view mod_tlsfail/mod_tlsfail.lua @ 5241:65892dd1d4ae

mod_http_oauth2: Reject insecure redirect URIs Is this enough, or are they going to be using ftp:// and gopher://?
author Kim Alvefur <zash@zash.se>
date Sat, 11 Mar 2023 22:25:50 +0100
parents 7009e16192fa
children
line wrap: on
line source

local st = require "util.stanza";

local xmlns_starttls = 'urn:ietf:params:xml:ns:xmpp-tls';
local starttls_attr = { xmlns = xmlns_starttls };
local s2s_feature = st.stanza("starttls", starttls_attr);
local starttls_failure = st.stanza("failure", starttls_attr);

module:hook("stream-features", function(event)
	local features = event.features;
	features:add_child(s2s_feature);
end);

module:hook("s2s-stream-features", function(event)
	local features = event.features;
	features:add_child(s2s_feature);
end);

-- Hook <starttls/>
module:hook("stanza/urn:ietf:params:xml:ns:xmpp-tls:starttls", function(event)
	local origin = event.origin;
	(origin.sends2s or origin.send)(starttls_failure);
	origin:close();
	return true;
end);