From edfec5f1658401cf8071823dd4440bc4f69dd81b Mon Sep 17 00:00:00 2001
From: Kim Alvefur <zash@zash.se>
Date: Fri, 18 Mar 2016 11:51:58 +0100
Subject: [PATCH] mod_saslauth: Disable DIGEST-MD5 by default (closes #515)

---
 plugins/mod_saslauth.lua | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/plugins/mod_saslauth.lua b/plugins/mod_saslauth.lua
index 7e9b0720..bb36600b 100644
--- a/plugins/mod_saslauth.lua
+++ b/plugins/mod_saslauth.lua
@@ -19,7 +19,7 @@ local tostring = tostring;
 local secure_auth_only = module:get_option_boolean("c2s_require_encryption", module:get_option_boolean("require_encryption", false));
 local allow_unencrypted_plain_auth = module:get_option_boolean("allow_unencrypted_plain_auth", false)
 local insecure_mechanisms = module:get_option_set("insecure_sasl_mechanisms", allow_unencrypted_plain_auth and {} or {"PLAIN", "LOGIN"});
-local disabled_mechanisms = module:get_option_set("disable_sasl_mechanisms", {});
+local disabled_mechanisms = module:get_option_set("disable_sasl_mechanisms", { "DIGEST-MD5" });
 
 local log = module._log;
 
-- 
2.30.2