From: Matthew Wild <mwild1@gmail.com>
Date: Fri, 29 May 2009 17:17:03 +0000 (+0100)
Subject: mod_tls: Add <required/> to stream feature when TLS is required
X-Git-Url: https://git.enpas.org/?a=commitdiff_plain;h=2536db8f44eb9736b1928acc6da4d2ecb91cbd65;p=prosody.git

mod_tls: Add <required/> to stream feature when TLS is required
---

diff --git a/plugins/mod_tls.lua b/plugins/mod_tls.lua
index 85dc6bba..dc291278 100644
--- a/plugins/mod_tls.lua
+++ b/plugins/mod_tls.lua
@@ -12,6 +12,9 @@ local st = require "util.stanza";
 
 local xmlns_starttls ='urn:ietf:params:xml:ns:xmpp-tls';
 
+local config = require "core.configmanager";
+local secure_auth_only = config.get("*", "core", "require_encryption");
+
 module:add_handler("c2s_unauthed", "starttls", xmlns_starttls,
 		function (session, stanza)
 			if session.conn.starttls then
@@ -30,6 +33,11 @@ local starttls_attr = { xmlns = xmlns_starttls };
 module:add_event_hook("stream-features", 
 		function (session, features)												
 			if session.conn.starttls then
-				features:tag("starttls", starttls_attr):up();
+				features:tag("starttls", starttls_attr);
+				if secure_auth_only then
+					features:tag("required"):up():up();
+				else
+					features:up();
+				end
 			end
 		end);