Mercurial > prosody-modules
diff mod_auth_imap/auth_imap/mod_auth_imap.lua @ 1200:34216cdffda6
mod_auth_imap: unfortunately large commit which adds support for SSL (including cert verification), appending the realm to usernames, and various IMAP protocol fixes
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Thu, 26 Sep 2013 18:14:45 +0100 |
| parents | b21bd39c8a12 |
| children | 744af76b7324 |
line wrap: on
line diff
--- a/mod_auth_imap/auth_imap/mod_auth_imap.lua Thu Sep 26 18:12:27 2013 +0100 +++ b/mod_auth_imap/auth_imap/mod_auth_imap.lua Thu Sep 26 18:14:45 2013 +0100 @@ -11,7 +11,16 @@ local imap_service_realm = module:get_option("imap_service_realm"); local imap_service_name = module:get_option("imap_service_name"); +local append_host = module:get_option_boolean("auth_append_host"); +local verify_certificate = module:get_option_boolean("auth_imap_verify_certificate", true); +local ssl_params = module:get_option("auth_imap_ssl", { + mode = "client", protocol = "sslv23"; + capath = "/etc/ssl/certs"; + options = { "no_sslv2", "no_sslv3" }; + verify = verify_certificate and { "peer", "fail_if_no_peer_cert" } or nil; + ciphers = "HIGH:!DSS:!aNULL@STRENGTH"; +}); local new_imap_sasl = module:require "sasl_imap".new; @@ -19,7 +28,8 @@ return new_imap_sasl( imap_service_realm or realm, imap_service_name or "xmpp", - imap_host, imap_port + imap_host, imap_port, + ssl_params, append_host ); end