prosody
c0a72c97e6cf
net/server_epoll.lua
Software / code / prosody
Comparison
net/server_epoll.lua @ 10329:c0a72c97e6cf
net.server_epoll: Fix to get remote IP on direct TLS connections
A Direct TLS connection (eg HTTPS) gets turned into a LuaSec handle
before the :updatenames call done in the :connect method. LuaSec does
not expose the :getpeername and :getsockname methods, so the addresses
remain obscured, making debugging trickier since the actual IP addrerss
connected to does not show up.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sat, 12 Oct 2019 20:07:50 +0200 |
| parent | 10328:5c2b31c823b9 |
| child | 10330:d86b1304451a |
comparison
equal
deleted
inserted
replaced
| 10328:5c2b31c823b9 | 10329:c0a72c97e6cf |
|---|---|
| 519 self:setreadtimeout(false); | 519 self:setreadtimeout(false); |
| 520 if not self._tls then | 520 if not self._tls then |
| 521 self._tls = true; | 521 self._tls = true; |
| 522 self:debug("Starting TLS now"); | 522 self:debug("Starting TLS now"); |
| 523 self:del(); | 523 self:del(); |
| 524 self:updatenames(); -- Can't getpeer/sockname after wrap() | |
| 524 local ok, conn, err = pcall(luasec.wrap, self.conn, self.tls_ctx); | 525 local ok, conn, err = pcall(luasec.wrap, self.conn, self.tls_ctx); |
| 525 if not ok then | 526 if not ok then |
| 526 conn, err = ok, conn; | 527 conn, err = ok, conn; |
| 527 self:debug("Failed to initialize TLS: %s", err); | 528 self:debug("Failed to initialize TLS: %s", err); |
| 528 end | 529 end |
