Mercurial > lxmppd-hg-xmllex / changeset

changeset

mod_saslauth: Move mandatory encryption enforcement to before sasl_handler:select().

Sat, 31 Jul 2010 13:49:22 +0500

author
Waqas Hussain <waqas20@gmail.com>
date
Sat, 31 Jul 2010 13:49:22 +0500
changeset 3416
c505a8cc8922
parent 3415
5ba0e094a5e2
child 3417
53e854b52110

mod_saslauth: Move mandatory encryption enforcement to before sasl_handler:select().

plugins/mod_saslauth.lua file | annotate | diff | comparison | revisions 
--- a/plugins/mod_saslauth.lua	Sat Jul 31 13:32:57 2010 +0500
+++ b/plugins/mod_saslauth.lua	Sat Jul 31 13:49:22 2010 +0500
@@ -119,13 +119,13 @@
 		elseif stanza.attr.mechanism == "ANONYMOUS" then
 			return session.send(build_reply("failure", "mechanism-too-weak"));
 		end
+		if secure_auth_only and not session.secure then
+			return session.send(build_reply("failure", "encryption-required"));
+		end
 		local valid_mechanism = session.sasl_handler:select(stanza.attr.mechanism);
 		if not valid_mechanism then
 			return session.send(build_reply("failure", "invalid-mechanism"));
 		end
-		if secure_auth_only and not session.secure then
-			return session.send(build_reply("failure", "encryption-required"));
-		end
 	elseif not session.sasl_handler then
 		return; -- FIXME ignoring out of order stanzas because ejabberd does
 	end

Mercurial Repository: lxmppd-hg-xmllex

mercurial