prosody
0dc7b5ceaf8f
core/s2smanager.lua
Software / code / prosody
Comparison
core/s2smanager.lua @ 2799:0dc7b5ceaf8f
s2smanager: Make require_s2s_encryption do what it says on the tin
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Sat, 30 Jan 2010 16:42:27 +0000 |
| parent | 2787:1067a454a068 |
| child | 2800:5880c621f082 |
comparison
equal
deleted
inserted
replaced
| 2798:2702ee68727d | 2799:0dc7b5ceaf8f |
|---|---|
| 447 function verify_dialback(id, to, from, key) | 447 function verify_dialback(id, to, from, key) |
| 448 return key == generate_dialback(id, to, from); | 448 return key == generate_dialback(id, to, from); |
| 449 end | 449 end |
| 450 | 450 |
| 451 function make_authenticated(session, host) | 451 function make_authenticated(session, host) |
| 452 if not session.secure then | |
| 453 local local_host = session.direction == "incoming" and session.to_host or session.from_host; | |
| 454 if config.get(local_host, "core", "require_s2s_encryption")) then | |
| 455 session:close({ | |
| 456 condition = "policy-violation", | |
| 457 text = "Encrypted server-to-server communication is required but was not " | |
| 458 ..((session.direction == "outgoing" and "offered") or "used") | |
| 459 }); | |
| 460 end | |
| 461 end | |
| 452 if session.type == "s2sout_unauthed" then | 462 if session.type == "s2sout_unauthed" then |
| 453 session.type = "s2sout"; | 463 session.type = "s2sout"; |
| 454 elseif session.type == "s2sin_unauthed" then | 464 elseif session.type == "s2sin_unauthed" then |
| 455 session.type = "s2sin"; | 465 session.type = "s2sin"; |
| 456 if host then | 466 if host then |
