# HG changeset patch
# User Kim Alvefur <zash@zash.se>
# Date 1364825301 -7200
# Node ID 21e81fcb88968ba3a87e046c80862dde25b755bf
# Parent  a8203db13ca25992f29037362ec7e29d2369d1fd
mod_s2s_auth_compat: Workaround for Openfire doing EXTERNAL without proper stream headers

diff -r a8203db13ca2 -r 21e81fcb8896 mod_s2s_auth_compat/mod_s2s_auth_compat.lua
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/mod_s2s_auth_compat/mod_s2s_auth_compat.lua	Mon Apr 01 16:08:21 2013 +0200
@@ -0,0 +1,12 @@
+-- COMPAT for Openfire sending stream headers without to or from.
+
+module:set_global();
+
+module:hook("s2s-check-certificate", function(event)
+	local session, host = event.session, event.host;
+	if not event.host then
+		(session.log or module._log)("warn", "Invalid stream header, certificate will not be trusted")
+		session.cert_chain_status = "invalid"
+		return true
+	end
+end, 100);