ejabberd_s2s_in: Check for subdomain certificate

If an incoming s2s connection to a subdomain such as
conference.example.com is accepted and a separate certificate is
available for that subdomain, offer that certificate instead of the one
for example.com.

Thanks to Mike Kuketz for reporting the bug.

diff --git a/src/ejabberd_s2s_in.erl b/src/ejabberd_s2s_in.erl
index 91fadb696e73b4d142012eaf3156e919a1906b76..32531eb845b837bbee61430dd569f02ebf49f1b6 100644 (file)
--- a/src/ejabberd_s2s_in.erl
+++ b/src/ejabberd_s2s_in.erl
@@ -135,7 +135,7 @@ process_closed(#{server := LServer} = State, Reason) ->
 %%%===================================================================
 %%% xmpp_stream_in callbacks
 %%%===================================================================
-tls_options(#{tls_options := TLSOpts, server_host := LServer}) ->
+tls_options(#{tls_options := TLSOpts, lserver := LServer}) ->
     ejabberd_s2s:tls_options(LServer, TLSOpts).
 
 tls_required(#{server_host := LServer}) ->