view mod_dwd/mod_dwd.lua @ 4709:679f1834dbdb default tip

mod_delegation: update to XEP-0355 v0.5 - namespace bump to "urn:xmpp:delegation:2" - disco remaining infos now uses the XEP defined "urn:xmpp:delegation:2:bare:disco#info:*" namespace - complemeted disco remaining infos implementation for requests made on nodes not already managed by the server - bare JID disco items now uses the XEP defined "urn:xmpp:delegation:2:bare:disco#items:*'" namespace
author Goffi <>
date Fri, 15 Oct 2021 15:10:36 +0200
parents 4e235e565693
line wrap: on
line source

local hosts = _G.hosts;
local st = require "util.stanza";
local nameprep = require "util.encodings".stringprep.nameprep;
local cert_verify_identity = require "util.x509".verify_identity;

module:hook("stanza/jabber:server:dialback:result", function(event)
	local origin, stanza = event.origin, event.stanza;

	if origin.cert_chain_status == "valid" and origin.type == "s2sin_unauthed" or origin.type == "s2sin" then
		local attr = stanza.attr;
		local to, from = nameprep(, nameprep(attr.from);

		local conn = origin.conn:socket()
		local cert;
		if conn.getpeercertificate then
			cert = conn:getpeercertificate()

		if cert and hosts[to] and cert_verify_identity(from, "xmpp-server", cert) then

			-- COMPAT: ejabberd, gmail and perhaps others do not always set 'to' and 'from'
			-- on streams. We fill in the session's to/from here instead.
			if not origin.from_host then
				origin.from_host = from;
			if not origin.to_host then
				origin.to_host = to;

			module:log("info", "Accepting Dialback without Dialback for %s", from);
			module:fire_event("s2s-authenticated", { session = origin, host = from });
				st.stanza("db:result", { from =, to = attr.from, id =, type = "valid" }));

			return true;
end, 100);