Comparison

plugins/mod_saslauth.lua @ 12330:38b5b05407be

various: Require encryption by default for real These options have been specified (and enabled) in the default config file for a long time. However if unspecified in the config, they were not enabled. Now they are. This may result in a change of behaviour for people using very old config files that lack the require_encryption options. But that's what we want.
author Kim Alvefur <zash@zash.se>
date Sat, 25 Dec 2021 16:23:40 +0100
parent 11526:15a3db955ad3
child 12333:ed8a4f8dfd27
comparison
equal deleted inserted replaced
12329:c980210ca095 12330:38b5b05407be
15 local set = require "util.set"; 15 local set = require "util.set";
16 local errors = require "util.error"; 16 local errors = require "util.error";
17 17
18 local usermanager_get_sasl_handler = require "core.usermanager".get_sasl_handler; 18 local usermanager_get_sasl_handler = require "core.usermanager".get_sasl_handler;
19 19
20 local secure_auth_only = module:get_option_boolean("c2s_require_encryption", module:get_option_boolean("require_encryption", false)); 20 local secure_auth_only = module:get_option_boolean("c2s_require_encryption", module:get_option_boolean("require_encryption", true));
21 local allow_unencrypted_plain_auth = module:get_option_boolean("allow_unencrypted_plain_auth", false) 21 local allow_unencrypted_plain_auth = module:get_option_boolean("allow_unencrypted_plain_auth", false)
22 local insecure_mechanisms = module:get_option_set("insecure_sasl_mechanisms", allow_unencrypted_plain_auth and {} or {"PLAIN", "LOGIN"}); 22 local insecure_mechanisms = module:get_option_set("insecure_sasl_mechanisms", allow_unencrypted_plain_auth and {} or {"PLAIN", "LOGIN"});
23 local disabled_mechanisms = module:get_option_set("disable_sasl_mechanisms", { "DIGEST-MD5" }); 23 local disabled_mechanisms = module:get_option_set("disable_sasl_mechanisms", { "DIGEST-MD5" });
24 24
25 local log = module._log; 25 local log = module._log;