Mercurial > prosody-hg
comparison plugins/mod_dialback.lua @ 6303:d289582d3518
mod_dialback.lua: Only check certificates on secure connections
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Fri, 04 Jul 2014 23:04:56 +0200 |
| parents | 2fdd71b08126 |
| children | c6d9e21cd5f2 |
comparison
equal
deleted
inserted
replaced
| 6302:76699a0ae4c4 | 6303:d289582d3518 |
|---|---|
| 80 -- he wants to be identified through dialback | 80 -- he wants to be identified through dialback |
| 81 -- We need to check the key with the Authoritative server | 81 -- We need to check the key with the Authoritative server |
| 82 local attr = stanza.attr; | 82 local attr = stanza.attr; |
| 83 local to, from = nameprep(attr.to), nameprep(attr.from); | 83 local to, from = nameprep(attr.to), nameprep(attr.from); |
| 84 | 84 |
| 85 if check_cert_status(origin, from) == false then | 85 if origin.secure then |
| 86 return | 86 if check_cert_status(origin, from) == false then |
| 87 elseif origin.cert_chain_status == "valid" and origin.cert_identity_status == "valid" then | 87 return |
| 88 origin.sends2s(st.stanza("db:result", { to = from, from = to, id = attr.id, type = "valid" })); | 88 elseif origin.cert_chain_status == "valid" and origin.cert_identity_status == "valid" then |
| 89 module:fire_event("s2s-authenticated", { session = origin, host = from }); | 89 origin.sends2s(st.stanza("db:result", { to = from, from = to, id = attr.id, type = "valid" })); |
| 90 return true; | 90 module:fire_event("s2s-authenticated", { session = origin, host = from }); |
| 91 return true; | |
| 92 end | |
| 91 end | 93 end |
| 92 | 94 |
| 93 if not hosts[to] then | 95 if not hosts[to] then |
| 94 -- Not a host that we serve | 96 -- Not a host that we serve |
| 95 origin.log("warn", "%s tried to connect to %s, which we don't serve", from, to); | 97 origin.log("warn", "%s tried to connect to %s, which we don't serve", from, to); |
