Mercurial > prosody-modules

diff mod_auth_ccert/mod_auth_ccert.lua @ 1324:853a382c9bd6

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_turncredentials: Advertise the XEP-0215 feature (thanks Gryffus)
author Kim Alvefur <zash@zash.se>
date Fri, 28 Feb 2014 15:36:06 +0100
parents f46307e8e2f8
children b21236b6b8d8
line wrap: on
line diff
--- a/mod_auth_ccert/mod_auth_ccert.lua	Wed Feb 26 13:08:47 2014 -0800
+++ b/mod_auth_ccert/mod_auth_ccert.lua	Fri Feb 28 15:36:06 2014 +0100
@@ -60,7 +60,7 @@
 function get_sasl_handler(session)
 	return new_sasl(module.host, {
 		external = session.secure and function(authz)
-			if not session.secure then
+			if not session.secure or not session.conn:ssl() then
 				-- getpeercertificate() on a TCP connection would be bad, abort!
 				(session.log or log)("error", "How did you manage to select EXTERNAL without TLS?");
 				return nil, false;