X-Git-Url: https://git.enpas.org/?a=blobdiff_plain;f=plugins%2Fmod_legacyauth.lua;h=5fb664415682661f6fb30fac87152e72b703b3fc;hb=8d15cb8b83eb8a1b287bdd06a32750076d867287;hp=a47f0223d546f4b2a533dc56a4feb94343e27184;hpb=8ee0370603ca03f15e7d3ea7242c6f1d9b9ef3a0;p=prosody.git

diff --git a/plugins/mod_legacyauth.lua b/plugins/mod_legacyauth.lua
index a47f0223..5fb66441 100644
--- a/plugins/mod_legacyauth.lua
+++ b/plugins/mod_legacyauth.lua
@@ -35,7 +35,7 @@ module:hook("stanza/iq/jabber:iq:auth:query", function(event)
 	local session, stanza = event.origin, event.stanza;
 
 	if session.type ~= "c2s_unauthed" then
-		session.send(st.error_reply(stanza, "cancel", "service-unavailable", "Legacy authentication is only allowed for unauthenticated client connections."));
+		(session.sends2s or session.send)(st.error_reply(stanza, "cancel", "service-unavailable", "Legacy authentication is only allowed for unauthenticated client connections."));
 		return true;
 	end
 
@@ -57,7 +57,10 @@ module:hook("stanza/iq/jabber:iq:auth:query", function(event)
 		username, password, resource = t_concat(username), t_concat(password), t_concat(resource);
 		username = nodeprep(username);
 		resource = resourceprep(resource)
-		local reply = st.reply(stanza);
+		if not (username and resource) then
+			session.send(st.error_reply(stanza, "modify", "bad-request"));
+			return true;
+		end
 		if usermanager.test_password(username, session.host, password) then
 			-- Authentication successful!
 			local success, err = sessionmanager.make_authenticated(session, username);