From 40c3f8ddad849e3f9618e199cea95163fe3437af Mon Sep 17 00:00:00 2001 From: Waqas Hussain Date: Sat, 16 Oct 2010 05:46:23 +0500 Subject: mod_legacyauth: Limit authentication to unauthenticated client connections. --- plugins/mod_legacyauth.lua | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/plugins/mod_legacyauth.lua b/plugins/mod_legacyauth.lua index 95f36110..47a8c0ab 100644 --- a/plugins/mod_legacyauth.lua +++ b/plugins/mod_legacyauth.lua @@ -32,6 +32,11 @@ end); module:hook("stanza/iq/jabber:iq:auth:query", function(event) local session, stanza = event.origin, event.stanza; + if session.type ~= "c2s_unauthed" then + session.send(st.error_reply(stanza, "cancel", "service-unavailable", "Legacy authentication is only allowed for unauthenticated client connections.")); + return true; + end + if secure_auth_only and not session.secure then session.send(st.error_reply(stanza, "modify", "not-acceptable", "Encryption (SSL or TLS) is required to connect to this server")); return true; -- cgit v1.2.3