changeset 1380:703041357f89

mod_s2s_auth_fingerprint: Allways pin fingerprints
author Kim Alvefur <zash@zash.se>
date Sat, 05 Apr 2014 13:40:13 +0200
parents 403d5cd924eb
children 11b6170a50f7
files mod_s2s_auth_fingerprint/mod_s2s_auth_fingerprint.lua
diffstat 1 files changed, 2 insertions(+), 3 deletions(-) [+]
line wrap: on
line diff
--- a/mod_s2s_auth_fingerprint/mod_s2s_auth_fingerprint.lua	Thu Apr 03 20:57:22 2014 +0200
+++ b/mod_s2s_auth_fingerprint/mod_s2s_auth_fingerprint.lua	Sat Apr 05 13:40:13 2014 +0200
@@ -1,10 +1,9 @@
--- Copyright (C) 2013 Kim Alvefur
+-- Copyright (C) 2013-2014 Kim Alvefur
 -- This file is MIT/X11 licensed.
 
 module:set_global();
 
 local digest_algo = module:get_option_string(module:get_name().."_digest", "sha1");
-local must_match = module:get_option_boolean("s2s_pin_fingerprints", false);
 
 local fingerprints = {};
 
@@ -34,7 +33,7 @@
 			session.cert_chain_status = "valid";
 			session.cert_identity_status = "valid";
 			return true;
-		elseif must_match then
+		else
 			session.cert_chain_status = "invalid";
 			session.cert_identity_status = "invalid";
 		end