aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--core/modulemanager.lua2
-rw-r--r--plugins/mod_saslauth.lua2
-rw-r--r--prosody.cfg.lua.dist2
-rwxr-xr-xprosodyctl7
-rw-r--r--util/sasl.lua14
5 files changed, 17 insertions, 10 deletions
diff --git a/core/modulemanager.lua b/core/modulemanager.lua
index 2e488fd5..eb1ce733 100644
--- a/core/modulemanager.lua
+++ b/core/modulemanager.lua
@@ -30,7 +30,7 @@ pcall = function(f, ...)
end
local autoload_modules = {prosody.platform, "presence", "message", "iq", "offline", "c2s", "s2s"};
-local component_inheritable_modules = {"tls", "dialback", "iq", "s2s"};
+local component_inheritable_modules = {"tls", "saslauth", "dialback", "iq", "s2s"};
-- We need this to let modules access the real global namespace
local _G = _G;
diff --git a/plugins/mod_saslauth.lua b/plugins/mod_saslauth.lua
index 94c060b3..df60aefa 100644
--- a/plugins/mod_saslauth.lua
+++ b/plugins/mod_saslauth.lua
@@ -197,7 +197,7 @@ module:hook("stanza/urn:ietf:params:xml:ns:xmpp-sasl:auth", function(event)
return s2s_external_auth(session, stanza)
end
- if session.type ~= "c2s_unauthed" then return; end
+ if session.type ~= "c2s_unauthed" or module:get_host_type() ~= "local" then return; end
if session.sasl_handler and session.sasl_handler.selected then
session.sasl_handler = nil; -- allow starting a new SASL negotiation before completing an old one
diff --git a/prosody.cfg.lua.dist b/prosody.cfg.lua.dist
index 1d11a658..ade219a8 100644
--- a/prosody.cfg.lua.dist
+++ b/prosody.cfg.lua.dist
@@ -63,7 +63,6 @@ modules_enabled = {
--"http_files"; -- Serve static files from a directory over HTTP
-- Other specific functionality
- --"posix"; -- POSIX functionality, sends server to background, enables syslog, etc.
--"groups"; -- Shared roster support
--"announce"; -- Send announcement to all online users
--"welcome"; -- Welcome users who register accounts
@@ -78,6 +77,7 @@ modules_disabled = {
-- "offline"; -- Store offline messages
-- "c2s"; -- Handle client connections
-- "s2s"; -- Handle server-to-server connections
+ -- "posix"; -- POSIX functionality, sends server to background, enables syslog, etc.
}
-- Disable account creation by default, for security
diff --git a/prosodyctl b/prosodyctl
index cf2ab74d..c3adad4d 100755
--- a/prosodyctl
+++ b/prosodyctl
@@ -687,7 +687,12 @@ function cert_commands.config(arg)
conf.distinguished_name[k] = nv ~= "." and nv or nil;
end
end
- local conf_file = io.open(conf_filename, "w");
+ local conf_file, err = io.open(conf_filename, "w");
+ if not conf_file then
+ show_warning("Could not open OpenSSL config file for writing");
+ show_warning(err);
+ os.exit(1);
+ end
conf_file:write(conf:serialize());
conf_file:close();
print("");
diff --git a/util/sasl.lua b/util/sasl.lua
index c8490842..b91e29a6 100644
--- a/util/sasl.lua
+++ b/util/sasl.lua
@@ -100,14 +100,16 @@ end
function method:mechanisms()
local current_mechs = {};
for mech, _ in pairs(self.mechs) do
- if mechanism_channelbindings[mech] and self.profile.cb then
- local ok = false;
- for cb_name, _ in pairs(self.profile.cb) do
- if mechanism_channelbindings[mech][cb_name] then
- ok = true;
+ if mechanism_channelbindings[mech] then
+ if self.profile.cb then
+ local ok = false;
+ for cb_name, _ in pairs(self.profile.cb) do
+ if mechanism_channelbindings[mech][cb_name] then
+ ok = true;
+ end
end
+ if ok == true then current_mechs[mech] = true; end
end
- if ok == true then current_mechs[mech] = true; end
else
current_mechs[mech] = true;
end