# HG changeset patch
# User Matthew Wild <mwild1@gmail.com>
# Date 1363965382 0
# Node ID ab31dbb3a41591cf819e88830e73ba56ce5b6c8d
# Parent  56db8f2c856388b5f7032f08f24e11ba3a4d11b6
mod_s2s: Fix variable usage in check_auth_policy (thanks Florob)

diff -r 56db8f2c8563 -r ab31dbb3a415 plugins/mod_s2s/mod_s2s.lua
--- a/plugins/mod_s2s/mod_s2s.lua	Fri Mar 22 14:50:43 2013 +0000
+++ b/plugins/mod_s2s/mod_s2s.lua	Fri Mar 22 15:16:22 2013 +0000
@@ -610,14 +610,15 @@
 
 function check_auth_policy(event)
 	local host, session = event.host, event.session;
-	
-	if not secure_auth and secure_domains[host] then
-		secure_auth = true;
-	elseif secure_auth and insecure_domains[host] then
-		secure_auth = false;
+	local must_secure = secure_auth;
+
+	if not must_secure and secure_domains[host] then
+		must_secure = true;
+	elseif must_secure and insecure_domains[host] then
+		must_secure = false;
 	end
 	
-	if secure_auth and not session.cert_identity_status then
+	if must_secure and not session.cert_identity_status then
 		module:log("warn", "Forbidding insecure connection to/from %s", host);
 		session:close(false);
 		return false;