--- a/core/s2smanager.lua	Fri Mar 22 14:22:46 2013 +0000
+++ b/core/s2smanager.lua	Fri Mar 22 15:16:43 2013 +0000
@@ -8,7 +8,7 @@
 
 
 
-local hosts = hosts;
+local hosts = prosody.hosts;
 local tostring, pairs, getmetatable, newproxy, setmetatable
     = tostring, pairs, getmetatable, newproxy, setmetatable;
 
@@ -38,7 +38,7 @@
 	return session;
 end
 
-function new_outgoing(from_host, to_host, connect)
+function new_outgoing(from_host, to_host)
 	local host_session = { to_host = to_host, from_host = from_host, host = from_host,
 		               notopen = true, type = "s2sout_unauthed", direction = "outgoing" };
 	hosts[from_host].s2sout[to_host] = host_session;

--- a/plugins/mod_s2s/mod_s2s.lua	Fri Mar 22 14:22:46 2013 +0000
+++ b/plugins/mod_s2s/mod_s2s.lua	Fri Mar 22 15:16:43 2013 +0000
@@ -423,7 +423,6 @@
 
 --- Session methods
 local stream_xmlns_attr = {xmlns='urn:ietf:params:xml:ns:xmpp-streams'};
-local default_stream_attr = { ["xmlns:stream"] = "http://etherx.jabber.org/streams", xmlns = stream_callbacks.default_ns, version = "1.0", id = "" };
 local function session_close(session, reason, remote_reason)
 	local log = session.log or log;
 	if session.conn then
@@ -611,14 +610,15 @@
 
 function check_auth_policy(event)
 	local host, session = event.host, event.session;
-	
-	if not secure_auth and secure_domains[host] then
-		secure_auth = true;
-	elseif secure_auth and insecure_domains[host] then
-		secure_auth = false;
+	local must_secure = secure_auth;
+
+	if not must_secure and secure_domains[host] then
+		must_secure = true;
+	elseif must_secure and insecure_domains[host] then
+		must_secure = false;
 	end
 	
-	if secure_auth and not session.cert_identity_status then
+	if must_secure and not session.cert_identity_status then
 		module:log("warn", "Forbidding insecure connection to/from %s", host);
 		session:close(false);
 		return false;