Mercurial Mercurial > prosody > prosody-modules / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_auth_ccert/mod_auth_ccert.lua
changeset 1324 853a382c9bd6
parent 1092 f46307e8e2f8
child 1325 b21236b6b8d8 
--- a/mod_auth_ccert/mod_auth_ccert.lua	Wed Feb 26 13:08:47 2014 -0800
+++ b/mod_auth_ccert/mod_auth_ccert.lua	Fri Feb 28 15:36:06 2014 +0100
@@ -60,7 +60,7 @@
 function get_sasl_handler(session)
 	return new_sasl(module.host, {
 		external = session.secure and function(authz)
-			if not session.secure then
+			if not session.secure or not session.conn:ssl() then
 				-- getpeercertificate() on a TCP connection would be bad, abort!
 				(session.log or log)("error", "How did you manage to select EXTERNAL without TLS?");
 				return nil, false;
prosody-modules