Ticket #1: patch_1_fix_s2s.2.patch

File patch_1_fix_s2s.2.patch, 2.5 KB (added by Simon, 8 months ago)

Avoid using or requiring local_pemfile for s2s

  • s2s/in.c

     
    139139            xhash_put(s2s->in_accept, pstrdup(xhash_pool(s2s->in_accept),ipport), (void *) in); 
    140140 
    141141#ifdef HAVE_SSL 
    142             sx_server_init(in->s, S2S_DB_HEADER | ((s2s->local_pemfile != NULL) ? SX_SSL_STARTTLS_OFFER : 0) ); 
     142            sx_server_init(in->s, S2S_DB_HEADER | ((s2s->sx_ssl != NULL) ? SX_SSL_STARTTLS_OFFER : 0) ); 
    143143#else 
    144144            sx_server_init(in->s, S2S_DB_HEADER); 
    145145#endif 

  • s2s/out.c

     
    283283 
    284284#ifdef HAVE_SSL 
    285285            /* Send a stream version of 1.0 if we can do STARTTLS */ 
    286             if(out->s2s->sx_ssl != NULL && out->s2s->local_pemfile != NULL) { 
     286            if(out->s2s->sx_ssl != NULL) { 
    287287                sx_client_init(out->s, S2S_DB_HEADER, uri_SERVER, pkt->to->domain, pkt->from->domain, "1.0"); 
    288288            } else { 
    289289                sx_client_init(out->s, S2S_DB_HEADER, uri_SERVER, NULL, NULL, NULL); 
     
    617617 
    618618                /* if no stream version from either side, kick off dialback for each route, */ 
    619619                /* otherwise wait for stream features */ 
    620                 if ((out->s->res_version==NULL) || (out->s2s->sx_ssl == NULL) || (out->s2s->local_pemfile == NULL)) { 
     620                if ((out->s->res_version==NULL) || (out->s2s->sx_ssl == NULL)) { 
    621621                     log_debug(ZONE, "no stream version, sending dialbacks for %s immediately", out->key); 
    622622                     out->online = 1; 
    623623                     send_dialbacks(out); 
     
    643643 
    644644#ifdef HAVE_SSL 
    645645                /* starttls if we can */ 
    646                 if(out->s2s->sx_ssl != NULL && out->s2s->local_pemfile != NULL && s->ssf == 0) { 
     646                if(out->s2s->sx_ssl != NULL && s->ssf == 0) { 
    647647                    ns = nad_find_scoped_namespace(nad, uri_TLS, NULL); 
    648648                    if(ns >= 0) { 
    649649                        elem = nad_find_elem(nad, 0, ns, "starttls", 1); 
    650650                        if(elem >= 0) { 
    651651                            log_debug(ZONE, "got STARTTLS in stream features"); 
    652                             if(sx_ssl_client_starttls(out->s2s->sx_ssl, s, out->s2s->local_pemfile) == 0) { 
     652                            if(sx_ssl_client_starttls(out->s2s->sx_ssl, s, NULL) == 0) { 
    653653                                starttls = 1; 
    654654                                nad_free(nad); 
    655655                                return 0;