Mercurial > prosody-hg
comparison plugins/mod_tls.lua @ 1981:ffbc57a4dea8
mod_tls: Offer the host-specific cert (when there is one) to incoming c2s/s2s connections, fixes #30 (thanks, albert, Flo, johnny, and all who nagged me :) )
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Sat, 17 Oct 2009 16:25:28 +0100 |
| parents | 3d4c703d9333 |
| children | 6425bc039430 ded1c649484a 91143b35a755 |
comparison
equal
deleted
inserted
replaced
| 1980:8fceabd84d74 | 1981:ffbc57a4dea8 |
|---|---|
| 17 module:add_handler("c2s_unauthed", "starttls", xmlns_starttls, | 17 module:add_handler("c2s_unauthed", "starttls", xmlns_starttls, |
| 18 function (session, stanza) | 18 function (session, stanza) |
| 19 if session.conn.starttls then | 19 if session.conn.starttls then |
| 20 session.send(st.stanza("proceed", { xmlns = xmlns_starttls })); | 20 session.send(st.stanza("proceed", { xmlns = xmlns_starttls })); |
| 21 session:reset_stream(); | 21 session:reset_stream(); |
| 22 if session.host and hosts[session.host].ssl_ctx_in then | |
| 23 session.conn.set_sslctx(hosts[session.host].ssl_ctx_in); | |
| 24 end | |
| 22 session.conn.starttls(); | 25 session.conn.starttls(); |
| 23 session.log("info", "TLS negotiation started..."); | 26 session.log("info", "TLS negotiation started..."); |
| 24 session.secure = false; | 27 session.secure = false; |
| 25 else | 28 else |
| 26 -- FIXME: What reply? | 29 -- FIXME: What reply? |
| 31 module:add_handler("s2sin_unauthed", "starttls", xmlns_starttls, | 34 module:add_handler("s2sin_unauthed", "starttls", xmlns_starttls, |
| 32 function (session, stanza) | 35 function (session, stanza) |
| 33 if session.conn.starttls then | 36 if session.conn.starttls then |
| 34 session.sends2s(st.stanza("proceed", { xmlns = xmlns_starttls })); | 37 session.sends2s(st.stanza("proceed", { xmlns = xmlns_starttls })); |
| 35 session:reset_stream(); | 38 session:reset_stream(); |
| 39 if session.to_host and hosts[session.to_host].ssl_ctx_in then | |
| 40 session.conn.set_sslctx(hosts[session.to_host].ssl_ctx_in); | |
| 41 end | |
| 36 session.conn.starttls(); | 42 session.conn.starttls(); |
| 37 session.log("info", "TLS negotiation started for incoming s2s..."); | 43 session.log("info", "TLS negotiation started for incoming s2s..."); |
| 38 session.secure = false; | 44 session.secure = false; |
| 39 else | 45 else |
| 40 -- FIXME: What reply? | 46 -- FIXME: What reply? |
