mod_legacyauth: Limit authentication to unauthenticated client connections.

author: Waqas Hussain <waqas20@gmail.com> 2010-10-16 05:46:23 +0500
committer: Waqas Hussain <waqas20@gmail.com> 2010-10-16 05:46:23 +0500
commit: 40c3f8ddad849e3f9618e199cea95163fe3437af (patch)
tree: 4d77b34f360de105df973fa6b9e70ae5993bfd1a /plugins/mod_legacyauth.lua
parent: 79082eba3e3d10fdfbcd8975a95f752fa150202f (diff)
download: prosody-40c3f8ddad849e3f9618e199cea95163fe3437af.tar.gz
prosody-40c3f8ddad849e3f9618e199cea95163fe3437af.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/plugins/mod_legacyauth.lua b/plugins/mod_legacyauth.lua
index 95f36110..47a8c0ab 100644
--- a/plugins/mod_legacyauth.lua
+++ b/plugins/mod_legacyauth.lua
@@ -32,6 +32,11 @@ end);
 module:hook("stanza/iq/jabber:iq:auth:query", function(event)
 	local session, stanza = event.origin, event.stanza;
 
+	if session.type ~= "c2s_unauthed" then
+		session.send(st.error_reply(stanza, "cancel", "service-unavailable", "Legacy authentication is only allowed for unauthenticated client connections."));
+		return true;
+	end
+
 	if secure_auth_only and not session.secure then
 		session.send(st.error_reply(stanza, "modify", "not-acceptable", "Encryption (SSL or TLS) is required to connect to this server"));
 		return true;
author	Waqas Hussain <waqas20@gmail.com>	2010-10-16 05:46:23 +0500
committer	Waqas Hussain <waqas20@gmail.com>	2010-10-16 05:46:23 +0500
commit	40c3f8ddad849e3f9618e199cea95163fe3437af (patch)
tree	4d77b34f360de105df973fa6b9e70ae5993bfd1a /plugins/mod_legacyauth.lua
parent	79082eba3e3d10fdfbcd8975a95f752fa150202f (diff)
download	prosody-40c3f8ddad849e3f9618e199cea95163fe3437af.tar.gz prosody-40c3f8ddad849e3f9618e199cea95163fe3437af.zip