Software / code / prosody-modules
Annotate
mod_auth_phpbb3/mod_auth_phpbb3.lua @ 737:e4ea03b060ed
mod_archive: switch from/to
The XEP-0136 is not very explicit about the meening of <from> and <to>
elements, but the examples are clear: <from> means it comes from the user in
the 'with' attribute of the collection.
That is the opposite of what is currently implemented in that module.
So for better compatibility with complient clients, this switch the 'from' and
'to' fields
| author | Olivier Goffart <ogoffart@woboq.com> |
|---|---|
| date | Wed, 04 Jul 2012 14:08:43 +0200 |
| parent | 665:684cc57a49c1 |
| child | 814:881ec9919144 |
| rev | line source |
|---|---|
|
373
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
1 -- phpbb3 authentication backend for Prosody |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
2 -- |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
3 -- Copyright (C) 2011 Waqas Hussain |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
4 -- |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
5 |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
6 local log = require "util.logger".init("auth_sql"); |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
7 local new_sasl = require "util.sasl".new; |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
8 local nodeprep = require "util.encodings".stringprep.nodeprep; |
|
419
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
9 local saslprep = require "util.encodings".stringprep.saslprep; |
|
373
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
10 local DBI = require "DBI" |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
11 local md5 = require "util.hashes".md5; |
|
377
145fa870321c
mod_auth_phpbb3: Implement password change.
Waqas Hussain <waqas20@gmail.com>
parents:
376
diff
changeset
|
12 local uuid_gen = require "util.uuid".generate; |
|
373
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
13 |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
14 local connection; |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
15 local params = module:get_option("sql"); |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
16 |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
17 local resolve_relative_path = require "core.configmanager".resolve_relative_path; |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
18 |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
19 local function test_connection() |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
20 if not connection then return nil; end |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
21 if connection:ping() then |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
22 return true; |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
23 else |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
24 module:log("debug", "Database connection closed"); |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
25 connection = nil; |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
26 end |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
27 end |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
28 local function connect() |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
29 if not test_connection() then |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
30 prosody.unlock_globals(); |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
31 local dbh, err = DBI.Connect( |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
32 params.driver, params.database, |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
33 params.username, params.password, |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
34 params.host, params.port |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
35 ); |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
36 prosody.lock_globals(); |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
37 if not dbh then |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
38 module:log("debug", "Database connection failed: %s", tostring(err)); |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
39 return nil, err; |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
40 end |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
41 module:log("debug", "Successfully connected to database"); |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
42 dbh:autocommit(true); -- don't run in transaction |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
43 connection = dbh; |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
44 return connection; |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
45 end |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
46 end |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
47 |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
48 do -- process options to get a db connection |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
49 params = params or { driver = "SQLite3" }; |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
50 |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
51 if params.driver == "SQLite3" then |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
52 params.database = resolve_relative_path(prosody.paths.data or ".", params.database or "prosody.sqlite"); |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
53 end |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
54 |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
55 assert(params.driver and params.database, "Both the SQL driver and the database need to be specified"); |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
56 |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
57 assert(connect()); |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
58 end |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
59 |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
60 local function getsql(sql, ...) |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
61 if params.driver == "PostgreSQL" then |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
62 sql = sql:gsub("`", "\""); |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
63 end |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
64 if not test_connection() then connect(); end |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
65 -- do prepared statement stuff |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
66 local stmt, err = connection:prepare(sql); |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
67 if not stmt and not test_connection() then error("connection failed"); end |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
68 if not stmt then module:log("error", "QUERY FAILED: %s %s", err, debug.traceback()); return nil, err; end |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
69 -- run query |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
70 local ok, err = stmt:execute(...); |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
71 if not ok and not test_connection() then error("connection failed"); end |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
72 if not ok then return nil, err; end |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
73 |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
74 return stmt; |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
75 end |
|
377
145fa870321c
mod_auth_phpbb3: Implement password change.
Waqas Hussain <waqas20@gmail.com>
parents:
376
diff
changeset
|
76 local function setsql(sql, ...) |
|
145fa870321c
mod_auth_phpbb3: Implement password change.
Waqas Hussain <waqas20@gmail.com>
parents:
376
diff
changeset
|
77 local stmt, err = getsql(sql, ...); |
|
145fa870321c
mod_auth_phpbb3: Implement password change.
Waqas Hussain <waqas20@gmail.com>
parents:
376
diff
changeset
|
78 if not stmt then return stmt, err; end |
|
145fa870321c
mod_auth_phpbb3: Implement password change.
Waqas Hussain <waqas20@gmail.com>
parents:
376
diff
changeset
|
79 return stmt:affected(); |
|
145fa870321c
mod_auth_phpbb3: Implement password change.
Waqas Hussain <waqas20@gmail.com>
parents:
376
diff
changeset
|
80 end |
|
373
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
81 |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
82 local function get_password(username) |
|
419
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
83 local stmt, err = getsql("SELECT `user_password` FROM `phpbb_users` WHERE `username_clean`=?", username); |
|
373
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
84 if stmt then |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
85 for row in stmt:rows(true) do |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
86 return row.user_password; |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
87 end |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
88 end |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
89 end |
|
665
684cc57a49c1
mod_auth_phpbb3: Optionally allow using PHPBB3 session ID as password ( sql = { sessionid_as_password = true, ... } ).
Waqas Hussain <waqas20@gmail.com>
parents:
626
diff
changeset
|
90 local function check_sessionids(username, session_id) |
|
684cc57a49c1
mod_auth_phpbb3: Optionally allow using PHPBB3 session ID as password ( sql = { sessionid_as_password = true, ... } ).
Waqas Hussain <waqas20@gmail.com>
parents:
626
diff
changeset
|
91 -- TODO add session expiration and auto-login check |
|
684cc57a49c1
mod_auth_phpbb3: Optionally allow using PHPBB3 session ID as password ( sql = { sessionid_as_password = true, ... } ).
Waqas Hussain <waqas20@gmail.com>
parents:
626
diff
changeset
|
92 local stmt, err = getsql("SELECT phpbb_sessions.session_id FROM phpbb_sessions INNER JOIN phpbb_users ON phpbb_users.user_id = phpbb_sessions.session_user_id WHERE phpbb_users.username_clean =?", username); |
|
684cc57a49c1
mod_auth_phpbb3: Optionally allow using PHPBB3 session ID as password ( sql = { sessionid_as_password = true, ... } ).
Waqas Hussain <waqas20@gmail.com>
parents:
626
diff
changeset
|
93 if stmt then |
|
684cc57a49c1
mod_auth_phpbb3: Optionally allow using PHPBB3 session ID as password ( sql = { sessionid_as_password = true, ... } ).
Waqas Hussain <waqas20@gmail.com>
parents:
626
diff
changeset
|
94 for row in stmt:rows(true) do |
|
684cc57a49c1
mod_auth_phpbb3: Optionally allow using PHPBB3 session ID as password ( sql = { sessionid_as_password = true, ... } ).
Waqas Hussain <waqas20@gmail.com>
parents:
626
diff
changeset
|
95 -- if row.session_id == session_id then return true; end |
|
684cc57a49c1
mod_auth_phpbb3: Optionally allow using PHPBB3 session ID as password ( sql = { sessionid_as_password = true, ... } ).
Waqas Hussain <waqas20@gmail.com>
parents:
626
diff
changeset
|
96 |
|
684cc57a49c1
mod_auth_phpbb3: Optionally allow using PHPBB3 session ID as password ( sql = { sessionid_as_password = true, ... } ).
Waqas Hussain <waqas20@gmail.com>
parents:
626
diff
changeset
|
97 -- workaround for possible LuaDBI bug |
|
684cc57a49c1
mod_auth_phpbb3: Optionally allow using PHPBB3 session ID as password ( sql = { sessionid_as_password = true, ... } ).
Waqas Hussain <waqas20@gmail.com>
parents:
626
diff
changeset
|
98 -- The session_id returned by the sql statement has an additional zero at the end. But that is not in the database. |
|
684cc57a49c1
mod_auth_phpbb3: Optionally allow using PHPBB3 session ID as password ( sql = { sessionid_as_password = true, ... } ).
Waqas Hussain <waqas20@gmail.com>
parents:
626
diff
changeset
|
99 if row.session_id == session_id or row.session_id == session_id.."0" then return true; end |
|
684cc57a49c1
mod_auth_phpbb3: Optionally allow using PHPBB3 session ID as password ( sql = { sessionid_as_password = true, ... } ).
Waqas Hussain <waqas20@gmail.com>
parents:
626
diff
changeset
|
100 end |
|
684cc57a49c1
mod_auth_phpbb3: Optionally allow using PHPBB3 session ID as password ( sql = { sessionid_as_password = true, ... } ).
Waqas Hussain <waqas20@gmail.com>
parents:
626
diff
changeset
|
101 end |
|
684cc57a49c1
mod_auth_phpbb3: Optionally allow using PHPBB3 session ID as password ( sql = { sessionid_as_password = true, ... } ).
Waqas Hussain <waqas20@gmail.com>
parents:
626
diff
changeset
|
102 end |
|
373
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
103 |
|
421
816d8e3e83a3
mod_auth_phpbb3: A little refactoring.
Waqas Hussain <waqas20@gmail.com>
parents:
420
diff
changeset
|
104 |
|
373
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
105 local itoa64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; |
|
377
145fa870321c
mod_auth_phpbb3: Implement password change.
Waqas Hussain <waqas20@gmail.com>
parents:
376
diff
changeset
|
106 local function hashEncode64(input, count) |
|
373
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
107 local output = ""; |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
108 local i, value = 0, 0; |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
109 |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
110 while true do |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
111 value = input:byte(i+1) |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
112 i = i+1; |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
113 local idx = value % 0x40 + 1; |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
114 output = output .. itoa64:sub(idx, idx); |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
115 |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
116 if i < count then |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
117 value = value + input:byte(i+1) * 256; |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
118 end |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
119 local _ = value % (2^6); |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
120 local idx = ((value - _) / (2^6)) % 0x40 + 1 |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
121 output = output .. itoa64:sub(idx, idx); |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
122 |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
123 if i >= count then break; end |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
124 i = i+1; |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
125 |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
126 if i < count then |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
127 value = value + input:byte(i+1) * 256 * 256; |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
128 end |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
129 local _ = value % (2^12); |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
130 local idx = ((value - _) / (2^12)) % 0x40 + 1 |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
131 output = output .. itoa64:sub(idx, idx); |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
132 |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
133 if i >= count then break; end |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
134 i = i+1; |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
135 |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
136 local _ = value % (2^18); |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
137 local idx = ((value - _) / (2^18)) % 0x40 + 1 |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
138 output = output .. itoa64:sub(idx, idx); |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
139 |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
140 if not(i < count) then break; end |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
141 end |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
142 return output; |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
143 end |
|
377
145fa870321c
mod_auth_phpbb3: Implement password change.
Waqas Hussain <waqas20@gmail.com>
parents:
376
diff
changeset
|
144 local function hashCryptPrivate(password, genSalt) |
|
373
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
145 local output = "*"; |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
146 if not genSalt:match("^%$H%$") then return output; end |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
147 |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
148 local count_log2 = itoa64:find(genSalt:sub(4,4)) - 1; |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
149 if count_log2 < 7 or count_log2 > 30 then return output; end |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
150 |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
151 local count = 2 ^ count_log2; |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
152 local salt = genSalt:sub(5, 12); |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
153 |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
154 if #salt ~= 8 then return output; end |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
155 |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
156 local hash = md5(salt..password); |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
157 |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
158 while true do |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
159 hash = md5(hash..password); |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
160 if not(count > 1) then break; end |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
161 count = count-1; |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
162 end |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
163 |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
164 output = genSalt:sub(1, 12); |
|
377
145fa870321c
mod_auth_phpbb3: Implement password change.
Waqas Hussain <waqas20@gmail.com>
parents:
376
diff
changeset
|
165 output = output .. hashEncode64(hash, 16); |
|
373
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
166 |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
167 return output; |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
168 end |
|
377
145fa870321c
mod_auth_phpbb3: Implement password change.
Waqas Hussain <waqas20@gmail.com>
parents:
376
diff
changeset
|
169 local function hashGensaltPrivate(input) |
|
145fa870321c
mod_auth_phpbb3: Implement password change.
Waqas Hussain <waqas20@gmail.com>
parents:
376
diff
changeset
|
170 local iteration_count_log2 = 6; |
|
145fa870321c
mod_auth_phpbb3: Implement password change.
Waqas Hussain <waqas20@gmail.com>
parents:
376
diff
changeset
|
171 local output = "$H$"; |
|
145fa870321c
mod_auth_phpbb3: Implement password change.
Waqas Hussain <waqas20@gmail.com>
parents:
376
diff
changeset
|
172 local idx = math.min(iteration_count_log2 + 5, 30) + 1; |
|
145fa870321c
mod_auth_phpbb3: Implement password change.
Waqas Hussain <waqas20@gmail.com>
parents:
376
diff
changeset
|
173 output = output .. itoa64:sub(idx, idx); |
|
145fa870321c
mod_auth_phpbb3: Implement password change.
Waqas Hussain <waqas20@gmail.com>
parents:
376
diff
changeset
|
174 output = output .. hashEncode64(input, 6); |
|
145fa870321c
mod_auth_phpbb3: Implement password change.
Waqas Hussain <waqas20@gmail.com>
parents:
376
diff
changeset
|
175 return output; |
|
145fa870321c
mod_auth_phpbb3: Implement password change.
Waqas Hussain <waqas20@gmail.com>
parents:
376
diff
changeset
|
176 end |
|
373
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
177 local function phpbbCheckHash(password, hash) |
|
421
816d8e3e83a3
mod_auth_phpbb3: A little refactoring.
Waqas Hussain <waqas20@gmail.com>
parents:
420
diff
changeset
|
178 if #hash == 32 then return hash == md5(password, true); end -- legacy PHPBB2 hash |
|
377
145fa870321c
mod_auth_phpbb3: Implement password change.
Waqas Hussain <waqas20@gmail.com>
parents:
376
diff
changeset
|
179 return #hash == 34 and hashCryptPrivate(password, hash) == hash; |
|
373
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
180 end |
|
421
816d8e3e83a3
mod_auth_phpbb3: A little refactoring.
Waqas Hussain <waqas20@gmail.com>
parents:
420
diff
changeset
|
181 local function phpbbCreateHash(password) |
|
377
145fa870321c
mod_auth_phpbb3: Implement password change.
Waqas Hussain <waqas20@gmail.com>
parents:
376
diff
changeset
|
182 local random = uuid_gen():sub(-6); |
|
145fa870321c
mod_auth_phpbb3: Implement password change.
Waqas Hussain <waqas20@gmail.com>
parents:
376
diff
changeset
|
183 local salt = hashGensaltPrivate(random); |
|
145fa870321c
mod_auth_phpbb3: Implement password change.
Waqas Hussain <waqas20@gmail.com>
parents:
376
diff
changeset
|
184 local hash = hashCryptPrivate(password, salt); |
|
145fa870321c
mod_auth_phpbb3: Implement password change.
Waqas Hussain <waqas20@gmail.com>
parents:
376
diff
changeset
|
185 if #hash == 34 then return hash; end |
|
145fa870321c
mod_auth_phpbb3: Implement password change.
Waqas Hussain <waqas20@gmail.com>
parents:
376
diff
changeset
|
186 return md5(password, true); |
|
145fa870321c
mod_auth_phpbb3: Implement password change.
Waqas Hussain <waqas20@gmail.com>
parents:
376
diff
changeset
|
187 end |
|
145fa870321c
mod_auth_phpbb3: Implement password change.
Waqas Hussain <waqas20@gmail.com>
parents:
376
diff
changeset
|
188 |
|
373
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
189 |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
190 provider = { name = "phpbb3" }; |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
191 |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
192 function provider.test_password(username, password) |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
193 local hash = get_password(username); |
|
375
cac309a3d655
mod_auth_phpbb3: Fixed traceback when logging in as a non-existent user.
Waqas Hussain <waqas20@gmail.com>
parents:
374
diff
changeset
|
194 return hash and phpbbCheckHash(password, hash); |
|
373
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
195 end |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
196 function provider.user_exists(username) |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
197 module:log("debug", "test user %s existence", username); |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
198 return get_password(username) and true; |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
199 end |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
200 |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
201 function provider.get_password(username) |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
202 return nil, "Getting password is not supported."; |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
203 end |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
204 function provider.set_password(username, password) |
|
421
816d8e3e83a3
mod_auth_phpbb3: A little refactoring.
Waqas Hussain <waqas20@gmail.com>
parents:
420
diff
changeset
|
205 local hash = phpbbCreateHash(password); |
|
626
f19f723571d9
mod_auth_phpbb3: Match the username_clean column instead of the username column when updating password.
Waqas Hussain <waqas20@gmail.com>
parents:
421
diff
changeset
|
206 local stmt, err = setsql("UPDATE `phpbb_users` SET `user_password`=? WHERE `username_clean`=?", hash, username); |
|
377
145fa870321c
mod_auth_phpbb3: Implement password change.
Waqas Hussain <waqas20@gmail.com>
parents:
376
diff
changeset
|
207 return stmt and true, err; |
|
373
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
208 end |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
209 function provider.create_user(username, password) |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
210 return nil, "Account creation/modification not supported."; |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
211 end |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
212 |
|
419
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
213 local escapes = { |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
214 [" "] = "\\20"; |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
215 ['"'] = "\\22"; |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
216 ["&"] = "\\26"; |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
217 ["'"] = "\\27"; |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
218 ["/"] = "\\2f"; |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
219 [":"] = "\\3a"; |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
220 ["<"] = "\\3c"; |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
221 [">"] = "\\3e"; |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
222 ["@"] = "\\40"; |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
223 ["\\"] = "\\5c"; |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
224 }; |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
225 local unescapes = {}; |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
226 for k,v in pairs(escapes) do unescapes[v] = k; end |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
227 local function jid_escape(s) return s and (s:gsub(".", escapes)); end |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
228 local function jid_unescape(s) return s and (s:gsub("\\%x%x", unescapes)); end |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
229 |
|
373
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
230 function provider.get_sasl_handler() |
|
419
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
231 local sasl = {}; |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
232 function sasl:clean_clone() return provider.get_sasl_handler(); end |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
233 function sasl:mechanisms() return { PLAIN = true; }; end |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
234 function sasl:select(mechanism) |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
235 if not self.selected and mechanism == "PLAIN" then |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
236 self.selected = mechanism; |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
237 return true; |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
238 end |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
239 end |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
240 function sasl:process(message) |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
241 if not message then return "failure", "malformed-request"; end |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
242 local authorization, authentication, password = message:match("^([^%z]*)%z([^%z]+)%z([^%z]+)"); |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
243 if not authorization then return "failure", "malformed-request"; end |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
244 authentication = saslprep(authentication); |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
245 password = saslprep(password); |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
246 if (not password) or (password == "") or (not authentication) or (authentication == "") then |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
247 return "failure", "malformed-request", "Invalid username or password."; |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
248 end |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
249 local function test(authentication) |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
250 local prepped = nodeprep(authentication); |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
251 local normalized = jid_unescape(prepped); |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
252 return normalized and provider.test_password(normalized, password) and prepped; |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
253 end |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
254 local username = test(authentication) or test(jid_escape(authentication)); |
|
665
684cc57a49c1
mod_auth_phpbb3: Optionally allow using PHPBB3 session ID as password ( sql = { sessionid_as_password = true, ... } ).
Waqas Hussain <waqas20@gmail.com>
parents:
626
diff
changeset
|
255 if not username and params.sessionid_as_password then |
|
684cc57a49c1
mod_auth_phpbb3: Optionally allow using PHPBB3 session ID as password ( sql = { sessionid_as_password = true, ... } ).
Waqas Hussain <waqas20@gmail.com>
parents:
626
diff
changeset
|
256 local function test(authentication) |
|
684cc57a49c1
mod_auth_phpbb3: Optionally allow using PHPBB3 session ID as password ( sql = { sessionid_as_password = true, ... } ).
Waqas Hussain <waqas20@gmail.com>
parents:
626
diff
changeset
|
257 local prepped = nodeprep(authentication); |
|
684cc57a49c1
mod_auth_phpbb3: Optionally allow using PHPBB3 session ID as password ( sql = { sessionid_as_password = true, ... } ).
Waqas Hussain <waqas20@gmail.com>
parents:
626
diff
changeset
|
258 local normalized = jid_unescape(prepped); |
|
684cc57a49c1
mod_auth_phpbb3: Optionally allow using PHPBB3 session ID as password ( sql = { sessionid_as_password = true, ... } ).
Waqas Hussain <waqas20@gmail.com>
parents:
626
diff
changeset
|
259 return normalized and check_sessionids(normalized, password) and prepped; |
|
684cc57a49c1
mod_auth_phpbb3: Optionally allow using PHPBB3 session ID as password ( sql = { sessionid_as_password = true, ... } ).
Waqas Hussain <waqas20@gmail.com>
parents:
626
diff
changeset
|
260 end |
|
684cc57a49c1
mod_auth_phpbb3: Optionally allow using PHPBB3 session ID as password ( sql = { sessionid_as_password = true, ... } ).
Waqas Hussain <waqas20@gmail.com>
parents:
626
diff
changeset
|
261 username = test(authentication) or test(jid_escape(authentication)); |
|
684cc57a49c1
mod_auth_phpbb3: Optionally allow using PHPBB3 session ID as password ( sql = { sessionid_as_password = true, ... } ).
Waqas Hussain <waqas20@gmail.com>
parents:
626
diff
changeset
|
262 end |
|
419
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
263 if username then |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
264 self.username = username; |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
265 return "success"; |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
266 end |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
267 return "failure", "not-authorized", "Unable to authorize you with the authentication credentials you've sent."; |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
268 end |
|
2a2b70e1a998
mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username.
Waqas Hussain <waqas20@gmail.com>
parents:
377
diff
changeset
|
269 return sasl; |
|
373
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
270 end |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
271 |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
272 module:add_item("auth-provider", provider); |
|
81c7b36e6cdd
mod_auth_phpbb3: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
273 |
