changeset 944:21e81fcb8896

mod_s2s_auth_compat: Workaround for Openfire doing EXTERNAL without proper stream headers
author Kim Alvefur <zash@zash.se>
date Mon, 01 Apr 2013 16:08:21 +0200
parents a8203db13ca2
children dbcbcec37d24
files mod_s2s_auth_compat/mod_s2s_auth_compat.lua
diffstat 1 files changed, 12 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/mod_s2s_auth_compat/mod_s2s_auth_compat.lua	Mon Apr 01 16:08:21 2013 +0200
@@ -0,0 +1,12 @@
+-- COMPAT for Openfire sending stream headers without to or from.
+
+module:set_global();
+
+module:hook("s2s-check-certificate", function(event)
+	local session, host = event.session, event.host;
+	if not event.host then
+		(session.log or module._log)("warn", "Invalid stream header, certificate will not be trusted")
+		session.cert_chain_status = "invalid"
+		return true
+	end
+end, 100);