equal
deleted
inserted
replaced
245 if secure_auth_only and not origin.secure then |
245 if secure_auth_only and not origin.secure then |
246 return; |
246 return; |
247 end |
247 end |
248 origin.sasl_handler = usermanager_get_sasl_handler(module.host); |
248 origin.sasl_handler = usermanager_get_sasl_handler(module.host); |
249 if origin.secure then |
249 if origin.secure then |
250 origin.sasl_handler:add_cb_handler("tls-unique", function(self) |
250 -- check wether LuaSec has the nifty binding to the function needed for tls-unique |
251 return self.userdata:getpeerfinished(); |
251 -- FIXME: would be nice to have this check only once and not for every socket |
252 end); |
252 if origin.conn:socket().getpeerfinished then |
253 origin.sasl_handler["userdata"] = origin.conn:socket(); |
253 origin.sasl_handler:add_cb_handler("tls-unique", function(self) |
|
254 return self.userdata:getpeerfinished(); |
|
255 end); |
|
256 origin.sasl_handler["userdata"] = origin.conn:socket(); |
|
257 end |
254 end |
258 end |
255 features:tag("mechanisms", mechanisms_attr); |
259 features:tag("mechanisms", mechanisms_attr); |
256 for mechanism in pairs(origin.sasl_handler:mechanisms()) do |
260 for mechanism in pairs(origin.sasl_handler:mechanisms()) do |
257 if mechanism ~= "PLAIN" or origin.secure or allow_unencrypted_plain_auth then |
261 if mechanism ~= "PLAIN" or origin.secure or allow_unencrypted_plain_auth then |
258 features:tag("mechanism"):text(mechanism):up(); |
262 features:tag("mechanism"):text(mechanism):up(); |