diff options
| author | Matthew Wild <mwild1@gmail.com> | 2010-03-24 22:34:59 +0000 |
|---|---|---|
| committer | Matthew Wild <mwild1@gmail.com> | 2010-03-24 22:34:59 +0000 |
| commit | d16d14ade1716171913200e085f1af12e6c819eb (patch) | |
| tree | 66bf8c232f9ec2c7738f908d1fb9c2de420d0e7d /plugins/mod_tls.lua | |
| parent | 2536fa75c312dd7175629dcc38b5619897f8f00b (diff) | |
| parent | 67a0c4e8db5af279127f5ee15a66b5ce0ea0d194 (diff) | |
| download | prosody-d16d14ade1716171913200e085f1af12e6c819eb.tar.gz prosody-d16d14ade1716171913200e085f1af12e6c819eb.zip | |
Merge 0.6->0.7
Diffstat (limited to 'plugins/mod_tls.lua')
| -rw-r--r-- | plugins/mod_tls.lua | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/plugins/mod_tls.lua b/plugins/mod_tls.lua index b30ad3f3..8b96aa15 100644 --- a/plugins/mod_tls.lua +++ b/plugins/mod_tls.lua @@ -10,6 +10,7 @@ local st = require "util.stanza"; local secure_auth_only = module:get_option("c2s_require_encryption") or module:get_option("require_encryption"); local secure_s2s_only = module:get_option("s2s_require_encryption"); +local allow_s2s_tls = module:get_option("s2s_allow_encryption") ~= false; local xmlns_starttls = 'urn:ietf:params:xml:ns:xmpp-tls'; local starttls_attr = { xmlns = xmlns_starttls }; @@ -27,9 +28,9 @@ local host = hosts[module.host]; local function can_do_tls(session) if session.type == "c2s_unauthed" then return session.conn.starttls and host.ssl_ctx_in; - elseif session.type == "s2sin_unauthed" then + elseif session.type == "s2sin_unauthed" and allow_s2s_tls then return session.conn.starttls and host.ssl_ctx_in; - elseif session.direction == "outgoing" then + elseif session.direction == "outgoing" and allow_s2s_tls then return session.conn.starttls and host.ssl_ctx; end return false; |