prosody
eb5fba4c8074

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

Changeset

7869:eb5fba4c8074

mod_tls: Check that connection has starttls method first to prevent offering starttls over tls (thanks Remko and Tobias)
author Kim Alvefur <zash@zash.se>
date Fri, 27 Jan 2017 12:21:09 +0100
parents 7867:194f540e13e2
children 7870:a858066faac6 7871:09aa0453bdcc
files plugins/mod_tls.lua
diffstat 1 files changed, 3 insertions(+), 3 deletions(-) [+]
line wrap: on
line diff
--- a/plugins/mod_tls.lua	Thu Jan 26 14:18:30 2017 +0100
+++ b/plugins/mod_tls.lua	Fri Jan 27 12:21:09 2017 +0100
@@ -62,10 +62,10 @@
 end
 
 local function can_do_tls(session)
-	if session.ssl_ctx ~= nil then
+	if not session.conn.starttls then
+		return false;
+	elseif session.ssl_ctx ~= nil then
 		return session.ssl_ctx;
-	elseif not session.conn.starttls then
-		return false;
 	end
 	if session.type == "c2s_unauthed" then
 		session.ssl_ctx = ssl_ctx_c2s;