From bd36895afe5188128c60123ae66298e60e36494c Mon Sep 17 00:00:00 2001 From: Mark Zealey Date: Tue, 3 Dec 2024 17:38:00 +0000 Subject: [PATCH] Enable allow_unencrypted_sasl2 on websockets https://github.com/processone/ejabberd/commit/47232838 added the allow_unencrypted_sasl2 option, but this was not added to websockets. --- src/ejabberd_http.erl | 6 ++++++ src/ejabberd_http_ws.erl | 1 + 2 files changed, 7 insertions(+) diff --git a/src/ejabberd_http.erl b/src/ejabberd_http.erl index a1dbd240c..912b25b42 100644 --- a/src/ejabberd_http.erl +++ b/src/ejabberd_http.erl @@ -69,6 +69,7 @@ default_host, custom_headers, trail = <<>>, + allow_unencrypted_sasl2, addr_re, sock_peer_name = none }). @@ -133,10 +134,12 @@ init(SockMod, Socket, Opts) -> CustomHeaders = proplists:get_value(custom_headers, Opts, []), + AllowUnencryptedSasl2 = proplists:get_bool(allow_unencrypted_sasl2, Opts), State = #state{sockmod = SockMod1, socket = Socket1, custom_headers = CustomHeaders, options = Opts, + allow_unencrypted_sasl2 = AllowUnencryptedSasl2, request_handlers = RequestHandlers, sock_peer_name = SockPeer, addr_re = RE}, @@ -916,6 +919,8 @@ normalize_path([Part | Path], Norm) -> listen_opt_type(tag) -> econf:binary(); +listen_opt_type(allow_unencrypted_sasl2) -> + econf:bool(); listen_opt_type(request_handlers) -> econf:map( econf:and_then( @@ -941,6 +946,7 @@ listen_options() -> {protocol_options, undefined}, {tls, false}, {tls_compression, false}, + {allow_unencrypted_sasl2, false}, {request_handlers, []}, {tag, <<>>}, {default_host, undefined}, diff --git a/src/ejabberd_http_ws.erl b/src/ejabberd_http_ws.erl index 0ce51d17b..60daea685 100644 --- a/src/ejabberd_http_ws.erl +++ b/src/ejabberd_http_ws.erl @@ -122,6 +122,7 @@ init([{#ws{ip = IP, http_opts = HOpts}, _} = WS]) -> ({max_ack_queue, _}) -> true; ({ack_timeout, _}) -> true; ({resume_timeout, _}) -> true; + ({allow_unencrypted_sasl2, _}) -> true; ({max_resume_timeout, _}) -> true; ({resend_on_timeout, _}) -> true; ({access, _}) -> true;