From bbd996911b313b8c1b94505400bba46c852e4832 Mon Sep 17 00:00:00 2001
From: Matthew Wild <mwild1@gmail.com>
Date: Fri, 4 May 2012 02:28:10 +0100
Subject: mod_auth_anonymous: Block s2s when enabled on a host (and
 disallow_s2s ~= false)

---
 plugins/mod_auth_anonymous.lua | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

(limited to 'plugins/mod_auth_anonymous.lua')

diff --git a/plugins/mod_auth_anonymous.lua b/plugins/mod_auth_anonymous.lua
index 056d7e6b..55398d8a 100644
--- a/plugins/mod_auth_anonymous.lua
+++ b/plugins/mod_auth_anonymous.lua
@@ -50,15 +50,17 @@ local function dm_callback(username, host, datastore, data)
 	end
 	return username, host, datastore, data;
 end
-local host = hosts[module.host];
-local _saved_disallow_s2s = host.disallow_s2s;
+
+if module:get_option_boolean("disallow_s2s", true) then
+	module:hook("route/remote", function (event)
+		return false; -- Block outgoing s2s from anonymous users
+	end, 300);
+end
+
 function module.load()
-	_saved_disallow_s2s = host.disallow_s2s;
-	host.disallow_s2s = module:get_option("disallow_s2s") ~= false;
 	datamanager.add_callback(dm_callback);
 end
 function module.unload()
-	host.disallow_s2s = _saved_disallow_s2s;
 	datamanager.remove_callback(dm_callback);
 end
 
-- 
cgit v1.2.3