Mercurial > prosody-hg
comparison plugins/mod_dialback.lua @ 8455:1d0862814bfc
mod_dialback: Copy function from mod_s2s instead of depending on it, which made it harder to disable s2s (fixes #1050)
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Tue, 05 Dec 2017 12:21:51 +0100 |
| parents | 74798480b52e |
| children | 20c5ace92b19 e1d274001855 |
comparison
equal
deleted
inserted
replaced
| 8453:6b3e7fddd723 | 8455:1d0862814bfc |
|---|---|
| 12 | 12 |
| 13 local st = require "util.stanza"; | 13 local st = require "util.stanza"; |
| 14 local sha256_hash = require "util.hashes".sha256; | 14 local sha256_hash = require "util.hashes".sha256; |
| 15 local sha256_hmac = require "util.hashes".hmac_sha256; | 15 local sha256_hmac = require "util.hashes".hmac_sha256; |
| 16 local nameprep = require "util.encodings".stringprep.nameprep; | 16 local nameprep = require "util.encodings".stringprep.nameprep; |
| 17 local check_cert_status = module:depends"s2s".check_cert_status; | |
| 18 local uuid_gen = require"util.uuid".generate; | 17 local uuid_gen = require"util.uuid".generate; |
| 19 | 18 |
| 20 local xmlns_stream = "http://etherx.jabber.org/streams"; | 19 local xmlns_stream = "http://etherx.jabber.org/streams"; |
| 21 | 20 |
| 22 local dialback_requests = setmetatable({}, { __mode = 'v' }); | 21 local dialback_requests = setmetatable({}, { __mode = 'v' }); |
| 23 | 22 |
| 24 local dialback_secret = sha256_hash(module:get_option_string("dialback_secret", uuid_gen()), true); | 23 local dialback_secret = sha256_hash(module:get_option_string("dialback_secret", uuid_gen()), true); |
| 25 local dwd = module:get_option_boolean("dialback_without_dialback", false); | 24 local dwd = module:get_option_boolean("dialback_without_dialback", false); |
| 25 | |
| 26 --- Helper to check that a session peer's certificate is valid | |
| 27 function check_cert_status(session) | |
| 28 local host = session.direction == "outgoing" and session.to_host or session.from_host | |
| 29 local conn = session.conn:socket() | |
| 30 local cert | |
| 31 if conn.getpeercertificate then | |
| 32 cert = conn:getpeercertificate() | |
| 33 end | |
| 34 | |
| 35 return module:fire_event("s2s-check-certificate", { host = host, session = session, cert = cert }); | |
| 36 end | |
| 37 | |
| 26 | 38 |
| 27 function module.save() | 39 function module.save() |
| 28 return { dialback_secret = dialback_secret }; | 40 return { dialback_secret = dialback_secret }; |
| 29 end | 41 end |
| 30 | 42 |
