--- /tmp/jabberd-2.2.13/s2s/s2s.h 2011-02-23 08:24:34.000000000 -0800
+++ ./jabberd2/s2s/s2s.h 2011-02-24 16:48:53.000000000 -0800
@@ -55,6 +55,9 @@ struct host_st {
/** verify-mode */
int host_verify_mode;
+
+ /** private key password */
+ char *host_private_key_password;
};
struct s2s_st {
@@ -67,6 +70,8 @@ struct s2s_st {
char *router_user;
char *router_pass;
char *router_pemfile;
+ char *router_cachain;
+ char *router_private_key_password;
int router_default;
/** mio context */
@@ -119,6 +124,9 @@ struct s2s_st {
/** pemfile for peer connections */
char *local_pemfile;
+ /** private key password for local pemfile, if encrypted */
+ char *local_private_key_password;
+
/** certificate chain */
char *local_cachain;
@@ -166,6 +174,12 @@ struct s2s_st {
time_t next_check;
time_t next_expiry;
+ /** Apple security options */
+ int require_tls;
+ int enable_whitelist;
+ char **whitelist_domains;
+ int n_whitelist_domains;
+
/** list of sx_t on the way out */
jqueue_t dead;
@@ -341,6 +355,7 @@ extern sig_atomic_t s2s_lost_router;
int s2s_router_mio_callback(mio_t m, mio_action_t a, mio_fd_t fd, void *data, void *arg);
int s2s_router_sx_callback(sx_t s, sx_event_t e, void *data, void *arg);
+int s2s_domain_in_whitelist(s2s_t s2s, char *in_domain);
char *s2s_route_key(pool_t p, char *local, char *remote);
int s2s_route_key_match(char *local, char *remote, char *rkey, int rkeylen);
@@ -364,6 +379,9 @@ int in_mio_callback(mio_t m,
/* sx flag for outgoing dialback streams */
#define S2S_DB_HEADER (1<<10)
+/* max length of FQDN for whitelist matching */
+#define MAX_DOMAIN_LEN 1023
+
int s2s_db_init(sx_env_t env, sx_plugin_t p, va_list args);
/* union for xhash_iter_get to comply with strict-alias rules for gcc3 */