mod_saslauth: Requiring c2s encryption means requiring c2s encryption... thanks Flo

author Matthew Wild <mwild1@gmail.com>

Mon, 21 Dec 2009 22:00:49 +0000 (22:00 +0000)

committer Matthew Wild <mwild1@gmail.com>

Mon, 21 Dec 2009 22:00:49 +0000 (22:00 +0000)
author Matthew Wild <mwild1@gmail.com>
Mon, 21 Dec 2009 22:00:49 +0000 (22:00 +0000)
committer Matthew Wild <mwild1@gmail.com>
Mon, 21 Dec 2009 22:00:49 +0000 (22:00 +0000)
diff --git a/plugins/mod_saslauth.lua b/plugins/mod_saslauth.lua

index 001f14e217b95b7767af1b653004a7efb26c47a1..dd13930ed5153428be0811dadefa5c8b11b43c9b 100644 (file)
--- a/plugins/mod_saslauth.lua
+++ b/plugins/mod_saslauth.lua
@@ -104,6 +104,9 @@ local function sasl_handler(session, stanza)
                 if not valid_mechanism then
                         return session.send(build_reply("failure", "invalid-mechanism"));
                 end
+               if secure_auth_only and not session.secure then
+                       return session.send(build_reply("failure", "encryption-required"));
+               end
         elseif not session.sasl_handler then
                 return; -- FIXME ignoring out of order stanzas because ejabberd does
         end
author	Matthew Wild <mwild1@gmail.com>
	Mon, 21 Dec 2009 22:00:49 +0000 (22:00 +0000)
committer	Matthew Wild <mwild1@gmail.com>
	Mon, 21 Dec 2009 22:00:49 +0000 (22:00 +0000)