Software /
code /
prosody
Comparison
plugins/mod_dialback.lua @ 6303:d289582d3518
mod_dialback.lua: Only check certificates on secure connections
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Fri, 04 Jul 2014 23:04:56 +0200 |
parent | 6301:2fdd71b08126 |
child | 6306:c6d9e21cd5f2 |
comparison
equal
deleted
inserted
replaced
6302:76699a0ae4c4 | 6303:d289582d3518 |
---|---|
80 -- he wants to be identified through dialback | 80 -- he wants to be identified through dialback |
81 -- We need to check the key with the Authoritative server | 81 -- We need to check the key with the Authoritative server |
82 local attr = stanza.attr; | 82 local attr = stanza.attr; |
83 local to, from = nameprep(attr.to), nameprep(attr.from); | 83 local to, from = nameprep(attr.to), nameprep(attr.from); |
84 | 84 |
85 if check_cert_status(origin, from) == false then | 85 if origin.secure then |
86 return | 86 if check_cert_status(origin, from) == false then |
87 elseif origin.cert_chain_status == "valid" and origin.cert_identity_status == "valid" then | 87 return |
88 origin.sends2s(st.stanza("db:result", { to = from, from = to, id = attr.id, type = "valid" })); | 88 elseif origin.cert_chain_status == "valid" and origin.cert_identity_status == "valid" then |
89 module:fire_event("s2s-authenticated", { session = origin, host = from }); | 89 origin.sends2s(st.stanza("db:result", { to = from, from = to, id = attr.id, type = "valid" })); |
90 return true; | 90 module:fire_event("s2s-authenticated", { session = origin, host = from }); |
91 return true; | |
92 end | |
91 end | 93 end |
92 | 94 |
93 if not hosts[to] then | 95 if not hosts[to] then |
94 -- Not a host that we serve | 96 -- Not a host that we serve |
95 origin.log("warn", "%s tried to connect to %s, which we don't serve", from, to); | 97 origin.log("warn", "%s tried to connect to %s, which we don't serve", from, to); |