# HG changeset patch # User Matthew Wild # Date 1303319968 -3600 # Node ID ee445e6588486a61eaa5d6a5f37cc1c6f53916ac # Parent 2f1397b7b1d5b601d68236f44fcbdf286a6f7add mod_legacyauth: Disallow on unencrypted connections by default, heed allow_unencrypted_plain_auth config option (thanks Maranda/Zash) diff -r 2f1397b7b1d5 -r ee445e658848 plugins/mod_legacyauth.lua --- a/plugins/mod_legacyauth.lua Mon Apr 18 20:38:44 2011 +0100 +++ b/plugins/mod_legacyauth.lua Wed Apr 20 18:19:28 2011 +0100 @@ -11,7 +11,9 @@ local st = require "util.stanza"; local t_concat = table.concat; -local secure_auth_only = module:get_option("c2s_require_encryption") or module:get_option("require_encryption"); +local secure_auth_only = module:get_option("c2s_require_encryption") + or module:get_option("require_encryption") + or not(module:get_option("allow_unencrypted_plain_auth")); local sessionmanager = require "core.sessionmanager"; local usermanager = require "core.usermanager";