# HG changeset patch # User Matthew Wild # Date 1262544942 0 # Node ID 6ccd36a95a812a567011245870cd2eeebacce4a3 # Parent 00d985639a06c757a961ed68c258e22ff81c98bd s2smanager, hostmanager: Make dialback secrets per-host diff -r 00d985639a06 -r 6ccd36a95a81 core/hostmanager.lua --- a/core/hostmanager.lua Sun Jan 03 18:37:03 2010 +0000 +++ b/core/hostmanager.lua Sun Jan 03 18:55:42 2010 +0000 @@ -14,6 +14,8 @@ local modulemanager = require "core.modulemanager"; local events_new = require "util.events".new; +local uuid_gen = require "util.uuid".generate; + if not _G.prosody.incoming_s2s then require "core.s2smanager"; end @@ -47,10 +49,11 @@ function activate(host, host_config) hosts[host] = {type = "local", connected = true, sessions = {}, - host = host, s2sout = {}, events = events_new(), - disallow_s2s = configmanager.get(host, "core", "disallow_s2s") - or (configmanager.get(host, "core", "anonymous_login") - and (configmanager.get(host, "core", "disallow_s2s") ~= false)) + host = host, s2sout = {}, events = events_new(), + disallow_s2s = configmanager.get(host, "core", "disallow_s2s") + or (configmanager.get(host, "core", "anonymous_login") + and (configmanager.get(host, "core", "disallow_s2s") ~= false)); + dialback_secret = configmanager.get(host, "core", "dialback_secret") or uuid_gen(); }; for option_name in pairs(host_config.core) do if option_name:match("_ports$") then diff -r 00d985639a06 -r 6ccd36a95a81 core/s2smanager.lua --- a/core/s2smanager.lua Sun Jan 03 18:37:03 2010 +0000 +++ b/core/s2smanager.lua Sun Jan 03 18:55:42 2010 +0000 @@ -41,7 +41,6 @@ local connect_timeout = config.get("*", "core", "s2s_timeout") or 60; local dns_timeout = config.get("*", "core", "dns_timeout") or 60; local max_dns_depth = config.get("*", "core", "dns_max_depth") or 3; -local dialback_secret = config.get("*", "core", "dialback_secret") or uuid_gen(); incoming_s2s = {}; _G.prosody.incoming_s2s = incoming_s2s; @@ -431,7 +430,7 @@ end function generate_dialback(id, to, from) - return sha256_hash(id..to..from..dialback_secret, true); + return sha256_hash(id..to..from..hosts[from].dialback_secret, true); end function verify_dialback(id, to, from, key)