3 files changed, 8 insertions, 3 deletions

diff --git a/core/modulemanager.lua b/core/modulemanager.lua
index 2e488fd5..eb1ce733 100644
--- a/core/modulemanager.lua
+++ b/core/modulemanager.lua
@@ -30,7 +30,7 @@ pcall = function(f, ...)
 end
 
 local autoload_modules = {prosody.platform, "presence", "message", "iq", "offline", "c2s", "s2s"};
-local component_inheritable_modules = {"tls", "dialback", "iq", "s2s"};
+local component_inheritable_modules = {"tls", "saslauth", "dialback", "iq", "s2s"};
 
 -- We need this to let modules access the real global namespace
 local _G = _G;
diff --git a/plugins/mod_saslauth.lua b/plugins/mod_saslauth.lua
index 94c060b3..df60aefa 100644
--- a/plugins/mod_saslauth.lua
+++ b/plugins/mod_saslauth.lua
@@ -197,7 +197,7 @@ module:hook("stanza/urn:ietf:params:xml:ns:xmpp-sasl:auth", function(event)
 		return s2s_external_auth(session, stanza)
 	end
 
-	if session.type ~= "c2s_unauthed" then return; end
+	if session.type ~= "c2s_unauthed" or module:get_host_type() ~= "local" then return; end
 
 	if session.sasl_handler and session.sasl_handler.selected then
 		session.sasl_handler = nil; -- allow starting a new SASL negotiation before completing an old one
diff --git a/prosodyctl b/prosodyctl
index cf2ab74d..c3adad4d 100755
--- a/prosodyctl
+++ b/prosodyctl
@@ -687,7 +687,12 @@ function cert_commands.config(arg)
 				conf.distinguished_name[k] = nv ~= "." and nv or nil;
 			end
 		end
-		local conf_file = io.open(conf_filename, "w");
+		local conf_file, err = io.open(conf_filename, "w");
+		if not conf_file then
+			show_warning("Could not open OpenSSL config file for writing");
+			show_warning(err);
+			os.exit(1);
+		end
 		conf_file:write(conf:serialize());
 		conf_file:close();
 		print("");