aboutsummaryrefslogtreecommitdiffstats
path: root/plugins
diff options
context:
space:
mode:
authorKim Alvefur <zash@zash.se>2014-01-15 22:47:50 +0100
committerKim Alvefur <zash@zash.se>2014-01-15 22:47:50 +0100
commit1af645736f9342af278d6e7a6739197ee3f43e57 (patch)
treef844fb18c60bdb75c3b6fff8129bc8e5b1a0dbb1 /plugins
parent600189b9e23142e105962de91076570e286f183c (diff)
downloadprosody-1af645736f9342af278d6e7a6739197ee3f43e57.tar.gz
prosody-1af645736f9342af278d6e7a6739197ee3f43e57.zip
mod_tls: Let s2s_secure_auth override s2s_require_encryption and warn if they differ
Diffstat (limited to 'plugins')
-rw-r--r--plugins/mod_tls.lua6
1 files changed, 6 insertions, 0 deletions
diff --git a/plugins/mod_tls.lua b/plugins/mod_tls.lua
index 6db02c2c..2741b8d4 100644
--- a/plugins/mod_tls.lua
+++ b/plugins/mod_tls.lua
@@ -13,6 +13,12 @@ local st = require "util.stanza";
local c2s_require_encryption = module:get_option("c2s_require_encryption") or module:get_option("require_encryption");
local s2s_require_encryption = module:get_option("s2s_require_encryption");
local allow_s2s_tls = module:get_option("s2s_allow_encryption") ~= false;
+local s2s_secure_auth = module:get_option("s2s_secure_auth");
+
+if s2s_secure_auth and s2s_require_encryption == false then
+ module:log("warn", "s2s_secure_auth implies s2s_require_encryption, but s2s_require_encryption is set to false");
+ s2s_require_encryption = true;
+end
local xmlns_starttls = 'urn:ietf:params:xml:ns:xmpp-tls';
local starttls_attr = { xmlns = xmlns_starttls };