prosody
87e2fafba5df
plugins/mod_saslauth.lua
Software / code / prosody
Comparison
plugins/mod_saslauth.lua @ 5860:87e2fafba5df
mod_saslauth: Collect data for channel binding only if we know for sure that the stream is encrypted
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Mon, 07 Oct 2013 12:56:21 +0200 |
| parent | 5843:fb6573e191cf |
| child | 6014:d61026bee038 |
comparison
equal
deleted
inserted
replaced
| 5859:e327f2d4e09f | 5860:87e2fafba5df |
|---|---|
| 240 if not origin.username then | 240 if not origin.username then |
| 241 if secure_auth_only and not origin.secure then | 241 if secure_auth_only and not origin.secure then |
| 242 return; | 242 return; |
| 243 end | 243 end |
| 244 origin.sasl_handler = usermanager_get_sasl_handler(module.host, origin); | 244 origin.sasl_handler = usermanager_get_sasl_handler(module.host, origin); |
| 245 if origin.secure then | 245 if origin.encrypted then |
| 246 -- check wether LuaSec has the nifty binding to the function needed for tls-unique | 246 -- check wether LuaSec has the nifty binding to the function needed for tls-unique |
| 247 -- FIXME: would be nice to have this check only once and not for every socket | 247 -- FIXME: would be nice to have this check only once and not for every socket |
| 248 if origin.conn:socket().getpeerfinished then | 248 if origin.conn:socket().getpeerfinished then |
| 249 origin.sasl_handler:add_cb_handler("tls-unique", function(self) | 249 origin.sasl_handler:add_cb_handler("tls-unique", function(self) |
| 250 return self.userdata:getpeerfinished(); | 250 return self.userdata:getpeerfinished(); |
