SASL mechanisms are being offered to remote servers even before securing the socket

Description

Wildfire should not be offfering SASL mechanisms in the initial stream header. SASL EXTERNAL should be the only available mechanism and should only be offered once the connection has been secured using TLS.

Environment

None
Fixed

Assignee

Gaston Dombiak

Reporter

Gaston Dombiak