Comparison

plugins/mod_dialback.lua @ 6303:d289582d3518

mod_dialback.lua: Only check certificates on secure connections
author Kim Alvefur <zash@zash.se>
date Fri, 04 Jul 2014 23:04:56 +0200
parent 6301:2fdd71b08126
child 6306:c6d9e21cd5f2
comparison
equal deleted inserted replaced
6302:76699a0ae4c4 6303:d289582d3518
80 -- he wants to be identified through dialback 80 -- he wants to be identified through dialback
81 -- We need to check the key with the Authoritative server 81 -- We need to check the key with the Authoritative server
82 local attr = stanza.attr; 82 local attr = stanza.attr;
83 local to, from = nameprep(attr.to), nameprep(attr.from); 83 local to, from = nameprep(attr.to), nameprep(attr.from);
84 84
85 if check_cert_status(origin, from) == false then 85 if origin.secure then
86 return 86 if check_cert_status(origin, from) == false then
87 elseif origin.cert_chain_status == "valid" and origin.cert_identity_status == "valid" then 87 return
88 origin.sends2s(st.stanza("db:result", { to = from, from = to, id = attr.id, type = "valid" })); 88 elseif origin.cert_chain_status == "valid" and origin.cert_identity_status == "valid" then
89 module:fire_event("s2s-authenticated", { session = origin, host = from }); 89 origin.sends2s(st.stanza("db:result", { to = from, from = to, id = attr.id, type = "valid" }));
90 return true; 90 module:fire_event("s2s-authenticated", { session = origin, host = from });
91 return true;
92 end
91 end 93 end
92 94
93 if not hosts[to] then 95 if not hosts[to] then
94 -- Not a host that we serve 96 -- Not a host that we serve
95 origin.log("warn", "%s tried to connect to %s, which we don't serve", from, to); 97 origin.log("warn", "%s tried to connect to %s, which we don't serve", from, to);