usermanager, mod_saslauth: Default to internal_hashed if no auth module specified

The default config was updated in this way long ago, but if no option was
present in the config, Prosody would load internal_plain.

This change can result in changes (for the better) for people using very old
configuration files lacking an 'authentication' setting.

3 files changed, 3 insertions, 2 deletions

diff --git a/CHANGES b/CHANGES
index 83efa5c2..8e3a556c 100644
--- a/CHANGES
+++ b/CHANGES
@@ -34,6 +34,7 @@ TRUNK
 -   Easy use of Mozilla TLS recommendations presets
 -   Unencrypted HTTP port (5280) restricted to loopback by default
 -   require_encryption options default to 'true' if unspecified
+-   Authentication module defaults to 'internal_hashed' if unspecified
 
 ### HTTP
 
diff --git a/core/usermanager.lua b/core/usermanager.lua
index ca4e2baa..45f104fa 100644
--- a/core/usermanager.lua
+++ b/core/usermanager.lua
@@ -23,7 +23,7 @@ local hosts = prosody.hosts;
 
 local setmetatable = setmetatable;
 
-local default_provider = "internal_plain";
+local default_provider = "internal_hashed";
 
 local _ENV = nil;
 -- luacheck: std none
diff --git a/plugins/mod_saslauth.lua b/plugins/mod_saslauth.lua
index 30d7acfa..ab863aa3 100644
--- a/plugins/mod_saslauth.lua
+++ b/plugins/mod_saslauth.lua
@@ -309,7 +309,7 @@ module:hook("stream-features", function(event)
 			return;
 		end
 
-		local authmod = module:get_option_string("authentication", "internal_plain");
+		local authmod = module:get_option_string("authentication", "internal_hashed");
 		if available_mechanisms:empty() then
 			log("warn", "No available SASL mechanisms, verify that the configured authentication module '%s' is loaded and configured correctly", authmod);
 			return;