From 566e3c4ac12d22073c7e376a6735af6ca4b2e52e Mon Sep 17 00:00:00 2001
From: Matthew Wild <mwild1@gmail.com>
Date: Mon, 21 Dec 2009 22:00:49 +0000
Subject: mod_saslauth: Requiring c2s encryption means requiring c2s
 encryption... thanks Flo

---
 plugins/mod_saslauth.lua | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'plugins')

diff --git a/plugins/mod_saslauth.lua b/plugins/mod_saslauth.lua
index c0f57cd7..e248479b 100644
--- a/plugins/mod_saslauth.lua
+++ b/plugins/mod_saslauth.lua
@@ -115,6 +115,9 @@ local function sasl_handler(session, stanza)
 		if not session.sasl_handler then
 			return session.send(build_reply("failure", "invalid-mechanism"));
 		end
+		if secure_auth_only and not session.secure then
+			return session.send(build_reply("failure", "encryption-required"));
+		end
 	elseif not session.sasl_handler then
 		return; -- FIXME ignoring out of order stanzas because ejabberd does
 	end
-- 
cgit v1.2.3