mod_legacyauth, mod_saslauth, mod_tls: Pass require_encryption as default option to s2s_require_encryption so the later overrides the former

plugins/mod_legacyauth.lua

@@ -11,8 +11,8 @@
 local st = require "util.stanza";
 local t_concat = table.concat;
 
-local secure_auth_only = module:get_option("c2s_require_encryption")
-	or module:get_option("require_encryption")
+local secure_auth_only = module:get_option("c2s_require_encryption",
+	module:get_option("require_encryption"))
 	or not(module:get_option("allow_unencrypted_plain_auth"));
 
 local sessionmanager = require "core.sessionmanager";

plugins/mod_saslauth.lua

@@ -16,7 +16,7 @@ local base64 = require "util.encodings".base64;
 local usermanager_get_sasl_handler = require "core.usermanager".get_sasl_handler;
 local tostring = tostring;
 
-local secure_auth_only = module:get_option("c2s_require_encryption") or module:get_option("require_encryption");
+local secure_auth_only = module:get_option("c2s_require_encryption", module:get_option("require_encryption"));
 local allow_unencrypted_plain_auth = module:get_option("allow_unencrypted_plain_auth")
 
 local log = module._log;

plugins/mod_tls.lua

@@ -9,7 +9,7 @@
 local create_context = require "core.certmanager".create_context;
 local st = require "util.stanza";
 
-local c2s_require_encryption = module:get_option("c2s_require_encryption") or module:get_option("require_encryption");
+local c2s_require_encryption = module:get_option("c2s_require_encryption", module:get_option("require_encryption"));
 local s2s_require_encryption = module:get_option("s2s_require_encryption");
 local allow_s2s_tls = module:get_option("s2s_allow_encryption") ~= false;
 local s2s_secure_auth = module:get_option("s2s_secure_auth");