Changeset

3416:c505a8cc8922

mod_saslauth: Move mandatory encryption enforcement to before sasl_handler:select().
author Waqas Hussain <waqas20@gmail.com>
date Sat, 31 Jul 2010 13:49:22 +0500
parents 3415:5ba0e094a5e2
children 3417:53e854b52110
files plugins/mod_saslauth.lua
diffstat 1 files changed, 3 insertions(+), 3 deletions(-) [+]
line wrap: on
line diff
--- a/plugins/mod_saslauth.lua	Sat Jul 31 13:32:57 2010 +0500
+++ b/plugins/mod_saslauth.lua	Sat Jul 31 13:49:22 2010 +0500
@@ -119,13 +119,13 @@
 		elseif stanza.attr.mechanism == "ANONYMOUS" then
 			return session.send(build_reply("failure", "mechanism-too-weak"));
 		end
+		if secure_auth_only and not session.secure then
+			return session.send(build_reply("failure", "encryption-required"));
+		end
 		local valid_mechanism = session.sasl_handler:select(stanza.attr.mechanism);
 		if not valid_mechanism then
 			return session.send(build_reply("failure", "invalid-mechanism"));
 		end
-		if secure_auth_only and not session.secure then
-			return session.send(build_reply("failure", "encryption-required"));
-		end
 	elseif not session.sasl_handler then
 		return; -- FIXME ignoring out of order stanzas because ejabberd does
 	end