prosody
d21ea6001bba
plugins/mod_s2s/mod_s2s.lua
Software / code / prosody
Comparison
plugins/mod_s2s/mod_s2s.lua @ 5978:d21ea6001bba
Merge 0.9->0.10
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Sun, 12 Jan 2014 06:19:37 -0500 |
| parent | 5859:e327f2d4e09f |
| parent | 5975:0d219631d47b |
| child | 6063:e626ee2fe106 |
comparison
equal
deleted
inserted
replaced
| 5954:6dc73be95213 | 5978:d21ea6001bba |
|---|---|
| 364 local features = st.stanza("stream:features"); | 364 local features = st.stanza("stream:features"); |
| 365 | 365 |
| 366 if to then | 366 if to then |
| 367 hosts[to].events.fire_event("s2s-stream-features", { origin = session, features = features }); | 367 hosts[to].events.fire_event("s2s-stream-features", { origin = session, features = features }); |
| 368 else | 368 else |
| 369 (session.log or log)("warn", "No 'to' on stream header from %s means we can't offer any features", from or "unknown host"); | 369 (session.log or log)("warn", "No 'to' on stream header from %s means we can't offer any features", from or session.ip or "unknown host"); |
| 370 end | 370 end |
| 371 | 371 |
| 372 log("debug", "Sending stream features: %s", tostring(features)); | 372 log("debug", "Sending stream features: %s", tostring(features)); |
| 373 send(features); | 373 send(features); |
| 374 end | 374 end |
| 465 session:open_stream(session.from_host, session.to_host); | 465 session:open_stream(session.from_host, session.to_host); |
| 466 end | 466 end |
| 467 end | 467 end |
| 468 if reason then -- nil == no err, initiated by us, false == initiated by remote | 468 if reason then -- nil == no err, initiated by us, false == initiated by remote |
| 469 if type(reason) == "string" then -- assume stream error | 469 if type(reason) == "string" then -- assume stream error |
| 470 log("debug", "Disconnecting %s[%s], <stream:error> is: %s", session.host or "(unknown host)", session.type, reason); | 470 log("debug", "Disconnecting %s[%s], <stream:error> is: %s", session.host or session.ip or "(unknown host)", session.type, reason); |
| 471 session.sends2s(st.stanza("stream:error"):tag(reason, {xmlns = 'urn:ietf:params:xml:ns:xmpp-streams' })); | 471 session.sends2s(st.stanza("stream:error"):tag(reason, {xmlns = 'urn:ietf:params:xml:ns:xmpp-streams' })); |
| 472 elseif type(reason) == "table" then | 472 elseif type(reason) == "table" then |
| 473 if reason.condition then | 473 if reason.condition then |
| 474 local stanza = st.stanza("stream:error"):tag(reason.condition, stream_xmlns_attr):up(); | 474 local stanza = st.stanza("stream:error"):tag(reason.condition, stream_xmlns_attr):up(); |
| 475 if reason.text then | 475 if reason.text then |
| 476 stanza:tag("text", stream_xmlns_attr):text(reason.text):up(); | 476 stanza:tag("text", stream_xmlns_attr):text(reason.text):up(); |
| 477 end | 477 end |
| 478 if reason.extra then | 478 if reason.extra then |
| 479 stanza:add_child(reason.extra); | 479 stanza:add_child(reason.extra); |
| 480 end | 480 end |
| 481 log("debug", "Disconnecting %s[%s], <stream:error> is: %s", session.host or "(unknown host)", session.type, tostring(stanza)); | 481 log("debug", "Disconnecting %s[%s], <stream:error> is: %s", session.host or session.ip or "(unknown host)", session.type, tostring(stanza)); |
| 482 session.sends2s(stanza); | 482 session.sends2s(stanza); |
| 483 elseif reason.name then -- a stanza | 483 elseif reason.name then -- a stanza |
| 484 log("debug", "Disconnecting %s->%s[%s], <stream:error> is: %s", session.from_host or "(unknown host)", session.to_host or "(unknown host)", session.type, tostring(reason)); | 484 log("debug", "Disconnecting %s->%s[%s], <stream:error> is: %s", session.from_host or "(unknown host)", session.to_host or "(unknown host)", session.type, tostring(reason)); |
| 485 session.sends2s(reason); | 485 session.sends2s(reason); |
| 486 end | 486 end |
| 658 elseif must_secure and insecure_domains[host] then | 658 elseif must_secure and insecure_domains[host] then |
| 659 must_secure = false; | 659 must_secure = false; |
| 660 end | 660 end |
| 661 | 661 |
| 662 if must_secure and (session.cert_chain_status ~= "valid" or session.cert_identity_status ~= "valid") then | 662 if must_secure and (session.cert_chain_status ~= "valid" or session.cert_identity_status ~= "valid") then |
| 663 module:log("warn", "Forbidding insecure connection to/from %s", host); | 663 module:log("warn", "Forbidding insecure connection to/from %s", host or session.ip or "(unknown host)"); |
| 664 if session.direction == "incoming" then | 664 if session.direction == "incoming" then |
| 665 session:close({ condition = "not-authorized", text = "Your server's certificate is invalid, expired, or not trusted by "..session.to_host }); | 665 session:close({ condition = "not-authorized", text = "Your server's certificate is invalid, expired, or not trusted by "..session.to_host }); |
| 666 else -- Close outgoing connections without warning | 666 else -- Close outgoing connections without warning |
| 667 session:close(false); | 667 session:close(false); |
| 668 end | 668 end |
