diff options
-rw-r--r-- | plugins/mod_c2s.lua | 2 | ||||
-rw-r--r-- | plugins/mod_s2s/mod_s2s.lua | 1 | ||||
-rw-r--r-- | plugins/mod_s2s/s2sout.lib.lua | 1 | ||||
-rw-r--r-- | plugins/mod_saslauth.lua | 2 |
4 files changed, 5 insertions, 1 deletions
diff --git a/plugins/mod_c2s.lua b/plugins/mod_c2s.lua index 1fb8dcf5..3bdffc7d 100644 --- a/plugins/mod_c2s.lua +++ b/plugins/mod_c2s.lua @@ -69,6 +69,7 @@ function stream_callbacks.streamopened(session, attr) -- since we now have a new stream header, session is secured if session.secure == false then session.secure = true; + session.encrypted = true; local sock = session.conn:socket(); if sock.info then @@ -209,6 +210,7 @@ function listener.onconnect(conn) -- Client is using legacy SSL (otherwise mod_tls sets this flag) if conn:ssl() then session.secure = true; + session.encrypted = true; -- Check if TLS compression is used local sock = conn:socket(); diff --git a/plugins/mod_s2s/mod_s2s.lua b/plugins/mod_s2s/mod_s2s.lua index 1d03f3e4..5afb958c 100644 --- a/plugins/mod_s2s/mod_s2s.lua +++ b/plugins/mod_s2s/mod_s2s.lua @@ -283,6 +283,7 @@ function stream_callbacks.streamopened(session, attr) -- TODO: Rename session.secure to session.encrypted if session.secure == false then session.secure = true; + session.encrypted = true; local sock = session.conn:socket(); if sock.info then diff --git a/plugins/mod_s2s/s2sout.lib.lua b/plugins/mod_s2s/s2sout.lib.lua index ec8ea4d4..dbbef360 100644 --- a/plugins/mod_s2s/s2sout.lib.lua +++ b/plugins/mod_s2s/s2sout.lib.lua @@ -270,6 +270,7 @@ function s2sout.make_connect(host_session, connect_host, connect_port) -- Reset secure flag in case this is another -- connection attempt after a failed STARTTLS host_session.secure = nil; + host_session.encrypted = nil; local conn, handler; local proto = connect_host.proto; diff --git a/plugins/mod_saslauth.lua b/plugins/mod_saslauth.lua index f24eacf8..4513c511 100644 --- a/plugins/mod_saslauth.lua +++ b/plugins/mod_saslauth.lua @@ -242,7 +242,7 @@ module:hook("stream-features", function(event) return; end origin.sasl_handler = usermanager_get_sasl_handler(module.host, origin); - if origin.secure then + if origin.encrypted then -- check wether LuaSec has the nifty binding to the function needed for tls-unique -- FIXME: would be nice to have this check only once and not for every socket if origin.conn:socket().getpeerfinished then |