#1448 mod_saslauth warns about no SASL mechanisms on insecure connections

Reporter Zash
Owner Nobody
Created
Updated
Stars ★ (1)
Tags
  • Priority-Medium
  • Status-Accepted
  • Milestone-0.11
  • Type-Defect
  1. Zash on

    What steps will reproduce the problem? 1. c2s_require_encryption = false 2. mod_tls enabled 3. auth module provides only PLAIN 4. connect client 5. watch logs What is the expected output? Client connects, does STARTTLS, authenticates with SASL PLAIN, all is well. What do you see instead? Before TLS, mod_saslauth logs this: warn All available authentication mechanisms are either disabled or not suitable for an insecure connection What version of the product are you using? On what operating system? 0.11.3+7 ( https://hg.prosody.im/trunk/rev/906ea5e1ec75 ) Please provide any additional information below. This warning is technically correct, however if TLS is available then it works as if c2s_require_encryption was enabled. Setting that to true silences the warning.

New comment

Not published. Used for spam prevention and optional update notifications.