net: isolate LuaSec-specifics For this, various accessor functions are now provided directly on the sockets, which reach down into the LuaSec implementation to obtain the information. While this may seem of little gain at first, it hides the implementation detail of the LuaSec+LuaSocket combination that the actual socket and the TLS layer are separate objects. The net gain here is that an alternative implementation does not have to emulate that specific implementation detail and "only" has to expose LuaSec-compatible data structures on the new functions.

author: Jonas Schäfer <jonas@wielicki.name>
date: Wed, 27 Apr 2022 17:44:14 +0200
parent: 12476:d8a6e03a7161
child: 12493:e9ea5c88def0
--- a/plugins/mod_s2s.lua	Mon Apr 25 16:35:10 2022 +0100
+++ b/plugins/mod_s2s.lua	Wed Apr 27 17:44:14 2022 +0200
@@ -383,10 +383,10 @@
 --- Helper to check that a session peer's certificate is valid
 local function check_cert_status(session)
 	local host = session.direction == "outgoing" and session.to_host or session.from_host
-	local conn = session.conn:socket()
+	local conn = session.conn
 	local cert
-	if conn.getpeercertificate then
-		cert = conn:getpeercertificate()
+	if conn.ssl_peercertificate then
+		cert = conn:ssl_peercertificate()
 	end
 
 	return module:fire_event("s2s-check-certificate", { host = host, session = session, cert = cert });
@@ -398,8 +398,7 @@
 	session.secure = true;
 	session.encrypted = true;
 
-	local sock = session.conn:socket();
-	local info = sock.info and sock:info();
+	local info = session.conn:ssl_info();
 	if type(info) == "table" then
 		(session.log or log)("info", "Stream encrypted (%s with %s)", info.protocol, info.cipher);
 		session.compressed = info.compression;
author	Jonas Schäfer <jonas@wielicki.name>
date	Wed, 27 Apr 2022 17:44:14 +0200
parent	12476:d8a6e03a7161
child	12493:e9ea5c88def0