# HG changeset patch
# User Kim Alvefur <zash@zash.se>
# Date 1381143413 -7200
# Node ID c3ee62b3bdfee3abcde9240acd38f6c2df7fb8d8
# Parent  89b16a160cbccd0ab5a0111b0f07b46cc6b65d0c# Parent  87e2fafba5df2ac7e43ca37d46ecf38edbae9902
Merge 0.10->trunk

diff -r 89b16a160cbc -r c3ee62b3bdfe plugins/mod_c2s.lua
--- a/plugins/mod_c2s.lua	Sun Oct 06 23:53:15 2013 +0200
+++ b/plugins/mod_c2s.lua	Mon Oct 07 12:56:53 2013 +0200
@@ -69,6 +69,7 @@
 	-- since we now have a new stream header, session is secured
 	if session.secure == false then
 		session.secure = true;
+		session.encrypted = true;
 
 		local sock = session.conn:socket();
 		if sock.info then
@@ -209,6 +210,7 @@
 	-- Client is using legacy SSL (otherwise mod_tls sets this flag)
 	if conn:ssl() then
 		session.secure = true;
+		session.encrypted = true;
 
 		-- Check if TLS compression is used
 		local sock = conn:socket();
diff -r 89b16a160cbc -r c3ee62b3bdfe plugins/mod_s2s/mod_s2s.lua
--- a/plugins/mod_s2s/mod_s2s.lua	Sun Oct 06 23:53:15 2013 +0200
+++ b/plugins/mod_s2s/mod_s2s.lua	Mon Oct 07 12:56:53 2013 +0200
@@ -283,6 +283,7 @@
 	-- TODO: Rename session.secure to session.encrypted
 	if session.secure == false then
 		session.secure = true;
+		session.encrypted = true;
 
 		local sock = session.conn:socket();
 		if sock.info then
diff -r 89b16a160cbc -r c3ee62b3bdfe plugins/mod_s2s/s2sout.lib.lua
--- a/plugins/mod_s2s/s2sout.lib.lua	Sun Oct 06 23:53:15 2013 +0200
+++ b/plugins/mod_s2s/s2sout.lib.lua	Mon Oct 07 12:56:53 2013 +0200
@@ -270,6 +270,7 @@
 	-- Reset secure flag in case this is another
 	-- connection attempt after a failed STARTTLS
 	host_session.secure = nil;
+	host_session.encrypted = nil;
 
 	local conn, handler;
 	local proto = connect_host.proto;
diff -r 89b16a160cbc -r c3ee62b3bdfe plugins/mod_saslauth.lua
--- a/plugins/mod_saslauth.lua	Sun Oct 06 23:53:15 2013 +0200
+++ b/plugins/mod_saslauth.lua	Mon Oct 07 12:56:53 2013 +0200
@@ -242,7 +242,7 @@
 			return;
 		end
 		origin.sasl_handler = usermanager_get_sasl_handler(module.host, origin);
-		if origin.secure then
+		if origin.encrypted then
 			-- check wether LuaSec has the nifty binding to the function needed for tls-unique
 			-- FIXME: would be nice to have this check only once and not for every socket
 			if origin.conn:socket().getpeerfinished then