# HG changeset patch
# User Matthew Wild <mwild1@gmail.com>
# Date 1243617423 -3600
# Node ID f14e08a0ae7fb1033fd4f12b8502b07abe05837a
# Parent  8e02c10c9e60b61323cdcb3659a49bab442acf34
mod_tls: Add <required/> to stream feature when TLS is required

diff -r 8e02c10c9e60 -r f14e08a0ae7f plugins/mod_tls.lua
--- a/plugins/mod_tls.lua	Fri May 29 18:04:53 2009 +0100
+++ b/plugins/mod_tls.lua	Fri May 29 18:17:03 2009 +0100
@@ -12,6 +12,9 @@
 
 local xmlns_starttls ='urn:ietf:params:xml:ns:xmpp-tls';
 
+local config = require "core.configmanager";
+local secure_auth_only = config.get("*", "core", "require_encryption");
+
 module:add_handler("c2s_unauthed", "starttls", xmlns_starttls,
 		function (session, stanza)
 			if session.conn.starttls then
@@ -30,6 +33,11 @@
 module:add_event_hook("stream-features", 
 		function (session, features)												
 			if session.conn.starttls then
-				features:tag("starttls", starttls_attr):up();
+				features:tag("starttls", starttls_attr);
+				if secure_auth_only then
+					features:tag("required"):up():up();
+				else
+					features:up();
+				end
 			end
 		end);