mirrors/prosody
1
0
Fork 0
mirror of https://github.com/bjc/prosody.git synced 2025-04-05 06:07:37 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

Provide SASL PLAIN mechanism only if TLS is active.

Browse source
This commit is contained in:
Tobias Markmann 2009-11-18 23:26:35 +01:00
parent 406173262f
commit 74de4e3804
1 changed files with 3 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

4
plugins/mod_saslauth.lua
View file

@ -141,9 +141,11 @@ module:add_event_hook("stream-features",
session.sasl_handler = new_sasl(session.host, anonymous_authentication_profile);
else
session.sasl_handler = new_sasl(session.host, default_authentication_profile);
if not session.secure then
session.sasl_handler:forbidden({"PLAIN"});
end
end
features:tag("mechanisms", mechanisms_attr);
-- TODO: Provide PLAIN only if TLS is active, this is a SHOULD from the introduction of RFC 4616. This behavior could be overridden via configuration but will issuing a warning or so.
for k, v in pairs(session.sasl_handler:mechanisms()) do
features:tag("mechanism"):text(v):up();
end