Mercurial > lxmppd-hg-xmllex / file comparison
comparison: plugins/mod_saslauth.lua
plugins/mod_saslauth.lua
- changeset 2200
- de3edab7551d
- parent 2189
- 8fbbdb11a520
- child 2203
- 7ef74b2be8f8
equal
deleted
inserted
replaced
| 2199:812130099ab2 | 2200:de3edab7551d |
|---|---|
| 139 end | 139 end |
| 140 if config.get(session.host or "*", "core", "anonymous_login") then | 140 if config.get(session.host or "*", "core", "anonymous_login") then |
| 141 session.sasl_handler = new_sasl(session.host, anonymous_authentication_profile); | 141 session.sasl_handler = new_sasl(session.host, anonymous_authentication_profile); |
| 142 else | 142 else |
| 143 session.sasl_handler = new_sasl(session.host, default_authentication_profile); | 143 session.sasl_handler = new_sasl(session.host, default_authentication_profile); |
| 144 if not session.secure then | |
| 145 session.sasl_handler:forbidden({"PLAIN"}); | |
| 146 end | |
| 144 end | 147 end |
| 145 features:tag("mechanisms", mechanisms_attr); | 148 features:tag("mechanisms", mechanisms_attr); |
| 146 -- TODO: Provide PLAIN only if TLS is active, this is a SHOULD from the introduction of RFC 4616. This behavior could be overridden via configuration but will issuing a warning or so. | |
| 147 for k, v in pairs(session.sasl_handler:mechanisms()) do | 149 for k, v in pairs(session.sasl_handler:mechanisms()) do |
| 148 features:tag("mechanism"):text(v):up(); | 150 features:tag("mechanism"):text(v):up(); |
| 149 end | 151 end |
| 150 features:up(); | 152 features:up(); |
| 151 else | 153 else |
