Mercurial > prosody-modules
changeset 4490:cf2bdb2aaa57
mod_s2s_auth_dane: Disable now redundant validation done in trunk
Outgoing connections can now be validated natively in trunk since
a38f9e09ca31 so we only need to check incoming connections.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Wed, 03 Mar 2021 11:43:38 +0100 |
parents | 725768d83830 |
children | 35381608d323 |
files | mod_s2s_auth_dane/mod_s2s_auth_dane.lua |
diffstat | 1 files changed, 7 insertions(+), 3 deletions(-) [+] |
line wrap: on
line diff
--- a/mod_s2s_auth_dane/mod_s2s_auth_dane.lua Tue Mar 02 19:20:41 2021 +0100 +++ b/mod_s2s_auth_dane/mod_s2s_auth_dane.lua Wed Mar 03 11:43:38 2021 +0100 @@ -231,6 +231,8 @@ end end +local new_dane = module:get_option_boolean("use_dane", false); + function module.add_host(module) local function on_new_s2s(event) local host_session = event.origin; @@ -244,9 +246,11 @@ -- Let it run in parallel until we need to check the cert end - -- New outgoing connections - module:hook("stanza/http://etherx.jabber.org/streams:features", on_new_s2s, 501); - module:hook("s2sout-authenticate-legacy", on_new_s2s, 200); + if not new_dane then + -- New outgoing connections + module:hook("stanza/http://etherx.jabber.org/streams:features", on_new_s2s, 501); + module:hook("s2sout-authenticate-legacy", on_new_s2s, 200); + end -- New incoming connections module:hook("s2s-stream-features", on_new_s2s, 10);