So that the same TLS context is used for both Direct TLS and starttls,
since they are supposed to be functionally identical apart from the few
extra round trips.
A new event is added because the 's2s-created' event fires much later,
after a connection has already been established, where we need the TLS
context before that.
Makes it faster by cutting out the roundtrips involved in <starttls/>,
at the cost of making an additional SRV lookup.
Since we already ignore a missing <starttls/> offer and try anyway there
is not much difference in security. The fact that XMPP is used and the
hostnames involved might still be visible until the future Encrypted
ClientHello extension allows hiding those too.
`reason` was often a table, so the log said "table: 0xptr" or such.
mod_c2s, mod_bosh etc logs the stream error stanza object, so better do
the same. It would be nicer if this was an util.error object, but that
will have to be a future change.
Signals that any pending outgoing stanzas that were in the write buffer
have at least been sent off to the Kernel and maybe even sent out over
the network.
See 7a703af90c9c for mod_c2s commit
This way 'extra' is unique for each connect() instance, making it safer
to mutate it, while inheriting the global settings.
See 926d53af9a7a for some more context.
Given an incoming <stream:stream from="example.com"> this line would
have mistakenly reported the 'from' as the local host. Neither are
technically required and may be missing, especially on connections used
only for Dialback.
Outgoing connections initiated by Prosody always have 'from_host' and
'to_host', so it is safer to check it this way.
Increases log level for stream conditions that could indicate a problem
on our end, especially programming errors like invalid XML, or the
remote server saying that our certificate is invalid, since these should
be investigated.
Non-issues like closing of idle streams are lowered to debug since it's
mostly noise.
Other issues left at info are mostly about changes to the remote server,
e.g. complete or partial shutdown.
Fixes "attempt to compare number with nil" because `session.version` has
been cleared by s2smanager.destroy_session.
This can happen with the server_epoll setting opportunistic_writes
enabled, which means that it can notice that the connection failed at
this point, after which it triggers the whole chain of events that leads
to session destruction and "cleaning" most of the session fields.
Both session.incoming and session.outgoing are truthy here, but
session.direction indicates the "real" direction in the way that matters
for the order of events when opening or closing streams.
