Mercurial > prosody-modules

view mod_s2s_never_encrypt_blacklist/mod_s2s_never_encrypt_blacklist.lua @ 417:8fe1b47c9bde

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_s2s_never_encrypt_blacklist: add option to check for the dull s2s session ip (OpenFire bork bork).
author Marco Cirillo <maranda@lightwitch.org>
date Sat, 03 Sep 2011 00:12:28 +0000
parents e4d33cdfed21
children 2b71ba2739e0
line wrap: on
line source

-- Filter out servers which gets choppy and buggy when it comes to starttls.

local bad_servers = module:get_option_set("tls_s2s_blacklist");
local bad_servers_ip = module:get_option_set("tls_s2s_blacklist_ip");

local function disable_tls_for_baddies_in(event)
	if bad_servers:contains(event.origin.to_host) or bad_servers_ip:contains(event.origin.conn:ip())
		then event.origin.conn.starttls = nil; end
end

local function disable_tls_for_baddies_out(event)
	if bad_servers:contains(event.origin.from_host) or bad_servers_ip:contains(event.origin.conn:ip())
		then event.origin.conn.starttls = nil; end
end

module:hook("s2s-stream-features", disable_tls_for_baddies_out, 10)
module:hook("stanza/http://etherx.jabber.org/streams:features", disable_tls_for_baddies_in, 510)