Mercurial > prosody-modules

view mod_s2s_auth_samecert/mod_s2s_auth_samecert.lua @ 5491:7842502c1157

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_http_debug: Log some extended info about requests If you point something external at this module, you don't get the response body back, hence it can be useful to see some details in the log as well.
author Kim Alvefur <zash@zash.se>
date Fri, 26 May 2023 15:37:15 +0200
parents c9397cd5cfe6
children
line wrap: on
line source

module:set_global()

local hosts = prosody.hosts;

module:hook("s2s-check-certificate", function(event)
	local session, cert = event.session, event.cert;
	if not cert or session.direction ~= "incoming" then return end

	local outgoing = hosts[session.to_host].s2sout[session.from_host];
	if outgoing and outgoing.type == "s2sout" and outgoing.secure and outgoing.conn:socket():getpeercertificate():pem() == cert:pem() then
		session.log("debug", "Certificate matches that of s2sout%s", tostring(outgoing):match("[a-f0-9]+$"));
		session.cert_identity_status = outgoing.cert_identity_status;
		session.cert_chain_status = outgoing.cert_chain_status;
		return true;
	end
end, 1000);