diff options
author | Kim Alvefur <zash@zash.se> | 2013-09-22 00:44:20 +0200 |
---|---|---|
committer | Kim Alvefur <zash@zash.se> | 2013-09-22 00:44:20 +0200 |
commit | 7acb88a57602b9211399b3a08b92437c0d9998fa (patch) | |
tree | 1ba72d8451742d9783eb651a8e11b02d489f57a2 /plugins | |
parent | bec0e278696c71d1a43be1e04c345be1a27cfc15 (diff) | |
parent | f06c9f7d0da2fb9f1d0af09ce24e74b983fa49b3 (diff) | |
download | prosody-7acb88a57602b9211399b3a08b92437c0d9998fa.tar.gz prosody-7acb88a57602b9211399b3a08b92437c0d9998fa.zip |
Merge Tobias SCRAM-PLUS work
Diffstat (limited to 'plugins')
-rw-r--r-- | plugins/mod_saslauth.lua | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/plugins/mod_saslauth.lua b/plugins/mod_saslauth.lua index 1bf6fb96..f24eacf8 100644 --- a/plugins/mod_saslauth.lua +++ b/plugins/mod_saslauth.lua @@ -242,6 +242,16 @@ module:hook("stream-features", function(event) return; end origin.sasl_handler = usermanager_get_sasl_handler(module.host, origin); + if origin.secure then + -- check wether LuaSec has the nifty binding to the function needed for tls-unique + -- FIXME: would be nice to have this check only once and not for every socket + if origin.conn:socket().getpeerfinished then + origin.sasl_handler:add_cb_handler("tls-unique", function(self) + return self.userdata:getpeerfinished(); + end); + origin.sasl_handler["userdata"] = origin.conn:socket(); + end + end local mechanisms = st.stanza("mechanisms", mechanisms_attr); for mechanism in pairs(origin.sasl_handler:mechanisms()) do if mechanism ~= "PLAIN" or origin.secure or allow_unencrypted_plain_auth then |