451 function verify_dialback(id, to, from, key) |
451 function verify_dialback(id, to, from, key) |
452 return key == generate_dialback(id, to, from); |
452 return key == generate_dialback(id, to, from); |
453 end |
453 end |
454 |
454 |
455 function make_authenticated(session, host) |
455 function make_authenticated(session, host) |
|
456 if not session.secure then |
|
457 local local_host = session.direction == "incoming" and session.to_host or session.from_host; |
|
458 if config.get(local_host, "core", "require_s2s_encryption")) then |
|
459 session:close({ |
|
460 condition = "policy-violation", |
|
461 text = "Encrypted server-to-server communication is required but was not " |
|
462 ..((session.direction == "outgoing" and "offered") or "used") |
|
463 }); |
|
464 end |
|
465 end |
456 if session.type == "s2sout_unauthed" then |
466 if session.type == "s2sout_unauthed" then |
457 session.type = "s2sout"; |
467 session.type = "s2sout"; |
458 elseif session.type == "s2sin_unauthed" then |
468 elseif session.type == "s2sin_unauthed" then |
459 session.type = "s2sin"; |
469 session.type = "s2sin"; |
460 if host then |
470 if host then |