17 module:add_handler("c2s_unauthed", "starttls", xmlns_starttls, |
17 module:add_handler("c2s_unauthed", "starttls", xmlns_starttls, |
18 function (session, stanza) |
18 function (session, stanza) |
19 if session.conn.starttls then |
19 if session.conn.starttls then |
20 session.send(st.stanza("proceed", { xmlns = xmlns_starttls })); |
20 session.send(st.stanza("proceed", { xmlns = xmlns_starttls })); |
21 session:reset_stream(); |
21 session:reset_stream(); |
|
22 if session.host and hosts[session.host].ssl_ctx_in then |
|
23 session.conn.set_sslctx(hosts[session.host].ssl_ctx_in); |
|
24 end |
22 session.conn.starttls(); |
25 session.conn.starttls(); |
23 session.log("info", "TLS negotiation started..."); |
26 session.log("info", "TLS negotiation started..."); |
24 session.secure = false; |
27 session.secure = false; |
25 else |
28 else |
26 -- FIXME: What reply? |
29 -- FIXME: What reply? |
31 module:add_handler("s2sin_unauthed", "starttls", xmlns_starttls, |
34 module:add_handler("s2sin_unauthed", "starttls", xmlns_starttls, |
32 function (session, stanza) |
35 function (session, stanza) |
33 if session.conn.starttls then |
36 if session.conn.starttls then |
34 session.sends2s(st.stanza("proceed", { xmlns = xmlns_starttls })); |
37 session.sends2s(st.stanza("proceed", { xmlns = xmlns_starttls })); |
35 session:reset_stream(); |
38 session:reset_stream(); |
|
39 if session.to_host and hosts[session.to_host].ssl_ctx_in then |
|
40 session.conn.set_sslctx(hosts[session.to_host].ssl_ctx_in); |
|
41 end |
36 session.conn.starttls(); |
42 session.conn.starttls(); |
37 session.log("info", "TLS negotiation started for incoming s2s..."); |
43 session.log("info", "TLS negotiation started for incoming s2s..."); |
38 session.secure = false; |
44 session.secure = false; |
39 else |
45 else |
40 -- FIXME: What reply? |
46 -- FIXME: What reply? |