changeset 1394:50f986deb3f7

mod_s2s_auth_dane: Launch DANE queries when sending or receiving stream-features instead of monkeypatching s2sout.lib
author Kim Alvefur <zash@zash.se>
date Sun, 27 Apr 2014 01:24:03 +0200
parents 4baaa5a66a5a
children 33f132c3f4b7
files mod_s2s_auth_dane/mod_s2s_auth_dane.lua
diffstat 1 files changed, 10 insertions(+), 19 deletions(-) [+]
line wrap: on
line diff
--- a/mod_s2s_auth_dane/mod_s2s_auth_dane.lua	Fri Apr 25 17:11:33 2014 +0200
+++ b/mod_s2s_auth_dane/mod_s2s_auth_dane.lua	Sun Apr 27 01:24:03 2014 +0200
@@ -33,8 +33,6 @@
 	return
 end
 
-local s2sout = module:depends"s2s".route_to_new_session.s2sout;
-
 local pat = "%-%-%-%-%-BEGIN ([A-Z ]+)%-%-%-%-%-\r?\n"..
 "([0-9A-Za-z=+/\r\n]*)\r?\n%-%-%-%-%-END %1%-%-%-%-%-";
 local function pem2der(pem)
@@ -99,19 +97,10 @@
 	end
 end
 
-local _try_connect = s2sout.try_connect;
-function s2sout.try_connect(host_session, connect_host, connect_port, err)
-	if not err and dane_lookup(host_session, _try_connect, host_session, connect_host, connect_port, err) then
-		return true;
-	end
-	return _try_connect(host_session, connect_host, connect_port, err);
-end
-
 function module.add_host(module)
-	module:hook("s2s-stream-features", function(event)
-		-- dane_lookup(origin, origin.from_host);
+	local function on_new_s2s(event)
 		local host_session = event.origin;
-		if host_session.type == "s2sin" then return end -- Already authenticated
+		if host_session.type == "s2sout" or host_session.type == "s2sin" or host_session.dane ~= nil then return end -- Already authenticated
 		host_session.log("debug", "Pausing connection until DANE lookup is completed");
 		host_session.conn:pause()
 		local function resume()
@@ -121,7 +110,14 @@
 		if not dane_lookup(host_session, resume) then
 			resume();
 		end
-	end, 10);
+	end
+
+	-- New outgoing connections
+	module:hook("stanza/http://etherx.jabber.org/streams:features", on_new_s2s, 501);
+	module:hook("s2sout-authenticate-legacy", on_new_s2s, 200);
+
+	-- New incoming connections
+	module:hook("s2s-stream-features", on_new_s2s, 10);
 
 	module:hook("s2s-authenticated", function(event)
 		local session = event.session;
@@ -221,8 +217,3 @@
 	end
 end);
 
-function module.unload()
-	-- Restore the original try_connect function
-	s2sout.try_connect = _try_connect;
-end
-