core/s2smanager.lua

changeset 2537
80641e786b35
parent 2509
e8a0f2368cde
child 2538
0db17d1f77fb
equal deleted inserted replaced
2536:922e6e84d0bf 2537:80641e786b35
451 function verify_dialback(id, to, from, key) 451 function verify_dialback(id, to, from, key)
452 return key == generate_dialback(id, to, from); 452 return key == generate_dialback(id, to, from);
453 end 453 end
454 454
455 function make_authenticated(session, host) 455 function make_authenticated(session, host)
456 if not session.secure then
457 local local_host = session.direction == "incoming" and session.to_host or session.from_host;
458 if config.get(local_host, "core", "require_s2s_encryption")) then
459 session:close({
460 condition = "policy-violation",
461 text = "Encrypted server-to-server communication is required but was not "
462 ..((session.direction == "outgoing" and "offered") or "used")
463 });
464 end
465 end
456 if session.type == "s2sout_unauthed" then 466 if session.type == "s2sout_unauthed" then
457 session.type = "s2sout"; 467 session.type = "s2sout";
458 elseif session.type == "s2sin_unauthed" then 468 elseif session.type == "s2sin_unauthed" then
459 session.type = "s2sin"; 469 session.type = "s2sin";
460 if host then 470 if host then

mercurial