#1448 mod_saslauth warns about no SASL mechanisms on insecure connections
Reporter
Zash
Owner
Zash
Created
Updated
Stars
★ (1)
Tags
Priority-Medium
Status-Fixed
Type-Defect
Milestone-0.12
Zash
on
What steps will reproduce the problem?
1. c2s_require_encryption = false
2. mod_tls enabled
3. auth module provides only PLAIN
4. connect client
5. watch logs
What is the expected output?
Client connects, does STARTTLS, authenticates with SASL PLAIN, all is well.
What do you see instead?
Before TLS, mod_saslauth logs this:
warn All available authentication mechanisms are either disabled or not suitable for an insecure connection
What version of the product are you using? On what operating system?
0.11.3+7 ( https://hg.prosody.im/trunk/rev/906ea5e1ec75 )
Please provide any additional information below.
This warning is technically correct, however if TLS is available then it works as if c2s_require_encryption was enabled. Setting that to true silences the warning.
What steps will reproduce the problem? 1. c2s_require_encryption = false 2. mod_tls enabled 3. auth module provides only PLAIN 4. connect client 5. watch logs What is the expected output? Client connects, does STARTTLS, authenticates with SASL PLAIN, all is well. What do you see instead? Before TLS, mod_saslauth logs this: warn All available authentication mechanisms are either disabled or not suitable for an insecure connection What version of the product are you using? On what operating system? 0.11.3+7 ( https://hg.prosody.im/trunk/rev/906ea5e1ec75 ) Please provide any additional information below. This warning is technically correct, however if TLS is available then it works as if c2s_require_encryption was enabled. Setting that to true silences the warning.
https://hg.prosody.im/trunk/rev/8b06d2d51e04 clarified this somewhat, I'll just go ahead and mark this as fixed
Changes