projects / prosody.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
net.http.server: Properly handle persistent connections
[prosody.git] / plugins / mod_legacyauth.lua
diff --git a/plugins/mod_legacyauth.lua b/plugins/mod_legacyauth.lua
index a47f0223d546f4b2a533dc56a4feb94343e27184..5fb664415682661f6fb30fac87152e72b703b3fc 100644 (file)
--- a/plugins/mod_legacyauth.lua
+++ b/plugins/mod_legacyauth.lua
@@ -35,7 +35,7 @@ module:hook("stanza/iq/jabber:iq:auth:query", function(event)
        local session, stanza = event.origin, event.stanza;
 
        if session.type ~= "c2s_unauthed" then
-               session.send(st.error_reply(stanza, "cancel", "service-unavailable", "Legacy authentication is only allowed for unauthenticated client connections."));
+               (session.sends2s or session.send)(st.error_reply(stanza, "cancel", "service-unavailable", "Legacy authentication is only allowed for unauthenticated client connections."));
                return true;
        end
 
@@ -57,7 +57,10 @@ module:hook("stanza/iq/jabber:iq:auth:query", function(event)
                username, password, resource = t_concat(username), t_concat(password), t_concat(resource);
                username = nodeprep(username);
                resource = resourceprep(resource)
-               local reply = st.reply(stanza);
+               if not (username and resource) then
+                       session.send(st.error_reply(stanza, "modify", "bad-request"));
+                       return true;
+               end
                if usermanager.test_password(username, session.host, password) then
                        -- Authentication successful!
                        local success, err = sessionmanager.make_authenticated(session, username);