Software / code / prosody
Changeset
1217:844ef764ef0e
mod_saslauth: Don't offer bind/session when they aren't authenticated yet :) [thanks albert, again...]
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Fri, 29 May 2009 18:03:48 +0100 |
| parents | 1216:fd8ce71bc72b |
| children | 1218:8e02c10c9e60 |
| files | plugins/mod_saslauth.lua |
| diffstat | 1 files changed, 4 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/plugins/mod_saslauth.lua Fri May 29 14:33:55 2009 +0100 +++ b/plugins/mod_saslauth.lua Fri May 29 18:03:48 2009 +0100 @@ -121,7 +121,10 @@ local xmpp_session_attr = { xmlns='urn:ietf:params:xml:ns:xmpp-session' }; module:add_event_hook("stream-features", function (session, features) - if not session.username and ((not secure_auth_only) or session.secure) then + if not session.username then + if secure_auth_only and not session.secure then + return; + end features:tag("mechanisms", mechanisms_attr); -- TODO: Provide PLAIN only if TLS is active, this is a SHOULD from the introduction of RFC 4616. This behavior could be overridden via configuration but will issuing a warning or so. if config.get(session.host or "*", "core", "anonymous_login") then
