aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMatthew Wild <mwild1@gmail.com>2013-05-18 12:03:03 +0100
committerMatthew Wild <mwild1@gmail.com>2013-05-18 12:03:03 +0100
commit67ee4ff9ad713a73d865c62e4d92aa80dcc40587 (patch)
tree9a2df10e453653ada7c2f4672eaf6fe1efa462d8
parentfa45bdb4f28b518346217a6fdaeb6ab93d85bea0 (diff)
parent0da93732c771576ef171dd2dbbabf84d4d88489f (diff)
downloadprosody-67ee4ff9ad713a73d865c62e4d92aa80dcc40587.tar.gz
prosody-67ee4ff9ad713a73d865c62e4d92aa80dcc40587.zip
Merge 0.9->trunk
-rw-r--r--plugins/mod_s2s/mod_s2s.lua4
1 files changed, 2 insertions, 2 deletions
diff --git a/plugins/mod_s2s/mod_s2s.lua b/plugins/mod_s2s/mod_s2s.lua
index 30ebb706..5a2af968 100644
--- a/plugins/mod_s2s/mod_s2s.lua
+++ b/plugins/mod_s2s/mod_s2s.lua
@@ -37,7 +37,7 @@ local opt_keepalives = module:get_option_boolean("s2s_tcp_keepalives", module:ge
local secure_auth = module:get_option_boolean("s2s_secure_auth", false); -- One day...
local secure_domains, insecure_domains =
module:get_option_set("s2s_secure_domains", {})._items, module:get_option_set("s2s_insecure_domains", {})._items;
-local require_encryption = module:get_option_boolean("s2s_require_encryption", secure_auth);
+local require_encryption = module:get_option_boolean("s2s_require_encryption", false);
local sessions = module:shared("sessions");
@@ -185,7 +185,7 @@ end
function make_authenticated(event)
local session, host = event.session, event.host;
if not session.secure then
- if require_encryption or secure_auth or secure_domains[host] then
+ if require_encryption or (secure_auth and not(insecure_domains[host])) or secure_domains[host] then
session:close({
condition = "policy-violation",
text = "Encrypted server-to-server communication is required but was not "