mirrors/prosody
1
0
Fork 0
mirror of https://github.com/bjc/prosody.git synced 2025-04-04 21:57:45 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

mod_tls: Only accept <proceed> on outgoing s2s connections

Browse source
This commit is contained in:
Kim Alvefur 2017-01-23 10:45:20 +01:00
parent 8bcfc38374
commit a7a8fa91e3
1 changed files with 7 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

12
plugins/mod_tls.lua
View file

@ -124,9 +124,11 @@ module:hook_stanza("http://etherx.jabber.org/streams", "features", function (ses
end, 500);
module:hook_stanza(xmlns_starttls, "proceed", function (session, stanza) -- luacheck: ignore 212/stanza
module:log("debug", "Proceeding with TLS on s2sout...");
session:reset_stream();
session.conn:starttls(session.ssl_ctx);
session.secure = false;
return true;
if session.type == "s2sout_unauthed" then
module:log("debug", "Proceeding with TLS on s2sout...");
session:reset_stream();
session.conn:starttls(session.ssl_ctx);
session.secure = false;
return true;
end
end);