Comparison

mod_auth_external/mod_auth_external.lua @ 902:490cb9161c81

mod_auth_{external,internal_yubikey,ldap,ldap2,sql}: No need to nodeprep in SASL handler.
author Waqas Hussain <waqas20@gmail.com>
date Sat, 26 Jan 2013 04:34:05 +0500
parent 846:5ddc43ce8993
child 1086:50ee38e95e75
comparison
equal deleted inserted replaced
901:e3ad5f3aa6d4 902:490cb9161c81
8 -- This project is MIT/X11 licensed. Please see the 8 -- This project is MIT/X11 licensed. Please see the
9 -- COPYING file in the source package for more information. 9 -- COPYING file in the source package for more information.
10 -- 10 --
11 11
12 12
13 local nodeprep = require "util.encodings".stringprep.nodeprep;
14 --local process = require "process"; 13 --local process = require "process";
15 local lpc; pcall(function() lpc = require "lpc"; end); 14 local lpc; pcall(function() lpc = require "lpc"; end);
16 15
17 local config = require "core.configmanager"; 16 local config = require "core.configmanager";
18 local log = module._log; 17 local log = module._log;
79 end 78 end
80 end 79 end
81 80
82 function do_query(kind, username, password) 81 function do_query(kind, username, password)
83 if not username then return nil, "not-acceptable"; end 82 if not username then return nil, "not-acceptable"; end
84 username = nodeprep(username);
85 if not username then return nil, "jid-malformed"; end
86 83
87 local query = (password and "%s:%s:%s:%s" or "%s:%s:%s"):format(kind, username, host, password); 84 local query = (password and "%s:%s:%s:%s" or "%s:%s:%s"):format(kind, username, host, password);
88 local len = #query 85 local len = #query
89 if len > 1000 then return nil, "policy-violation"; end 86 if len > 1000 then return nil, "policy-violation"; end
90 87
130 function provider.create_user(username, password) return nil, "Account creation/modification not available."; end 127 function provider.create_user(username, password) return nil, "Account creation/modification not available."; end
131 128
132 function provider.get_sasl_handler() 129 function provider.get_sasl_handler()
133 local testpass_authentication_profile = { 130 local testpass_authentication_profile = {
134 plain_test = function(sasl, username, password, realm) 131 plain_test = function(sasl, username, password, realm)
135 local prepped_username = nodeprep(username); 132 return usermanager.test_password(username, realm, password), true;
136 if not prepped_username then
137 log("debug", "NODEprep failed on username: %s", username);
138 return "", nil;
139 end
140 return usermanager.test_password(prepped_username, realm, password), true;
141 end, 133 end,
142 }; 134 };
143 return new_sasl(host, testpass_authentication_profile); 135 return new_sasl(host, testpass_authentication_profile);
144 end 136 end
145 137