# HG changeset patch # User Matthew Wild # Date 1273614069 -3600 # Node ID 6adddfdf974b0627741d5c9d36c82159de55f2aa # Parent 1f47ddab3499bad3773ee93f5cd05c2ab8383024 verse.plugins.tls: Support for TLS encryption! (thanks Azelphur for the final push) diff -r 1f47ddab3499 -r 6adddfdf974b plugins/tls.lua --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/plugins/tls.lua Tue May 11 22:41:09 2010 +0100 @@ -0,0 +1,30 @@ +local st = require "util.stanza"; +local xmlns_tls = "urn:ietf:params:xml:ns:xmpp-tls"; + +function verse.plugins.tls(stream) + local function handle_features(features_stanza) + if stream.authenticated then return; end + if features_stanza:get_child("starttls", xmlns_tls) then + stream:debug("Negotiating TLS..."); + stream:send(st.stanza("starttls", { xmlns = xmlns_tls })); + return true; + else + stream:debug("Server doesn't offer TLS :("); + end + end + local function handle_tls(tls_status) + if tls_status.name == "proceed" then + stream:debug("Server says proceed, handshake starting..."); + stream.conn:starttls({mode="client", protocol="sslv23", options="no_sslv2"}, true); + end + end + local function handle_status(new_status) + if new_status == "ssl-handshake-complete" then + stream:debug("Re-opening stream..."); + stream:reopen(); + end + end + stream:hook("stream-features", handle_features, 400); + stream:hook("stream/"..xmlns_tls, handle_tls); + stream:hook("status", handle_status, 400); +end diff -r 1f47ddab3499 -r 6adddfdf974b squishy --- a/squishy Tue May 11 22:40:13 2010 +0100 +++ b/squishy Tue May 11 22:41:09 2010 +0100 @@ -19,6 +19,7 @@ Module "util.sha1" "util/sha1.lua" -- Verse plugins +Module "verse.plugins.tls" "plugins/tls.lua" Module "verse.plugins.sasl" "plugins/sasl.lua" Module "verse.plugins.bind" "plugins/bind.lua" Module "verse.plugins.version" "plugins/version.lua"