X-Git-Url: https://git.enpas.org/?a=blobdiff_plain;f=plugins%2Fmod_saslauth.lua;h=a07c5fd2a487d27742ca73c3f6ba711d23ffa806;hb=f1578bdc4e0a3b10a46adbe3ebd9ae39fbc682a0;hp=c5d3dc917bd847b00869efc563ccc0640f75aca6;hpb=686b9bc986730e2265700d1fcbb4df5b701565fd;p=prosody.git

diff --git a/plugins/mod_saslauth.lua b/plugins/mod_saslauth.lua
index c5d3dc91..a07c5fd2 100644
--- a/plugins/mod_saslauth.lua
+++ b/plugins/mod_saslauth.lua
@@ -1,7 +1,7 @@
 -- Prosody IM
 -- Copyright (C) 2008-2010 Matthew Wild
 -- Copyright (C) 2008-2010 Waqas Hussain
--- 
+--
 -- This project is MIT/X11 licensed. Please see the
 -- COPYING file in the source package for more information.
 --
@@ -242,6 +242,16 @@ module:hook("stream-features", function(event)
 			return;
 		end
 		origin.sasl_handler = usermanager_get_sasl_handler(module.host, origin);
+		if origin.encrypted then
+			-- check wether LuaSec has the nifty binding to the function needed for tls-unique
+			-- FIXME: would be nice to have this check only once and not for every socket
+			if origin.conn:socket().getpeerfinished and origin.sasl_handler.add_cb_handler then
+				origin.sasl_handler:add_cb_handler("tls-unique", function(self)
+					return self.userdata:getpeerfinished();
+				end);
+				origin.sasl_handler["userdata"] = origin.conn:socket();
+			end
+		end
 		local mechanisms = st.stanza("mechanisms", mechanisms_attr);
 		for mechanism in pairs(origin.sasl_handler:mechanisms()) do
 			if mechanism ~= "PLAIN" or origin.secure or allow_unencrypted_plain_auth then
@@ -274,7 +284,7 @@ module:hook("iq/self/urn:ietf:params:xml:ns:xmpp-bind:bind", function(event)
 	local resource;
 	if stanza.attr.type == "set" then
 		local bind = stanza.tags[1];
-		resource = bind:child_with_name("resource");
+		resource = bind:get_child("resource");
 		resource = resource and #resource.tags == 0 and resource[1] or nil;
 	end
 	local success, err_type, err, err_msg = sm_bind_resource(origin, resource);