# HG changeset patch
# User Kim Alvefur <zash@zash.se>
# Date 1416404681 -3600
# Node ID c0d221b0c94c65fee942b3bbc8ea84157e2e6ea7
# Parent  e733e98a348a59b88946a8ca6264af6853bbe20f
mod_saslauth: Break out tls-unique channel binding callback so it is instantiated once

diff -r e733e98a348a -r c0d221b0c94c plugins/mod_saslauth.lua
--- a/plugins/mod_saslauth.lua	Wed Nov 19 14:37:45 2014 +0100
+++ b/plugins/mod_saslauth.lua	Wed Nov 19 14:44:41 2014 +0100
@@ -214,6 +214,10 @@
 	return true;
 end);
 
+local function tls_unique(self)
+	return self.userdata:getpeerfinished();
+end
+
 local mechanisms_attr = { xmlns='urn:ietf:params:xml:ns:xmpp-sasl' };
 local bind_attr = { xmlns='urn:ietf:params:xml:ns:xmpp-bind' };
 local xmpp_session_attr = { xmlns='urn:ietf:params:xml:ns:xmpp-session' };
@@ -228,11 +232,12 @@
 		if origin.encrypted then
 			-- check wether LuaSec has the nifty binding to the function needed for tls-unique
 			-- FIXME: would be nice to have this check only once and not for every socket
-			if origin.conn:socket().getpeerfinished and sasl_handler.add_cb_handler then
-				sasl_handler:add_cb_handler("tls-unique", function(self)
-					return self.userdata:getpeerfinished();
-				end);
-				sasl_handler["userdata"] = origin.conn:socket();
+			if sasl_handler.add_cb_handler then
+				local socket = origin.conn:socket();
+				if socket.getpeerfinished then
+					sasl_handler:add_cb_handler("tls-unique", tls_unique);
+				end
+				sasl_handler["userdata"] = socket;
 			end
 		end
 		local mechanisms = st.stanza("mechanisms", mechanisms_attr);