Merge 0.9->trunk

author: Matthew Wild <mwild1@gmail.com> 2013-04-03 13:53:21 +0100
committer: Matthew Wild <mwild1@gmail.com> 2013-04-03 13:53:21 +0100
commit: 1213909d149d2ae2d697d6694ee1a30ef41c47f4 (patch)
tree: bf22e9f39d9ccaa98ba9f214cfa01d7c3408d46a /plugins/mod_s2s/mod_s2s.lua
parent: c8e37d89fdf5c9b5990cd309d53707f990986559 (diff)
parent: 64579702abbbb36676a94a86d88cc54c119f4433 (diff)
download: prosody-1213909d149d2ae2d697d6694ee1a30ef41c47f4.tar.gz
prosody-1213909d149d2ae2d697d6694ee1a30ef41c47f4.zip
1 files changed, 5 insertions, 1 deletions
diff --git a/plugins/mod_s2s/mod_s2s.lua b/plugins/mod_s2s/mod_s2s.lua
index 6893d184..639f464b 100644
--- a/plugins/mod_s2s/mod_s2s.lua
+++ b/plugins/mod_s2s/mod_s2s.lua
@@ -632,7 +632,11 @@ function check_auth_policy(event)
 	
 	if must_secure and not session.cert_identity_status then
 		module:log("warn", "Forbidding insecure connection to/from %s", host);
-		session:close(false);
+		if session.direction == "incoming" then
+			session:close({ condition = "not-authorized", text = "Your server's certificate is invalid, expired, or not trusted by"..session.to_host });
+		else -- Close outgoing connections without warning
+			session:close(false);
+		end
 		return false;
 	end
 end
author	Matthew Wild <mwild1@gmail.com>	2013-04-03 13:53:21 +0100
committer	Matthew Wild <mwild1@gmail.com>	2013-04-03 13:53:21 +0100
commit	1213909d149d2ae2d697d6694ee1a30ef41c47f4 (patch)
tree	bf22e9f39d9ccaa98ba9f214cfa01d7c3408d46a /plugins/mod_s2s/mod_s2s.lua
parent	c8e37d89fdf5c9b5990cd309d53707f990986559 (diff)
parent	64579702abbbb36676a94a86d88cc54c119f4433 (diff)
download	prosody-1213909d149d2ae2d697d6694ee1a30ef41c47f4.tar.gz prosody-1213909d149d2ae2d697d6694ee1a30ef41c47f4.zip