prosody
c505a8cc8922
plugins/mod_saslauth.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

Comparison

plugins/mod_saslauth.lua @ 3416:c505a8cc8922

mod_saslauth: Move mandatory encryption enforcement to before sasl_handler:select().
author Waqas Hussain <waqas20@gmail.com>
date Sat, 31 Jul 2010 13:49:22 +0500
parent 3391:8ac3f60af3c4
child 3417:53e854b52110
comparison
equal deleted inserted replaced
3415:5ba0e094a5e2 3416:c505a8cc8922
117 return session.send(build_reply("failure", "invalid-mechanism")); 117 return session.send(build_reply("failure", "invalid-mechanism"));
118 end 118 end
119 elseif stanza.attr.mechanism == "ANONYMOUS" then 119 elseif stanza.attr.mechanism == "ANONYMOUS" then
120 return session.send(build_reply("failure", "mechanism-too-weak")); 120 return session.send(build_reply("failure", "mechanism-too-weak"));
121 end 121 end
122 if secure_auth_only and not session.secure then
123 return session.send(build_reply("failure", "encryption-required"));
124 end
122 local valid_mechanism = session.sasl_handler:select(stanza.attr.mechanism); 125 local valid_mechanism = session.sasl_handler:select(stanza.attr.mechanism);
123 if not valid_mechanism then 126 if not valid_mechanism then
124 return session.send(build_reply("failure", "invalid-mechanism")); 127 return session.send(build_reply("failure", "invalid-mechanism"));
125 end
126 if secure_auth_only and not session.secure then
127 return session.send(build_reply("failure", "encryption-required"));
128 end 128 end
129 elseif not session.sasl_handler then 129 elseif not session.sasl_handler then
130 return; -- FIXME ignoring out of order stanzas because ejabberd does 130 return; -- FIXME ignoring out of order stanzas because ejabberd does
131 end 131 end
132 local text = stanza[1]; 132 local text = stanza[1];