diff options
author | Matthew Wild <mwild1@gmail.com> | 2009-03-07 20:17:09 +0000 |
---|---|---|
committer | Matthew Wild <mwild1@gmail.com> | 2009-03-07 20:17:09 +0000 |
commit | 90fa7296e47fa3439f9842b6904c35dba48364e7 (patch) | |
tree | a59f97d5790088420a00834f84404588212ccc85 | |
parent | 9dd38d32f927e10b0a1d9346cc0e000009d8256a (diff) | |
download | prosody-90fa7296e47fa3439f9842b6904c35dba48364e7.tar.gz prosody-90fa7296e47fa3439f9842b6904c35dba48364e7.zip |
mod_saslauth: Disable SASL ANONYMOUS unless explicitly enabled with sasl_anonymous = true
-rw-r--r-- | plugins/mod_saslauth.lua | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/plugins/mod_saslauth.lua b/plugins/mod_saslauth.lua index ed19a150..4804607b 100644 --- a/plugins/mod_saslauth.lua +++ b/plugins/mod_saslauth.lua @@ -17,6 +17,7 @@ local t_concat, t_insert = table.concat, table.insert; local tostring = tostring; local jid_split = require "util.jid".split local md5 = require "util.hashes".md5; +local config = require "core.configmanager"; local log = require "util.logger".init("mod_saslauth"); @@ -106,7 +107,9 @@ module:add_event_hook("stream-features", -- TODO: Provide PLAIN only if TLS is active, this is a SHOULD from the introduction of RFC 4616. This behavior could be overridden via configuration but will issuing a warning or so. features:tag("mechanism"):text("PLAIN"):up(); features:tag("mechanism"):text("DIGEST-MD5"):up(); - features:tag("mechanism"):text("ANONYMOUS"):up(); + if config.get(session.host or "*", "core", "sasl_anonymous") then + features:tag("mechanism"):text("ANONYMOUS"):up(); + end features:up(); else features:tag("bind", bind_attr):tag("required"):up():up(); |