From 49fb45a07bff1f2364743eaae6860c5b3370ebec Mon Sep 17 00:00:00 2001
From: Matthew Wild <mwild1@gmail.com>
Date: Wed, 20 Apr 2011 18:19:28 +0100
Subject: mod_legacyauth: Disallow on unencrypted connections by default, heed
 allow_unencrypted_plain_auth config option (thanks Maranda/Zash)

---
 plugins/mod_legacyauth.lua | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'plugins/mod_legacyauth.lua')

diff --git a/plugins/mod_legacyauth.lua b/plugins/mod_legacyauth.lua
index 47a8c0ab..a47f0223 100644
--- a/plugins/mod_legacyauth.lua
+++ b/plugins/mod_legacyauth.lua
@@ -11,7 +11,9 @@
 local st = require "util.stanza";
 local t_concat = table.concat;
 
-local secure_auth_only = module:get_option("c2s_require_encryption") or module:get_option("require_encryption");
+local secure_auth_only = module:get_option("c2s_require_encryption")
+	or module:get_option("require_encryption")
+	or not(module:get_option("allow_unencrypted_plain_auth"));
 
 local sessionmanager = require "core.sessionmanager";
 local usermanager = require "core.usermanager";
-- 
cgit v1.2.3