Hi folks, This is a quick note to say that I have just renamed mod_auth_external to mod_auth_external_insecure in prosody-modules as a result of a couple of concerning reports of incorrect behaviour in some circumstances.
I haven't been able to reproduce the behaviour locally, but given that the module is not really maintained at this point and has a number of issues, I'm making the call to explicitly deprecate it. In anticipation of people depend on the module, I'm not ruling out a potential replacement in the future, but it would likely be based on a different design, drop compatibility with the old ejabberd protocol and instead use a new and much more robust (and secure) protocol for communication with the script. However I'd strongly encourage people to consider whether one of the many other auth modules available in both prosody and prosody-modules, and consider whether one of these might be a better option for your use-case. Regards, Matthew -- You received this message because you are subscribed to the Google Groups "prosody-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to prosody-dev+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/prosody-dev/CAJt9-x541RX_gWLgWQx9QEBiXYe-3YDPWTQBByDtVS%2BWPbzq6A%40mail.gmail.com.
