diff options
author | Kim Alvefur <zash@zash.se> | 2013-09-22 00:44:20 +0200 |
---|---|---|
committer | Kim Alvefur <zash@zash.se> | 2013-09-22 00:44:20 +0200 |
commit | 3d137b760e65b92764069fe810a7667a80ef2512 (patch) | |
tree | 1ba72d8451742d9783eb651a8e11b02d489f57a2 /plugins | |
parent | 667dd24dc7b458b3279cab7d4e1f2f08272d4f4e (diff) | |
parent | f06c9f7d0da2fb9f1d0af09ce24e74b983fa49b3 (diff) | |
download | prosody-3d137b760e65b92764069fe810a7667a80ef2512.tar.gz prosody-3d137b760e65b92764069fe810a7667a80ef2512.zip |
Merge Tobias SCRAM-PLUS work
Diffstat (limited to 'plugins')
-rw-r--r-- | plugins/mod_saslauth.lua | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/plugins/mod_saslauth.lua b/plugins/mod_saslauth.lua index 1bf6fb96..f24eacf8 100644 --- a/plugins/mod_saslauth.lua +++ b/plugins/mod_saslauth.lua @@ -242,6 +242,16 @@ module:hook("stream-features", function(event) return; end origin.sasl_handler = usermanager_get_sasl_handler(module.host, origin); + if origin.secure then + -- check wether LuaSec has the nifty binding to the function needed for tls-unique + -- FIXME: would be nice to have this check only once and not for every socket + if origin.conn:socket().getpeerfinished then + origin.sasl_handler:add_cb_handler("tls-unique", function(self) + return self.userdata:getpeerfinished(); + end); + origin.sasl_handler["userdata"] = origin.conn:socket(); + end + end local mechanisms = st.stanza("mechanisms", mechanisms_attr); for mechanism in pairs(origin.sasl_handler:mechanisms()) do if mechanism ~= "PLAIN" or origin.secure or allow_unencrypted_plain_auth then |