mod_s2s: Retrieve TLS context for outgoing Direct TLS connections from mod_tls So that the same TLS context is used for both Direct TLS and starttls, since they are supposed to be functionally identical apart from the few extra round trips. A new event is added because the 's2s-created' event fires much later, after a connection has already been established, where we need the TLS context before that.

author: Kim Alvefur <zash@zash.se>
date: Fri, 21 Jan 2022 18:42:38 +0100
parent: 11766:6ad335cd43f9
child: 12211:5c2ae28f536e
--- a/plugins/mod_tls.lua	Fri Jan 21 17:59:19 2022 +0100
+++ b/plugins/mod_tls.lua	Fri Jan 21 18:42:38 2022 +0100
@@ -79,7 +79,7 @@
 module:hook_global("config-reloaded", module.load);
 
 local function can_do_tls(session)
-	if not session.conn.starttls then
+	if session.conn and not session.conn.starttls then
 		if not session.secure then
 			session.log("debug", "Underlying connection does not support STARTTLS");
 		end
@@ -116,6 +116,11 @@
 	return session.ssl_ctx;
 end
 
+module:hook("s2sout-created", function (event)
+	-- Initialize TLS context for outgoing connections
+	can_do_tls(event.session);
+end);
+
 -- Hook <starttls/>
 module:hook("stanza/urn:ietf:params:xml:ns:xmpp-tls:starttls", function(event)
 	local origin = event.origin;