From 0b4567a6f194544d51d8574cf94f2f06056e83d3 Mon Sep 17 00:00:00 2001
From: Matthew Wild <mwild1@gmail.com>
Date: Fri, 11 May 2012 00:56:18 +0100
Subject: mod_s2s, mod_auth_anonymous, hostmanager: Remove disallow_s2s flag,
 deprecate the config option of the same name (disable mod_s2s instead), and
 add 'allow_anonymous_s2s' to separately control s2s for anonymous users

---
 core/hostmanager.lua           | 1 -
 plugins/mod_auth_anonymous.lua | 2 +-
 plugins/mod_s2s/mod_s2s.lua    | 5 +++--
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/core/hostmanager.lua b/core/hostmanager.lua
index a9db1a92..66275d96 100644
--- a/core/hostmanager.lua
+++ b/core/hostmanager.lua
@@ -74,7 +74,6 @@ function activate(host, host_config)
 		s2sout = {};
 		events = events_new();
 		dialback_secret = configmanager.get(host, "core", "dialback_secret") or uuid_gen();
-		disallow_s2s = configmanager.get(host, "core", "disallow_s2s");
 		send = host_send;
 	};
 	if not host_config.core.component_module then -- host
diff --git a/plugins/mod_auth_anonymous.lua b/plugins/mod_auth_anonymous.lua
index 55398d8a..c080177d 100644
--- a/plugins/mod_auth_anonymous.lua
+++ b/plugins/mod_auth_anonymous.lua
@@ -51,7 +51,7 @@ local function dm_callback(username, host, datastore, data)
 	return username, host, datastore, data;
 end
 
-if module:get_option_boolean("disallow_s2s", true) then
+if not module:get_option_boolean("allow_anonymous_s2s", false) then
 	module:hook("route/remote", function (event)
 		return false; -- Block outgoing s2s from anonymous users
 	end, 300);
diff --git a/plugins/mod_s2s/mod_s2s.lua b/plugins/mod_s2s/mod_s2s.lua
index 61812a1e..e2a22738 100644
--- a/plugins/mod_s2s/mod_s2s.lua
+++ b/plugins/mod_s2s/mod_s2s.lua
@@ -125,6 +125,7 @@ end
 
 function module.add_host(module)
 	if module:get_option_boolean("disallow_s2s", false) then
+		module:log("warn", "The 'disallow_s2s' config option is deprecated, please see http://prosody.im/doc/s2s#disabling");
 		return nil, "This host has disallow_s2s set";
 	end
 	module:hook("route/remote", route_to_existing_session, 200);
@@ -226,11 +227,11 @@ function stream_callbacks.streamopened(session, attr)
 					text = "This host does not serve "..to
 				});
 				return;
-			elseif hosts[to].disallow_s2s then
+			elseif not hosts[to].modules.s2s then
 				-- Attempting to connect to a host that disallows s2s
 				session:close({
 					condition = "policy-violation";
-					text = "Server-to-server communication is not allowed to this host";
+					text = "Server-to-server communication is disabled for this host";
 				});
 				return;
 			end
-- 
cgit v1.2.3