14 local set = require "util.set";

    14 local set = require "util.set";

    15 

    15 

    16 local usermanager_get_sasl_handler = require "core.usermanager".get_sasl_handler;

    16 local usermanager_get_sasl_handler = require "core.usermanager".get_sasl_handler;

    17 local sm_make_authenticated = require "core.sessionmanager".make_authenticated;

    17 local sm_make_authenticated = require "core.sessionmanager".make_authenticated;

    18 

    18 

    20 

    20 

    21 local allow_unencrypted_plain_auth = module:get_option_boolean("allow_unencrypted_plain_auth", false)

    21 local allow_unencrypted_plain_auth = module:get_option_boolean("allow_unencrypted_plain_auth", false)

    22 local insecure_mechanisms = module:get_option_set("insecure_sasl_mechanisms", allow_unencrypted_plain_auth and {} or {"PLAIN", "LOGIN"});

    22 local insecure_mechanisms = module:get_option_set("insecure_sasl_mechanisms", allow_unencrypted_plain_auth and {} or {"PLAIN", "LOGIN"});

    23 local disabled_mechanisms = module:get_option_set("disable_sasl_mechanisms", { "DIGEST-MD5" });

    23 local disabled_mechanisms = module:get_option_set("disable_sasl_mechanisms", { "DIGEST-MD5" });

    24 

    24 

    76 		else

    76 		else

    77 			log("debug", "Channel binding not supported by SASL handler");

    77 			log("debug", "Channel binding not supported by SASL handler");

    78 		end

    78 		end

    79 	end

    79 	end

    80 

    80 

    82 

    82 

    83 	local available_mechanisms = sasl_handler:mechanisms()

    83 	local available_mechanisms = sasl_handler:mechanisms()

    84 	for mechanism in pairs(available_mechanisms) do

    84 	for mechanism in pairs(available_mechanisms) do

    85 		if disabled_mechanisms:contains(mechanism) then

    85 		if disabled_mechanisms:contains(mechanism) then

    86 			log("debug", "Not offering disabled mechanism %s", mechanism);

    86 			log("debug", "Not offering disabled mechanism %s", mechanism);