Mercurial > prosody-modules
view mod_s2s_auth_monkeysphere/mod_s2s_auth_monkeysphere.lua @ 4738:5aee8d86629a
mod_bookmarks2: Fix handling of nick and password elements
This form of child retrieval fails when the stanza elements internally
don't have an 'xmlns' attribute, which can happen sometimes for some
reason, including when they have been constructed via the stanza builder
API. When that is the case then the explicit namespace arguemnt does not
match the nil value of the internal attribute. Calling `:get_child()`
without the namespace argument does the right thing here, with both nil
and the parent namespace as valid values for the internal attribute.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Wed, 03 Nov 2021 21:11:55 +0100 |
parents | 8d1141025b43 |
children |
line wrap: on
line source
module:set_global(); local json = require"util.json"; local json_encode, json_decode = json.encode, json.decode; local gettime = require"socket".gettime; local serialize = require"util.serialization".serialize; local async = require"util.async"; local http_request = require "net.http".request; local msva_url = assert(os.getenv"MONKEYSPHERE_VALIDATION_AGENT_SOCKET", "MONKEYSPHERE_VALIDATION_AGENT_SOCKET is unset, please set it").."/reviewcert"; local function check_with_monkeysphere(event) local session, host, cert = event.session, event.host, event.cert; local post_body = json_encode { peer = { name = host; type = "peer"; }; context = "https"; -- context = "xmpp"; -- Monkeysphere needs to be extended to understand this pkc = { type = "x509pem"; data = cert:pem(); }; } local req = { method = "POST"; headers = { ["Content-Type"] = "application/json"; }; body = post_body; }; session.log("debug", "Asking what Monkeysphere thinks about this certificate"); local starttime = gettime(); local wait, done = async.waiter(); local body, code; http_request(msva_url, req, function (_, _code) body, code = body, _code; done(); end); wait(); module:log("debug", "Request took %fs", gettime() - starttime); if code == 200 and body then body = json_decode(body); if body then session.log(body.valid and "info" or "warn", "Monkeysphere thinks the cert is %salid: %s", body.valid and "V" or "Inv", body.message); if body.valid then session.cert_chain_status = "valid"; session.cert_identity_status = "valid"; return true; end end else module:log("warn", "Request failed: %s, %s", tostring(code), tostring(body)); module:log("debug", serialize(req)); end end module:hook("s2s-check-certificate", check_with_monkeysphere);