Mercurial > prosody-modules

view mod_s2s_auth_compat/mod_s2s_auth_compat.lua @ 5472:b80b6947b079

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_http_oauth2: Always show early errors to user Before having validated the client_id, communicating an error back to the client via redirect would make this an open redirect, so we may just as well skip past that logic, and especially the warning log message.
author Kim Alvefur <zash@zash.se>
date Thu, 18 May 2023 13:43:17 +0200
parents 21e81fcb8896
children
line wrap: on
line source

-- COMPAT for Openfire sending stream headers without to or from.

module:set_global();

module:hook("s2s-check-certificate", function(event)
	local session, host = event.session, event.host;
	if not event.host then
		(session.log or module._log)("warn", "Invalid stream header, certificate will not be trusted")
		session.cert_chain_status = "invalid"
		return true
	end
end, 100);