Comparison

plugins/mod_s2s/mod_s2s.lua @ 5344:d45316798b71

mod_s2s: Make sure host variable is reachable
author Kim Alvefur <zash@zash.se>
date Mon, 11 Mar 2013 21:39:15 +0100
parent 5343:e76c22199efa
child 5345:9b85976c873f
comparison
equal deleted inserted replaced
5343:e76c22199efa 5344:d45316798b71
134 module:hook("route/remote", route_to_new_session, 100); 134 module:hook("route/remote", route_to_new_session, 100);
135 end 135 end
136 136
137 --- Helper to check that a session peer's certificate is valid 137 --- Helper to check that a session peer's certificate is valid
138 local function check_cert_status(session) 138 local function check_cert_status(session)
139 local host = session.direction == "incoming" and session.from_host or session.to_host
139 local conn = session.conn:socket() 140 local conn = session.conn:socket()
140 local cert 141 local cert
141 if conn.getpeercertificate then 142 if conn.getpeercertificate then
142 cert = conn:getpeercertificate() 143 cert = conn:getpeercertificate()
143 end 144 end
152 end 153 end
153 session.cert_chain_status = "invalid"; 154 session.cert_chain_status = "invalid";
154 else 155 else
155 (session.log or log)("debug", "certificate chain validation result: valid"); 156 (session.log or log)("debug", "certificate chain validation result: valid");
156 session.cert_chain_status = "valid"; 157 session.cert_chain_status = "valid";
157
158 local host = session.direction == "incoming" and session.from_host or session.to_host
159 158
160 -- We'll go ahead and verify the asserted identity if the 159 -- We'll go ahead and verify the asserted identity if the
161 -- connecting server specified one. 160 -- connecting server specified one.
162 if host then 161 if host then
163 if cert_verify_identity(host, "xmpp-server", cert) then 162 if cert_verify_identity(host, "xmpp-server", cert) then