Software /
code /
prosody
Comparison
plugins/mod_s2s/mod_s2s.lua @ 5344:d45316798b71
mod_s2s: Make sure host variable is reachable
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Mon, 11 Mar 2013 21:39:15 +0100 |
parent | 5343:e76c22199efa |
child | 5345:9b85976c873f |
comparison
equal
deleted
inserted
replaced
5343:e76c22199efa | 5344:d45316798b71 |
---|---|
134 module:hook("route/remote", route_to_new_session, 100); | 134 module:hook("route/remote", route_to_new_session, 100); |
135 end | 135 end |
136 | 136 |
137 --- Helper to check that a session peer's certificate is valid | 137 --- Helper to check that a session peer's certificate is valid |
138 local function check_cert_status(session) | 138 local function check_cert_status(session) |
139 local host = session.direction == "incoming" and session.from_host or session.to_host | |
139 local conn = session.conn:socket() | 140 local conn = session.conn:socket() |
140 local cert | 141 local cert |
141 if conn.getpeercertificate then | 142 if conn.getpeercertificate then |
142 cert = conn:getpeercertificate() | 143 cert = conn:getpeercertificate() |
143 end | 144 end |
152 end | 153 end |
153 session.cert_chain_status = "invalid"; | 154 session.cert_chain_status = "invalid"; |
154 else | 155 else |
155 (session.log or log)("debug", "certificate chain validation result: valid"); | 156 (session.log or log)("debug", "certificate chain validation result: valid"); |
156 session.cert_chain_status = "valid"; | 157 session.cert_chain_status = "valid"; |
157 | |
158 local host = session.direction == "incoming" and session.from_host or session.to_host | |
159 | 158 |
160 -- We'll go ahead and verify the asserted identity if the | 159 -- We'll go ahead and verify the asserted identity if the |
161 -- connecting server specified one. | 160 -- connecting server specified one. |
162 if host then | 161 if host then |
163 if cert_verify_identity(host, "xmpp-server", cert) then | 162 if cert_verify_identity(host, "xmpp-server", cert) then |