aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorWaqas Hussain <waqas20@gmail.com>2010-02-10 01:36:22 +0500
committerWaqas Hussain <waqas20@gmail.com>2010-02-10 01:36:22 +0500
commit6d21bd8cf4706fdb0bbf67b3704756c69ae99e32 (patch)
treef841ca6ad37905e405a8a29f1fec2c28333822f6
parent958fddede9f8c86ecd38fad8ea80baf428874f34 (diff)
downloadprosody-6d21bd8cf4706fdb0bbf67b3704756c69ae99e32.tar.gz
prosody-6d21bd8cf4706fdb0bbf67b3704756c69ae99e32.zip
mod_tls: Don't advertise TLS after authentication.
-rw-r--r--plugins/mod_tls.lua4
1 files changed, 2 insertions, 2 deletions
diff --git a/plugins/mod_tls.lua b/plugins/mod_tls.lua
index 73b5ae09..7153e48a 100644
--- a/plugins/mod_tls.lua
+++ b/plugins/mod_tls.lua
@@ -50,7 +50,7 @@ module:add_handler("s2sin_unauthed", "starttls", xmlns_starttls,
local starttls_attr = { xmlns = xmlns_starttls };
module:add_event_hook("stream-features",
function (session, features)
- if session.conn.starttls then
+ if not session.username and session.conn.starttls then
features:tag("starttls", starttls_attr);
if secure_auth_only then
features:tag("required"):up():up();
@@ -63,7 +63,7 @@ module:add_event_hook("stream-features",
module:hook("s2s-stream-features",
function (data)
local session, features = data.session, data.features;
- if session.to_host and session.conn.starttls then
+ if session.to_host and session.type ~= "s2sin" and session.conn.starttls then
features:tag("starttls", starttls_attr):up();
if secure_s2s_only then
features:tag("required"):up():up();