aboutsummaryrefslogtreecommitdiffstats
path: root/plugins
diff options
context:
space:
mode:
authorWaqas Hussain <waqas20@gmail.com>2010-07-31 13:49:22 +0500
committerWaqas Hussain <waqas20@gmail.com>2010-07-31 13:49:22 +0500
commitf1fed4a75da40f8bd8c15f11664009bcbd21898a (patch)
tree5a5f7201e313e28519cebda5ae814069a805082d /plugins
parent9da343682eac98108a4bf64620164073556a5027 (diff)
downloadprosody-f1fed4a75da40f8bd8c15f11664009bcbd21898a.tar.gz
prosody-f1fed4a75da40f8bd8c15f11664009bcbd21898a.zip
mod_saslauth: Move mandatory encryption enforcement to before sasl_handler:select().
Diffstat (limited to 'plugins')
-rw-r--r--plugins/mod_saslauth.lua6
1 files changed, 3 insertions, 3 deletions
diff --git a/plugins/mod_saslauth.lua b/plugins/mod_saslauth.lua
index a02c1ec4..f77f51ca 100644
--- a/plugins/mod_saslauth.lua
+++ b/plugins/mod_saslauth.lua
@@ -119,13 +119,13 @@ local function sasl_handler(session, stanza)
elseif stanza.attr.mechanism == "ANONYMOUS" then
return session.send(build_reply("failure", "mechanism-too-weak"));
end
+ if secure_auth_only and not session.secure then
+ return session.send(build_reply("failure", "encryption-required"));
+ end
local valid_mechanism = session.sasl_handler:select(stanza.attr.mechanism);
if not valid_mechanism then
return session.send(build_reply("failure", "invalid-mechanism"));
end
- if secure_auth_only and not session.secure then
- return session.send(build_reply("failure", "encryption-required"));
- end
elseif not session.sasl_handler then
return; -- FIXME ignoring out of order stanzas because ejabberd does
end