prosody
706053e3f9f5
plugins/mod_s2s/mod_s2s.lua
Software / code / prosody
Comparison
plugins/mod_s2s/mod_s2s.lua @ 5420:706053e3f9f5
Merge 0.9->trunk
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Wed, 03 Apr 2013 13:53:21 +0100 |
| parent | 5408:767ecb0091a6 |
| child | 5423:4acc1598f391 |
comparison
equal
deleted
inserted
replaced
| 5400:dd91b72a3ba0 | 5420:706053e3f9f5 |
|---|---|
| 630 must_secure = false; | 630 must_secure = false; |
| 631 end | 631 end |
| 632 | 632 |
| 633 if must_secure and not session.cert_identity_status then | 633 if must_secure and not session.cert_identity_status then |
| 634 module:log("warn", "Forbidding insecure connection to/from %s", host); | 634 module:log("warn", "Forbidding insecure connection to/from %s", host); |
| 635 session:close(false); | 635 if session.direction == "incoming" then |
| 636 session:close({ condition = "not-authorized", text = "Your server's certificate is invalid, expired, or not trusted by"..session.to_host }); | |
| 637 else -- Close outgoing connections without warning | |
| 638 session:close(false); | |
| 639 end | |
| 636 return false; | 640 return false; |
| 637 end | 641 end |
| 638 end | 642 end |
| 639 | 643 |
| 640 module:hook("s2s-check-certificate", check_auth_policy, -1); | 644 module:hook("s2s-check-certificate", check_auth_policy, -1); |
