mod_s2s: Fix variable usage in check_auth_policy (thanks Florob)

author: Matthew Wild <mwild1@gmail.com> 2013-03-22 15:16:22 +0000
committer: Matthew Wild <mwild1@gmail.com> 2013-03-22 15:16:22 +0000
commit: 68a7de369b8d2b5701ef6403ce6d3f8d4e7e8fa9 (patch)
tree: 405a0afb10ef1d47dfd38bb35f78b22d3f98864b /plugins/mod_s2s
parent: c908af2a7d0aaf8c7448273fc57a2b284fb5fb29 (diff)
download: prosody-68a7de369b8d2b5701ef6403ce6d3f8d4e7e8fa9.tar.gz
prosody-68a7de369b8d2b5701ef6403ce6d3f8d4e7e8fa9.zip
1 files changed, 7 insertions, 6 deletions
diff --git a/plugins/mod_s2s/mod_s2s.lua b/plugins/mod_s2s/mod_s2s.lua
index 80f06eb9..ec969cc3 100644
--- a/plugins/mod_s2s/mod_s2s.lua
+++ b/plugins/mod_s2s/mod_s2s.lua
@@ -610,14 +610,15 @@ end
 
 function check_auth_policy(event)
 	local host, session = event.host, event.session;
-	
-	if not secure_auth and secure_domains[host] then
-		secure_auth = true;
-	elseif secure_auth and insecure_domains[host] then
-		secure_auth = false;
+	local must_secure = secure_auth;
+
+	if not must_secure and secure_domains[host] then
+		must_secure = true;
+	elseif must_secure and insecure_domains[host] then
+		must_secure = false;
 	end
 	
-	if secure_auth and not session.cert_identity_status then
+	if must_secure and not session.cert_identity_status then
 		module:log("warn", "Forbidding insecure connection to/from %s", host);
 		session:close(false);
 		return false;
author	Matthew Wild <mwild1@gmail.com>	2013-03-22 15:16:22 +0000
committer	Matthew Wild <mwild1@gmail.com>	2013-03-22 15:16:22 +0000
commit	68a7de369b8d2b5701ef6403ce6d3f8d4e7e8fa9 (patch)
tree	405a0afb10ef1d47dfd38bb35f78b22d3f98864b /plugins/mod_s2s
parent	c908af2a7d0aaf8c7448273fc57a2b284fb5fb29 (diff)
download	prosody-68a7de369b8d2b5701ef6403ce6d3f8d4e7e8fa9.tar.gz prosody-68a7de369b8d2b5701ef6403ce6d3f8d4e7e8fa9.zip