From 8e115ce8761fcd561ed3f9e3c74e82c491f7815b Mon Sep 17 00:00:00 2001
From: Kim Alvefur <zash@zash.se>
Date: Sat, 22 Mar 2014 12:41:38 +0100
Subject: mod_saslauth: Only do c2s SASL on normal VirtualHosts

---
 plugins/mod_saslauth.lua | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/plugins/mod_saslauth.lua b/plugins/mod_saslauth.lua
index 201cc477..c5d3dc91 100644
--- a/plugins/mod_saslauth.lua
+++ b/plugins/mod_saslauth.lua
@@ -197,7 +197,7 @@ module:hook("stanza/urn:ietf:params:xml:ns:xmpp-sasl:auth", function(event)
 		return s2s_external_auth(session, stanza)
 	end
 
-	if session.type ~= "c2s_unauthed" then return; end
+	if session.type ~= "c2s_unauthed" or module:get_host_type() ~= "local" then return; end
 
 	if session.sasl_handler and session.sasl_handler.selected then
 		session.sasl_handler = nil; -- allow starting a new SASL negotiation before completing an old one
-- 
cgit v1.2.3


From 461da4b3b60c318ad33234deb1a0ce25c8d5bb9b Mon Sep 17 00:00:00 2001
From: Kim Alvefur <zash@zash.se>
Date: Sat, 22 Mar 2014 12:42:01 +0100
Subject: modulemanager: Load mod_saslauth on components by default

---
 core/modulemanager.lua | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/modulemanager.lua b/core/modulemanager.lua
index 535c227b..cddab647 100644
--- a/core/modulemanager.lua
+++ b/core/modulemanager.lua
@@ -30,7 +30,7 @@ pcall = function(f, ...)
 end
 
 local autoload_modules = {"presence", "message", "iq", "offline", "c2s", "s2s"};
-local component_inheritable_modules = {"tls", "dialback", "iq", "s2s"};
+local component_inheritable_modules = {"tls", "saslauth", "dialback", "iq", "s2s"};
 
 -- We need this to let modules access the real global namespace
 local _G = _G;
-- 
cgit v1.2.3


From e4ea0b094a43dd93fab253dff36efbe8aa3dc330 Mon Sep 17 00:00:00 2001
From: Kim Alvefur <zash@zash.se>
Date: Sat, 22 Mar 2014 12:02:11 +0100
Subject: prosodyctl: Show real error if certificate config file can't be
 opened

---
 prosodyctl | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/prosodyctl b/prosodyctl
index 247b099a..d341a75b 100755
--- a/prosodyctl
+++ b/prosodyctl
@@ -684,7 +684,12 @@ function cert_commands.config(arg)
 				conf.distinguished_name[k] = nv ~= "." and nv or nil;
 			end
 		end
-		local conf_file = io.open(conf_filename, "w");
+		local conf_file, err = io.open(conf_filename, "w");
+		if not conf_file then
+			show_warning("Could not open OpenSSL config file for writing");
+			show_warning(err);
+			os.exit(1);
+		end
 		conf_file:write(conf:serialize());
 		conf_file:close();
 		print("");
-- 
cgit v1.2.3


From add9033b9b25362ebce1f91a32b4911e66ff8452 Mon Sep 17 00:00:00 2001
From: Kim Alvefur <zash@zash.se>
Date: Sat, 22 Mar 2014 14:45:04 +0100
Subject: util.sasl: Fix logic for when mechanisms with channel binding support
 are offered

---
 util/sasl.lua | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/util/sasl.lua b/util/sasl.lua
index c8490842..b91e29a6 100644
--- a/util/sasl.lua
+++ b/util/sasl.lua
@@ -100,14 +100,16 @@ end
 function method:mechanisms()
 	local current_mechs = {};
 	for mech, _ in pairs(self.mechs) do
-		if mechanism_channelbindings[mech] and self.profile.cb then
-			local ok = false;
-			for cb_name, _ in pairs(self.profile.cb) do
-				if mechanism_channelbindings[mech][cb_name] then
-					ok = true;
+		if mechanism_channelbindings[mech] then
+			if self.profile.cb then
+				local ok = false;
+				for cb_name, _ in pairs(self.profile.cb) do
+					if mechanism_channelbindings[mech][cb_name] then
+						ok = true;
+					end
 				end
+				if ok == true then current_mechs[mech] = true; end
 			end
-			if ok == true then current_mechs[mech] = true; end
 		else
 			current_mechs[mech] = true;
 		end
-- 
cgit v1.2.3


From 18f7ffec151b965af2745600f272db50a1c92ad2 Mon Sep 17 00:00:00 2001
From: Kim Alvefur <zash@zash.se>
Date: Sat, 22 Mar 2014 14:53:17 +0100
Subject: prosody.cfg.lua.dist: mod_posix is enabled by default on posix
 platforms now

---
 prosody.cfg.lua.dist | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/prosody.cfg.lua.dist b/prosody.cfg.lua.dist
index 1d11a658..ade219a8 100644
--- a/prosody.cfg.lua.dist
+++ b/prosody.cfg.lua.dist
@@ -63,7 +63,6 @@ modules_enabled = {
 		--"http_files"; -- Serve static files from a directory over HTTP
 
 	-- Other specific functionality
-		--"posix"; -- POSIX functionality, sends server to background, enables syslog, etc.
 		--"groups"; -- Shared roster support
 		--"announce"; -- Send announcement to all online users
 		--"welcome"; -- Welcome users who register accounts
@@ -78,6 +77,7 @@ modules_disabled = {
 	-- "offline"; -- Store offline messages
 	-- "c2s"; -- Handle client connections
 	-- "s2s"; -- Handle server-to-server connections
+	-- "posix"; -- POSIX functionality, sends server to background, enables syslog, etc.
 }
 
 -- Disable account creation by default, for security
-- 
cgit v1.2.3