changeset 417:8fe1b47c9bde

mod_s2s_never_encrypt_blacklist: add option to check for the dull s2s session ip (OpenFire bork bork).
author Marco Cirillo <maranda@lightwitch.org>
date Sat, 03 Sep 2011 00:12:28 +0000 (2011-09-03)
parents 10ff12fa82e2
children e840b4ce538d
files mod_s2s_never_encrypt_blacklist/mod_s2s_never_encrypt_blacklist.lua
diffstat 1 files changed, 5 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/mod_s2s_never_encrypt_blacklist/mod_s2s_never_encrypt_blacklist.lua	Fri Sep 02 23:36:22 2011 +0000
+++ b/mod_s2s_never_encrypt_blacklist/mod_s2s_never_encrypt_blacklist.lua	Sat Sep 03 00:12:28 2011 +0000
@@ -1,13 +1,16 @@
 -- Filter out servers which gets choppy and buggy when it comes to starttls.
 
 local bad_servers = module:get_option_set("tls_s2s_blacklist");
+local bad_servers_ip = module:get_option_set("tls_s2s_blacklist_ip");
 
 local function disable_tls_for_baddies_in(event)
-	if bad_servers:contains(event.origin.to_host) then event.origin.conn.starttls = nil; end
+	if bad_servers:contains(event.origin.to_host) or bad_servers_ip:contains(event.origin.conn:ip())
+		then event.origin.conn.starttls = nil; end
 end
 
 local function disable_tls_for_baddies_out(event)
-	if bad_servers:contains(event.origin.from_host) then event.origin.conn.starttls = nil; end
+	if bad_servers:contains(event.origin.from_host) or bad_servers_ip:contains(event.origin.conn:ip())
+		then event.origin.conn.starttls = nil; end
 end
 
 module:hook("s2s-stream-features", disable_tls_for_baddies_out, 10)