prosody
80641e786b35
core/s2smanager.lua
Software / code / prosody
Comparison
core/s2smanager.lua @ 2537:80641e786b35
s2smanager: Make require_s2s_encryption do what it says on the tin
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Sat, 30 Jan 2010 16:42:27 +0000 |
| parent | 2509:e8a0f2368cde |
| child | 2538:0db17d1f77fb |
comparison
equal
deleted
inserted
replaced
| 2536:922e6e84d0bf | 2537:80641e786b35 |
|---|---|
| 451 function verify_dialback(id, to, from, key) | 451 function verify_dialback(id, to, from, key) |
| 452 return key == generate_dialback(id, to, from); | 452 return key == generate_dialback(id, to, from); |
| 453 end | 453 end |
| 454 | 454 |
| 455 function make_authenticated(session, host) | 455 function make_authenticated(session, host) |
| 456 if not session.secure then | |
| 457 local local_host = session.direction == "incoming" and session.to_host or session.from_host; | |
| 458 if config.get(local_host, "core", "require_s2s_encryption")) then | |
| 459 session:close({ | |
| 460 condition = "policy-violation", | |
| 461 text = "Encrypted server-to-server communication is required but was not " | |
| 462 ..((session.direction == "outgoing" and "offered") or "used") | |
| 463 }); | |
| 464 end | |
| 465 end | |
| 456 if session.type == "s2sout_unauthed" then | 466 if session.type == "s2sout_unauthed" then |
| 457 session.type = "s2sout"; | 467 session.type = "s2sout"; |
| 458 elseif session.type == "s2sin_unauthed" then | 468 elseif session.type == "s2sin_unauthed" then |
| 459 session.type = "s2sin"; | 469 session.type = "s2sin"; |
| 460 if host then | 470 if host then |
