447 function verify_dialback(id, to, from, key) |
447 function verify_dialback(id, to, from, key) |
448 return key == generate_dialback(id, to, from); |
448 return key == generate_dialback(id, to, from); |
449 end |
449 end |
450 |
450 |
451 function make_authenticated(session, host) |
451 function make_authenticated(session, host) |
|
452 if not session.secure then |
|
453 local local_host = session.direction == "incoming" and session.to_host or session.from_host; |
|
454 if config.get(local_host, "core", "require_s2s_encryption")) then |
|
455 session:close({ |
|
456 condition = "policy-violation", |
|
457 text = "Encrypted server-to-server communication is required but was not " |
|
458 ..((session.direction == "outgoing" and "offered") or "used") |
|
459 }); |
|
460 end |
|
461 end |
452 if session.type == "s2sout_unauthed" then |
462 if session.type == "s2sout_unauthed" then |
453 session.type = "s2sout"; |
463 session.type = "s2sout"; |
454 elseif session.type == "s2sin_unauthed" then |
464 elseif session.type == "s2sin_unauthed" then |
455 session.type = "s2sin"; |
465 session.type = "s2sin"; |
456 if host then |
466 if host then |