mod_saslauth: Requiring c2s encryption means requiring c2s encryption... thanks Flo
--- a/plugins/mod_saslauth.lua Thu Dec 17 21:50:02 2009 +0000
+++ b/plugins/mod_saslauth.lua Mon Dec 21 22:00:49 2009 +0000
@@ -115,6 +115,9 @@
if not session.sasl_handler then
return session.send(build_reply("failure", "invalid-mechanism"));
end
+ if secure_auth_only and not session.secure then
+ return session.send(build_reply("failure", "encryption-required"));
+ end
elseif not session.sasl_handler then
return; -- FIXME ignoring out of order stanzas because ejabberd does
end