Mercurial Mercurial > prosody > prosody / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
plugins/mod_s2s.lua
changeset 11564 3bbb1af92514
parent 11562 d0e9ffccdef9
parent 11530 15a3db955ad3
child 11612 b2610460d9ab
equal deleted inserted replaced
11542:30feeb4d9d0b 11564:3bbb1af92514 
    37 local opt_keepalives = module:get_option_boolean("s2s_tcp_keepalives", module:get_option_boolean("tcp_keepalives", true));
 
    37 local opt_keepalives = module:get_option_boolean("s2s_tcp_keepalives", module:get_option_boolean("tcp_keepalives", true));
 
    38 local secure_auth = module:get_option_boolean("s2s_secure_auth", false); -- One day...
 
    38 local secure_auth = module:get_option_boolean("s2s_secure_auth", false); -- One day...
 
    39 local secure_domains, insecure_domains =
 
    39 local secure_domains, insecure_domains =
 
    40 	module:get_option_set("s2s_secure_domains", {})._items, module:get_option_set("s2s_insecure_domains", {})._items;
 
    40 	module:get_option_set("s2s_secure_domains", {})._items, module:get_option_set("s2s_insecure_domains", {})._items;
 
    41 local require_encryption = module:get_option_boolean("s2s_require_encryption", false);
 
    41 local require_encryption = module:get_option_boolean("s2s_require_encryption", false);
 
    42 local stanza_size_limit = module:get_option_number("s2s_stanza_size_limit"); -- TODO come up with a sensible default (util.xmppstream defaults to 10M)
 
    42 local stanza_size_limit = module:get_option_number("s2s_stanza_size_limit", 1024*512);
 
    43 
    43 
    44 local measure_connections_inbound = module:metric(
 
    44 local measure_connections_inbound = module:metric(
 
    45 	"gauge", "connections_inbound", "",
 
    45 	"gauge", "connections_inbound", "",
 
    46 	"Established incoming s2s connections",
 
    46 	"Established incoming s2s connections",
 
    47 	{"host", "type", "ip_family"}
 
    47 	{"host", "type", "ip_family"}
 
   341 
   341 
   342 	return true;
 
   342 	return true;
 
   343 end
 
   343 end
 
   344 
   344 
   345 --- Helper to check that a session peer's certificate is valid
 
   345 --- Helper to check that a session peer's certificate is valid
 
   346 function check_cert_status(session)
 
   346 local function check_cert_status(session)
 
   347 	local host = session.direction == "outgoing" and session.to_host or session.from_host
 
   347 	local host = session.direction == "outgoing" and session.to_host or session.from_host
 
   348 	local conn = session.conn:socket()
 
   348 	local conn = session.conn:socket()
 
   349 	local cert
 
   349 	local cert
 
   350 	if conn.getpeercertificate then
 
   350 	if conn.getpeercertificate then
 
   351 		cert = conn:getpeercertificate()
 
   351 		cert = conn:getpeercertificate()
prosody