local attr = stanza.attr;
local to, from = nameprep(attr.to), nameprep(attr.from);
- if check_cert_status(origin, from) == false then
- return
- elseif origin.cert_chain_status == "valid" and origin.cert_identity_status == "valid" then
- origin.sends2s(st.stanza("db:result", { to = from, from = to, id = attr.id, type = "valid" }));
- module:fire_event("s2s-authenticated", { session = origin, host = from });
- return true;
- end
-
if not hosts[to] then
-- Not a host that we serve
origin.log("warn", "%s tried to connect to %s, which we don't serve", from, to);
origin:close("improper-addressing");
end
+ if dwd and origin.secure then
+ if check_cert_status(origin, from) == false then
+ return
+ elseif origin.cert_chain_status == "valid" and origin.cert_identity_status == "valid" then
+ origin.sends2s(st.stanza("db:result", { to = from, from = to, id = attr.id, type = "valid" }));
+ module:fire_event("s2s-authenticated", { session = origin, host = from });
+ return true;
+ end
+ end
+
origin.hosts[from] = { dialback_key = stanza[1] };
dialback_requests[from.."/"..origin.streamid] = origin;
end
end);
-module:hook_stanza("urn:ietf:params:xml:ns:xmpp-sasl", "failure", function (origin, stanza)
- if origin.external_auth == "failed" then
- module:log("debug", "SASL EXTERNAL failed, falling back to dialback");
- initiate_dialback(origin);
- return true;
- end
-end, 100);
-
module:hook_stanza(xmlns_stream, "features", function (origin, stanza)
if not origin.external_auth or origin.external_auth == "failed" then
module:log("debug", "Initiating dialback...");
projects / prosody.git / blobdiff