prosody-modules
c0d243b27e64
mod_sasl2/mod_sasl2.lua
Software / code / prosody-modules
Comparison
mod_sasl2/mod_sasl2.lua @ 5039:c0d243b27e64
mod_sasl2, mod_sasl_bind2, mod_sasl2_sm: Bump XEP-0388 namespace
This is the namespace for the proposed update to XEP-0388. I.e. not even
experimental yet... but this is all a work in progress anyway.
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Tue, 13 Sep 2022 20:32:20 +0100 |
| parent | 5038:88980b2dd986 |
| child | 5041:afa09e069afb |
comparison
equal
deleted
inserted
replaced
| 5038:88980b2dd986 | 5039:c0d243b27e64 |
|---|---|
| 14 local set = require "util.set"; | 14 local set = require "util.set"; |
| 15 | 15 |
| 16 local usermanager_get_sasl_handler = require "core.usermanager".get_sasl_handler; | 16 local usermanager_get_sasl_handler = require "core.usermanager".get_sasl_handler; |
| 17 local sm_make_authenticated = require "core.sessionmanager".make_authenticated; | 17 local sm_make_authenticated = require "core.sessionmanager".make_authenticated; |
| 18 | 18 |
| 19 local xmlns_sasl2 = "urn:xmpp:sasl:1"; | 19 local xmlns_sasl2 = "urn:xmpp:sasl:2"; |
| 20 | 20 |
| 21 local allow_unencrypted_plain_auth = module:get_option_boolean("allow_unencrypted_plain_auth", false) | 21 local allow_unencrypted_plain_auth = module:get_option_boolean("allow_unencrypted_plain_auth", false) |
| 22 local insecure_mechanisms = module:get_option_set("insecure_sasl_mechanisms", allow_unencrypted_plain_auth and {} or {"PLAIN", "LOGIN"}); | 22 local insecure_mechanisms = module:get_option_set("insecure_sasl_mechanisms", allow_unencrypted_plain_auth and {} or {"PLAIN", "LOGIN"}); |
| 23 local disabled_mechanisms = module:get_option_set("disable_sasl_mechanisms", { "DIGEST-MD5" }); | 23 local disabled_mechanisms = module:get_option_set("disable_sasl_mechanisms", { "DIGEST-MD5" }); |
| 24 | 24 |
| 76 else | 76 else |
| 77 log("debug", "Channel binding not supported by SASL handler"); | 77 log("debug", "Channel binding not supported by SASL handler"); |
| 78 end | 78 end |
| 79 end | 79 end |
| 80 | 80 |
| 81 local mechanisms = st.stanza("mechanisms", { xmlns = xmlns_sasl2 }); | 81 local mechanisms = st.stanza("authentication", { xmlns = xmlns_sasl2 }); |
| 82 | 82 |
| 83 local available_mechanisms = sasl_handler:mechanisms() | 83 local available_mechanisms = sasl_handler:mechanisms() |
| 84 for mechanism in pairs(available_mechanisms) do | 84 for mechanism in pairs(available_mechanisms) do |
| 85 if disabled_mechanisms:contains(mechanism) then | 85 if disabled_mechanisms:contains(mechanism) then |
| 86 log("debug", "Not offering disabled mechanism %s", mechanism); | 86 log("debug", "Not offering disabled mechanism %s", mechanism); |
