--- Helper to check that a session peer's certificate is valid
local function check_cert_status(session)
+ local host = session.direction == "incoming" and session.from_host or session.to_host
local conn = session.conn:socket()
local cert
if conn.getpeercertificate then
(session.log or log)("debug", "certificate chain validation result: valid");
session.cert_chain_status = "valid";
- local host = session.direction == "incoming" and session.from_host or session.to_host
-
-- We'll go ahead and verify the asserted identity if the
-- connecting server specified one.
if host then
end
end
end
+ module:fire_event("s2s-check-certificate", { host = host, session = session, cert = cert });
end
--- XMPP stream event handlers
-- If server is pre-1.0, don't wait for features, just do dialback
if session.version < 1.0 then
if not session.dialback_verifying then
- hosts[session.from_host].events.fire_event("s2s-authenticate-legacy", { origin = session });
+ hosts[session.from_host].events.fire_event("s2sout-authenticate-legacy", { origin = session });
else
s2s_mark_connected(session);
end