# HG changeset patch # User Waqas Hussain # Date 1265925057 -18000 # Node ID 3a77cc94b85c0ad63c9497d2375c3b832e40b793 # Parent dff84fdebac03c241a3d09ba999ab1cde77847c9# Parent cc6164d85024f487352e2665f00ad0461b9d8325 Merge with trunk. diff -r cc6164d85024 -r 3a77cc94b85c plugins/mod_tls.lua --- a/plugins/mod_tls.lua Thu Feb 11 21:32:49 2010 +0000 +++ b/plugins/mod_tls.lua Fri Feb 12 02:50:57 2010 +0500 @@ -16,28 +16,20 @@ local global_ssl_ctx = prosody.global_ssl_ctx; -function starttls_handler(session, stanza) - if session.conn.starttls then - (session.sends2s or session.send)(st.stanza("proceed", { xmlns = xmlns_starttls })); - session:reset_stream(); - local host = session.to_host or session.host; +module:hook("stanza/urn:ietf:params:xml:ns:xmpp-tls:starttls", function(event) + local origin = event.origin; + if origin.conn.starttls then + (origin.sends2s or origin.send)(st.stanza("proceed", { xmlns = xmlns_starttls })); + origin:reset_stream(); + local host = origin.to_host or origin.host; local ssl_ctx = host and hosts[host].ssl_ctx_in or global_ssl_ctx; - session.conn:starttls(ssl_ctx); - session.log("info", "TLS negotiation started for %s...", session.type); - session.secure = false; + origin.conn:starttls(ssl_ctx); + origin.log("info", "TLS negotiation started for %s...", origin.type); + origin.secure = false; else - -- FIXME: What reply? - session.log("warn", "Attempt to start TLS, but TLS is not available on this %s connection", session.type); - end -end - -module:hook("stanza/urn:ietf:params:xml:ns:xmpp-tls:starttls", function(event) - local origin, stanza = event.origin, event.stanza; - if origin.type == "c2s_unauthed" or origin.type == "s2sin_unauthed" then - starttls_handler(origin, stanza); - else - -- FIXME: What reply? origin.log("warn", "Attempt to start TLS, but TLS is not available on this %s connection", origin.type); + (origin.sends2s or origin.send)(st.stanza("failure", { xmlns = xmlns_starttls })); + origin:close(); end return true; end);