Mercurial > prosody-modules
view mod_s2s_auth_samecert/mod_s2s_auth_samecert.lua @ 5170:4d6af8950016
mod_muc_moderation: Derive role from reserved nickname if occupant
When using a different client to moderate than the one used to
participate in the chat, e.g. a command line tool like clix, there's no
occupant and no role to use in the permission check. Previously the
default role based on affiliation was used. Now if you are present in
the room using your reserved nick, the role you have there is used in
the permission check instead of the default affiliation-derived role.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sun, 19 Feb 2023 18:17:37 +0100 |
| parents | c9397cd5cfe6 |
| children |
line wrap: on
line source
module:set_global() local hosts = prosody.hosts; module:hook("s2s-check-certificate", function(event) local session, cert = event.session, event.cert; if not cert or session.direction ~= "incoming" then return end local outgoing = hosts[session.to_host].s2sout[session.from_host]; if outgoing and outgoing.type == "s2sout" and outgoing.secure and outgoing.conn:socket():getpeercertificate():pem() == cert:pem() then session.log("debug", "Certificate matches that of s2sout%s", tostring(outgoing):match("[a-f0-9]+$")); session.cert_identity_status = outgoing.cert_identity_status; session.cert_chain_status = outgoing.cert_chain_status; return true; end end, 1000);