq; |
| 217 host_session.sendq = { {tostring(stanza), stanza.attr.type ~= "error" and stanza.attr.type ~= "result" and st.reply(stanza)} }; | 217 host_session.sendq = { {tostring(stanza), stanza.attr.type ~= "error" and stanza.attr.type ~= "result" and st.reply(stanza)} }; |
| 218 log("debug", "stanza [%s] queued until connection complete", stanza.name); | 218 log("debug", "stanza [%s] queued until connection complete", stanza.name); |
| 219 -- FIXME Cleaner solution to passing extra data from resolvers to net.server | 219 -- FIXME Cleaner solution to passing extra data from resolvers to net.server |
| 220 -- This mt-clone allows resolvers to add extra data, currently used for DANE TLSA records | 220 -- This mt-clone allows resolvers to add extra data, currently used for DANE TLSA records |
| 221 module:context(from_host):fire_event("s2sout-created", { session = host_session }); | |
| 221 local xmpp_extra = setmetatable({}, s2s_service_options_mt); | 222 local xmpp_extra = setmetatable({}, s2s_service_options_mt); |
| 222 local sslctx = require"core.certmanager".create_context(from_host, "client"); -- TODO this should live in mod_tls ? | 223 local resolver = service.new(to_host, "xmpp-server", "tcp", xmpp_extra); |
| 223 local xmpps_extra = setmetatable({ default_port = false; servername = to_host; sslctx = sslctx }, s2s_service_options_mt); | 224 if host_session.ssl_ctx then |
| 224 local direct_and_normal = resolver_chain.new({ | 225 local sslctx = host_session.ssl_ctx; |
| 225 service.new(to_host, "xmpps-server", "tcp", xmpps_extra); | 226 local xmpps_extra = setmetatable({ default_port = false; servername = to_host; sslctx = sslctx }, s2s_service_options_mt); |
| 226 service.new(to_host, "xmpp-server", "tcp", xmpp_extra); | 227 resolver = resolver_chain.new({ |
| 227 }); | 228 service.new(to_host, "xmpps-server", "tcp", xmpps_extra); |
| 228 connect(direct_and_normal, listener, nil, { session = host_session }); | 229 resolver; |
| 230 }); | |
| 231 end | |
| 232 connect(resolver, listener, nil, { session = host_session }); | |
| 229 m_initiated_connections:with_labels(from_host):add(1) | 233 m_initiated_connections:with_labels(from_host):add(1) |
| 230 return true; | 234 return true; |
| 231 end | 235 end |
| 232 | 236 |
| 233 local function keepalive(event) | 237 local function keepalive(event) |
