From 57d6a05e8313a9644b8fa94b710266a2b4605739 Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Mon, 5 Oct 2009 14:52:30 +0100 Subject: mod_tls: Mark starttls feature as if require_s2s_encryption is enabled --- plugins/mod_tls.lua | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'plugins') diff --git a/plugins/mod_tls.lua b/plugins/mod_tls.lua index cd4f3acf..61b8d6d9 100644 --- a/plugins/mod_tls.lua +++ b/plugins/mod_tls.lua @@ -12,6 +12,7 @@ local xmlns_stream = 'http://etherx.jabber.org/streams'; local xmlns_starttls = 'urn:ietf:params:xml:ns:xmpp-tls'; local secure_auth_only = module:get_option("require_encryption"); +local secure_s2s_only = module:get_option("require_s2s_encryption"); module:add_handler("c2s_unauthed", "starttls", xmlns_starttls, function (session, stanza) @@ -61,8 +62,11 @@ module:add_event_hook("s2s-stream-features", -- remote server does not specify a to/from. if session.to_host and session.conn.starttls and not features:child_with_ns(xmlns_starttls) then features:tag("starttls", starttls_attr):up(); - -- TODO: Make this optional :P - --features:tag("required"):up():up(); + if secure_s2s_only then + features:tag("required"):up():up(); + else + features:up(); + end end end); -- cgit v1.2.3