From d25620be4c545aec1653ecc40ebb7ea2dd1a12ae Mon Sep 17 00:00:00 2001
From: Carlo Zancanaro <carlo@zancanaro.id.au>
Date: Mon, 11 Mar 2024 22:59:52 +1100
Subject: gnu: services: Add insecure-sasl-mechanisms to prosody configuration.

* gnu/services/messaging.scm (prosody-configuration): Add
insecure-sasl-mechanisms configuration option.
* doc/guix.texi (Messaging Services): Document it.

Change-Id: I8d9e42476ea8ad2f89b143ed4a66b4798e418586
Signed-off-by: Liliana Marie Prikler <liliana.prikler@gmail.com>
---
 gnu/services/messaging.scm | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'gnu/services')

diff --git a/gnu/services/messaging.scm b/gnu/services/messaging.scm
index 9702170b3e..a914d0f89e 100644
--- a/gnu/services/messaging.scm
+++ b/gnu/services/messaging.scm
@@ -427,6 +427,12 @@ See @url{https://prosody.im/doc/modules/mod_tls}."
 @url{https://prosody.im/doc/modules/mod_saslauth}."
      common)
 
+    (insecure-sasl-mechanisms
+     (string-list '("PLAIN" "LOGIN"))
+     "Set of mechanisms that will not be offered on unencrypted connections.
+See @url{https://prosody.im/doc/modules/mod_saslauth}."
+     common)
+
     (s2s-require-encryption?
      (boolean #f)
      "Whether to force all server-to-server connections to be encrypted or not.
-- 
cgit v1.2.3