Mercurial > lxmppd-hg-xmllex / changeset
changeset
mod_saslauth: Disable SASL ANONYMOUS unless explicitly enabled with sasl_anonymous = true
Sat, 07 Mar 2009 20:17:09 +0000
- author
- Matthew Wild <mwild1@gmail.com>
- date
- Sat, 07 Mar 2009 20:17:09 +0000
- changeset 887
- eef21d7bbe04
- parent 886
- 96de7f0a41cc
- child 893
- cec476fcc19f
mod_saslauth: Disable SASL ANONYMOUS unless explicitly enabled with sasl_anonymous = true
| plugins/mod_saslauth.lua | file | annotate | diff | comparison | revisions |
--- a/plugins/mod_saslauth.lua Sat Mar 07 19:57:28 2009 +0000 +++ b/plugins/mod_saslauth.lua Sat Mar 07 20:17:09 2009 +0000 @@ -17,6 +17,7 @@ local tostring = tostring; local jid_split = require "util.jid".split local md5 = require "util.hashes".md5; +local config = require "core.configmanager"; local log = require "util.logger".init("mod_saslauth"); @@ -106,7 +107,9 @@ -- TODO: Provide PLAIN only if TLS is active, this is a SHOULD from the introduction of RFC 4616. This behavior could be overridden via configuration but will issuing a warning or so. features:tag("mechanism"):text("PLAIN"):up(); features:tag("mechanism"):text("DIGEST-MD5"):up(); - features:tag("mechanism"):text("ANONYMOUS"):up(); + if config.get(session.host or "*", "core", "sasl_anonymous") then + features:tag("mechanism"):text("ANONYMOUS"):up(); + end features:up(); else features:tag("bind", bind_attr):tag("required"):up():up();
