Mon, 21 Dec 2009 22:00:49 +0000
mod_saslauth: Requiring c2s encryption means requiring c2s encryption... thanks Flo
plugins/mod_saslauth.lua | file | annotate | diff | comparison | revisions |
--- a/plugins/mod_saslauth.lua Mon Dec 21 17:03:47 2009 +0000 +++ b/plugins/mod_saslauth.lua Mon Dec 21 22:00:49 2009 +0000 @@ -104,6 +104,9 @@ if not valid_mechanism then return session.send(build_reply("failure", "invalid-mechanism")); end + if secure_auth_only and not session.secure then + return session.send(build_reply("failure", "encryption-required")); + end elseif not session.sasl_handler then return; -- FIXME ignoring out of order stanzas because ejabberd does end