aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMatthew Wild <mwild1@gmail.com>2013-03-22 15:16:22 +0000
committerMatthew Wild <mwild1@gmail.com>2013-03-22 15:16:22 +0000
commitb1ce27375d21ac9d8fd923b9766b19cc938165d6 (patch)
tree405a0afb10ef1d47dfd38bb35f78b22d3f98864b
parent923d1aa1bde9a130af31e5ef1279bc3520badcfb (diff)
downloadprosody-b1ce27375d21ac9d8fd923b9766b19cc938165d6.tar.gz
prosody-b1ce27375d21ac9d8fd923b9766b19cc938165d6.zip
mod_s2s: Fix variable usage in check_auth_policy (thanks Florob)
-rw-r--r--plugins/mod_s2s/mod_s2s.lua13
1 files changed, 7 insertions, 6 deletions
diff --git a/plugins/mod_s2s/mod_s2s.lua b/plugins/mod_s2s/mod_s2s.lua
index 80f06eb9..ec969cc3 100644
--- a/plugins/mod_s2s/mod_s2s.lua
+++ b/plugins/mod_s2s/mod_s2s.lua
@@ -610,14 +610,15 @@ end
function check_auth_policy(event)
local host, session = event.host, event.session;
-
- if not secure_auth and secure_domains[host] then
- secure_auth = true;
- elseif secure_auth and insecure_domains[host] then
- secure_auth = false;
+ local must_secure = secure_auth;
+
+ if not must_secure and secure_domains[host] then
+ must_secure = true;
+ elseif must_secure and insecure_domains[host] then
+ must_secure = false;
end
- if secure_auth and not session.cert_identity_status then
+ if must_secure and not session.cert_identity_status then
module:log("warn", "Forbidding insecure connection to/from %s", host);
session:close(false);
return false;