Software / code / prosody
Changeset
3528:5cdcd7ee6ef5
mod_legacyauth: Limit authentication to unauthenticated client connections.
| author | Waqas Hussain <waqas20@gmail.com> |
|---|---|
| date | Sat, 16 Oct 2010 05:46:23 +0500 |
| parents | 3527:59cdb9166bd0 |
| children | 3529:3f9cc12308aa |
| files | plugins/mod_legacyauth.lua |
| diffstat | 1 files changed, 5 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/plugins/mod_legacyauth.lua Sat Oct 16 05:41:49 2010 +0500 +++ b/plugins/mod_legacyauth.lua Sat Oct 16 05:46:23 2010 +0500 @@ -32,6 +32,11 @@ module:hook("stanza/iq/jabber:iq:auth:query", function(event) local session, stanza = event.origin, event.stanza; + if session.type ~= "c2s_unauthed" then + session.send(st.error_reply(stanza, "cancel", "service-unavailable", "Legacy authentication is only allowed for unauthenticated client connections.")); + return true; + end + if secure_auth_only and not session.secure then session.send(st.error_reply(stanza, "modify", "not-acceptable", "Encryption (SSL or TLS) is required to connect to this server")); return true;
