prosody
8e1fd8ff66ee
plugins/mod_saslauth.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

Comparison

plugins/mod_saslauth.lua @ 283:8e1fd8ff66ee

Adding some TODO for some security issue.
author Tobias Markmann <tm@ayena.de>
date Sat, 15 Nov 2008 19:12:05 +0100
parent 282:80e7de32b618
child 286:7e4908d4bdf6
comparison
equal deleted inserted replaced
282:80e7de32b618 283:8e1fd8ff66ee
113 113
114 add_event_hook("stream-features", 114 add_event_hook("stream-features",
115 function (session, features) 115 function (session, features)
116 if not session.username then 116 if not session.username then
117 t_insert(features, "<mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>"); 117 t_insert(features, "<mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>");
118 -- TODO: Provide PLAIN only if TLS is active, this is a SHOULD from the introduction of RFC 4616. This behavior could be overridden via configuration but will issuing a warning or so.
118 t_insert(features, "<mechanism>PLAIN</mechanism>"); 119 t_insert(features, "<mechanism>PLAIN</mechanism>");
119 t_insert(features, "<mechanism>DIGEST-MD5</mechanism>"); 120 t_insert(features, "<mechanism>DIGEST-MD5</mechanism>");
120 t_insert(features, "</mechanisms>"); 121 t_insert(features, "</mechanisms>");
121 else 122 else
122 t_insert(features, "<bind xmlns='urn:ietf:params:xml:ns:xmpp-bind'><required/></bind>"); 123 t_insert(features, "<bind xmlns='urn:ietf:params:xml:ns:xmpp-bind'><required/></bind>");