mod_s2s_auth_compat: Workaround for Openfire doing EXTERNAL without proper stream headers
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/mod_s2s_auth_compat/mod_s2s_auth_compat.lua Mon Apr 01 16:08:21 2013 +0200
@@ -0,0 +1,12 @@
+-- COMPAT for Openfire sending stream headers without to or from.
+
+module:set_global();
+
+module:hook("s2s-check-certificate", function(event)
+ local session, host = event.session, event.host;
+ if not event.host then
+ (session.log or module._log)("warn", "Invalid stream header, certificate will not be trusted")
+ session.cert_chain_status = "invalid"
+ return true
+ end
+end, 100);