annotate mod_s2s_auth_compat/mod_s2s_auth_compat.lua @ 5357:eda3b078ba2c

mod_http_oauth2: Validate (unused at this point) localized URIs Client registration may include keys of the form "some_uri#lang-code" pointing to alternate language versions of the various URIs. We don't use this yet but the same validation should apply.
author Kim Alvefur <zash@zash.se>
date Sat, 22 Apr 2023 14:02:56 +0200
parents 21e81fcb8896
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
944
21e81fcb8896 mod_s2s_auth_compat: Workaround for Openfire doing EXTERNAL without proper stream headers
Kim Alvefur <zash@zash.se>
parents:
diff changeset
1 -- COMPAT for Openfire sending stream headers without to or from.
21e81fcb8896 mod_s2s_auth_compat: Workaround for Openfire doing EXTERNAL without proper stream headers
Kim Alvefur <zash@zash.se>
parents:
diff changeset
2
21e81fcb8896 mod_s2s_auth_compat: Workaround for Openfire doing EXTERNAL without proper stream headers
Kim Alvefur <zash@zash.se>
parents:
diff changeset
3 module:set_global();
21e81fcb8896 mod_s2s_auth_compat: Workaround for Openfire doing EXTERNAL without proper stream headers
Kim Alvefur <zash@zash.se>
parents:
diff changeset
4
21e81fcb8896 mod_s2s_auth_compat: Workaround for Openfire doing EXTERNAL without proper stream headers
Kim Alvefur <zash@zash.se>
parents:
diff changeset
5 module:hook("s2s-check-certificate", function(event)
21e81fcb8896 mod_s2s_auth_compat: Workaround for Openfire doing EXTERNAL without proper stream headers
Kim Alvefur <zash@zash.se>
parents:
diff changeset
6 local session, host = event.session, event.host;
21e81fcb8896 mod_s2s_auth_compat: Workaround for Openfire doing EXTERNAL without proper stream headers
Kim Alvefur <zash@zash.se>
parents:
diff changeset
7 if not event.host then
21e81fcb8896 mod_s2s_auth_compat: Workaround for Openfire doing EXTERNAL without proper stream headers
Kim Alvefur <zash@zash.se>
parents:
diff changeset
8 (session.log or module._log)("warn", "Invalid stream header, certificate will not be trusted")
21e81fcb8896 mod_s2s_auth_compat: Workaround for Openfire doing EXTERNAL without proper stream headers
Kim Alvefur <zash@zash.se>
parents:
diff changeset
9 session.cert_chain_status = "invalid"
21e81fcb8896 mod_s2s_auth_compat: Workaround for Openfire doing EXTERNAL without proper stream headers
Kim Alvefur <zash@zash.se>
parents:
diff changeset
10 return true
21e81fcb8896 mod_s2s_auth_compat: Workaround for Openfire doing EXTERNAL without proper stream headers
Kim Alvefur <zash@zash.se>
parents:
diff changeset
11 end
21e81fcb8896 mod_s2s_auth_compat: Workaround for Openfire doing EXTERNAL without proper stream headers
Kim Alvefur <zash@zash.se>
parents:
diff changeset
12 end, 100);