aboutsummaryrefslogtreecommitdiffstats
path: root/plugins/mod_s2s/mod_s2s.lua
diff options
context:
space:
mode:
authorMatthew Wild <mwild1@gmail.com>2013-04-03 13:53:21 +0100
committerMatthew Wild <mwild1@gmail.com>2013-04-03 13:53:21 +0100
commita5ccb8a860924f48570242e468267885137e3e9a (patch)
treebf22e9f39d9ccaa98ba9f214cfa01d7c3408d46a /plugins/mod_s2s/mod_s2s.lua
parent1ea4d9ab7bde60b904192718247d49aa1337a18e (diff)
parent1728207c6bb7f3955535ba4a2c1c6fde8e624ed8 (diff)
downloadprosody-a5ccb8a860924f48570242e468267885137e3e9a.tar.gz
prosody-a5ccb8a860924f48570242e468267885137e3e9a.zip
Merge 0.9->trunk
Diffstat (limited to 'plugins/mod_s2s/mod_s2s.lua')
-rw-r--r--plugins/mod_s2s/mod_s2s.lua6
1 files changed, 5 insertions, 1 deletions
diff --git a/plugins/mod_s2s/mod_s2s.lua b/plugins/mod_s2s/mod_s2s.lua
index 6893d184..639f464b 100644
--- a/plugins/mod_s2s/mod_s2s.lua
+++ b/plugins/mod_s2s/mod_s2s.lua
@@ -632,7 +632,11 @@ function check_auth_policy(event)
if must_secure and not session.cert_identity_status then
module:log("warn", "Forbidding insecure connection to/from %s", host);
- session:close(false);
+ if session.direction == "incoming" then
+ session:close({ condition = "not-authorized", text = "Your server's certificate is invalid, expired, or not trusted by"..session.to_host });
+ else -- Close outgoing connections without warning
+ session:close(false);
+ end
return false;
end
end