251 and session.srv_hosts and session.srv_hosts.answer and session.srv_hosts.answer.secure then |
251 and session.srv_hosts and session.srv_hosts.answer and session.srv_hosts.answer.secure then |
252 local srv_hosts, srv_choice, srv_target = session.srv_hosts, session.srv_choice; |
252 local srv_hosts, srv_choice, srv_target = session.srv_hosts, session.srv_choice; |
253 for i = srv_choice or 1, srv_choice or #srv_hosts do |
253 for i = srv_choice or 1, srv_choice or #srv_hosts do |
254 srv_target = session.srv_hosts[i].target:gsub("%.?$",""); |
254 srv_target = session.srv_hosts[i].target:gsub("%.?$",""); |
255 log("debug", "Comparing certificate with Secure SRV target %s", srv_target); |
255 log("debug", "Comparing certificate with Secure SRV target %s", srv_target); |
256 srv_target = nameprep(idna_to_unicode()); |
256 srv_target = nameprep(idna_to_unicode(srv_target)); |
257 if srv_target and cert_verify_identity(srv_target, "xmpp-server", cert) then |
257 if srv_target and cert_verify_identity(srv_target, "xmpp-server", cert) then |
258 log("info", "Certificate for %s matches Secure SRV target %s", host, srv_target); |
258 log("info", "Certificate for %s matches Secure SRV target %s", host, srv_target); |
259 session.cert_identity_status = "valid"; |
259 session.cert_identity_status = "valid"; |
260 return; |
260 return; |
261 end |
261 end |