mirrors/prosody
1
0
Fork 0
mirror of https://github.com/bjc/prosody.git synced 2025-04-03 21:27:38 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

net.server_epoll: Prevent starttls on direct TLS connections

Browse source 
This is not a pretty way to signal this... but it is the current API

interface:inittls() is a new code path which did not go past the point
in interface:starttls() where it set starttls to false, leading mod_tls
to offer starttls on direct TLS connections

Thanks Martin for discovering.
This commit is contained in:
Kim Alvefur 2021-10-05 19:56:36 +02:00
parent 711e09fb50
commit 14c6c3dbf0
1 changed files with 1 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
net/server_epoll.lua
View file

@ -634,6 +634,7 @@ function interface:inittls(tls_ctx, now)
if self._tls then return end
if tls_ctx then self.tls_ctx = tls_ctx; end
self._tls = true;
self.starttls = false;
self:debug("Starting TLS now");
self:updatenames(); -- Can't getpeer/sockname after wrap()
local ok, conn, err = pcall(luasec.wrap, self.conn, self.tls_ctx);