Software / code / prosody
Changeset
6847:c314e9142e9d
Merge 0.10->trunk
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Thu, 24 Sep 2015 20:15:19 +0200 |
| parents | 6843:161cccfdf015 (current diff) 6846:7eb166fa1f26 (diff) |
| children | 6861:39789f1669cb |
| files | plugins/mod_s2s/mod_s2s.lua |
| diffstat | 3 files changed, 50 insertions(+), 3 deletions(-) [+] |
line wrap: on
line diff
--- a/plugins/mod_c2s.lua Tue Sep 22 01:31:52 2015 +0200 +++ b/plugins/mod_c2s.lua Thu Sep 24 20:15:19 2015 +0200 @@ -83,7 +83,12 @@ local features = st.stanza("stream:features"); hosts[session.host].events.fire_event("stream-features", { origin = session, features = features }); - send(features); + if features.tags[1] or session.full_jid then + send(features); + else + (session.log or log)("warn", "No features to offer"); + session:close{ condition = "undefined-condition", text = "No features to proceed with" }; + end end function stream_callbacks.streamclosed(session)
--- a/plugins/mod_s2s/mod_s2s.lua Tue Sep 22 01:31:52 2015 +0200 +++ b/plugins/mod_s2s/mod_s2s.lua Thu Sep 24 20:15:19 2015 +0200 @@ -354,8 +354,13 @@ (session.log or log)("warn", "No 'to' on stream header from %s means we can't offer any features", from or session.ip or "unknown host"); end - log("debug", "Sending stream features: %s", tostring(features)); - session.sends2s(features); + if ( session.type == "s2sin" or session.type == "s2sout" ) or features.tags[1] then + log("debug", "Sending stream features: %s", tostring(features)); + session.sends2s(features); + else + (session.log or log)("warn", "No features to offer, giving up"); + session:close({ condition = "undefined-condition", text = "No features to offer" }); + end end elseif session.direction == "outgoing" then session.notopen = nil;
--- a/prosodyctl Tue Sep 22 01:31:52 2015 +0200 +++ b/prosodyctl Thu Sep 24 20:15:19 2015 +0200 @@ -913,6 +913,43 @@ print(" For more information see: http://prosody.im/doc/dns"); end end + local all_options = set.new(); + for host in enabled_hosts() do + all_options:include(set.new(it.to_array(it.keys(config[host])))); + end + local ssl = nil, dependencies.softreq"ssl"; + if not ssl then + if not set.intersection(all_options, set.new({"require_encryption", "c2s_require_encryption", "s2s_require_encryption"})):empty() then + print(""); + print(" You require encryption but LuaSec is not available."); + print(" Connections will fail."); + ok = false; + end + elseif not ssl.loadcertificate then + if all_options:contains("s2s_secure_auth") then + print(""); + print(" You have set s2s_secure_auth but your version of LuaSec does "); + print(" not support certificate validation, so all s2s connections will"); + print(" fail."); + ok = false; + elseif all_options:contains("s2s_secure_domains") then + local secure_domains = set.new(); + for host in enabled_hosts() do + if config[host].s2s_secure_auth == true then + secure_domains:add("*"); + else + secure_domains:include(set.new(config[host].s2s_secure_domains)); + end + end + if not secure_domains:empty() then + print(""); + print(" You have set s2s_secure_domains but your version of LuaSec does "); + print(" not support certificate validation, so s2s connections to/from "); + print(" these domains will fail."); + ok = false; + end + end + end print("Done.\n"); end
