Software /
code /
prosody-modules
Diff
mod_auth_ldap/mod_auth_ldap.lua @ 293:d76f47a608ab
mod_auth_ldap: Convert to real line endings
author | Matthew Wild <mwild1@gmail.com> |
---|---|
date | Thu, 23 Dec 2010 20:48:24 +0000 |
parent | 286:ca6199d73d68 |
child | 305:4c3abf1a9b5a |
line wrap: on
line diff
--- a/mod_auth_ldap/mod_auth_ldap.lua Thu Dec 23 21:16:31 2010 +0100 +++ b/mod_auth_ldap/mod_auth_ldap.lua Thu Dec 23 20:48:24 2010 +0000 @@ -1,57 +1,57 @@ - -local new_sasl = require "util.sasl".new; -local nodeprep = require "util.encodings".stringprep.nodeprep; -local log = require "util.logger".init("auth_ldap"); - -local ldap_server = module:get_option("ldap_server") or "localhost"; -local ldap_rootdn = module:get_option("ldap_rootdn") or ""; -local ldap_password = module:get_option("ldap_password") or ""; -local ldap_tls = module:get_option("ldap_tls"); -local ldap_base = assert(module:get_option("ldap_base"), "ldap_base is a required option for ldap"); - -local lualdap = require "lualdap"; -local ld = assert(lualdap.open_simple(ldap_server, ldap_rootdn, ldap_password, ldap_tls)); -module.unload = function() ld:close(); end - -function do_query(query) - for dn, attribs in ld:search(query) do - return true; -- found a result - end -end - -local provider = { name = "ldap" }; - -local function ldap_filter_escape(s) return (s:gsub("[\\*\\(\\)\\\\%z]", function(c) return ("\\%02x"):format(c:byte()) end)); end -function provider.test_password(username, password) - return do_query({ - base = ldap_base; - filter = "(&(uid="..ldap_filter_escape(username)..")(userPassword="..ldap_filter_escape(password)..")(accountStatus=active))"; - }); -end -function provider.user_exists(username) - return do_query({ - base = ldap_base; - filter = "(uid="..ldap_filter_escape(username)..")"; - }); -end - -function provider.get_password(username) return nil, "Passwords unavailable for LDAP."; end -function provider.set_password(username, password) return nil, "Passwords unavailable for LDAP."; end -function provider.create_user(username, password) return nil, "Account creation/modification not available with LDAP."; end - -function provider.get_sasl_handler() - local realm = module:get_option("sasl_realm") or module.host; - local testpass_authentication_profile = { - plain_test = function(username, password, realm) - local prepped_username = nodeprep(username); - if not prepped_username then - log("debug", "NODEprep failed on username: %s", username); - return "", nil; - end - return provider.test_password(prepped_username, password), true; - end - }; - return new_sasl(realm, testpass_authentication_profile); -end - -module:add_item("auth-provider", provider); + +local new_sasl = require "util.sasl".new; +local nodeprep = require "util.encodings".stringprep.nodeprep; +local log = require "util.logger".init("auth_ldap"); + +local ldap_server = module:get_option("ldap_server") or "localhost"; +local ldap_rootdn = module:get_option("ldap_rootdn") or ""; +local ldap_password = module:get_option("ldap_password") or ""; +local ldap_tls = module:get_option("ldap_tls"); +local ldap_base = assert(module:get_option("ldap_base"), "ldap_base is a required option for ldap"); + +local lualdap = require "lualdap"; +local ld = assert(lualdap.open_simple(ldap_server, ldap_rootdn, ldap_password, ldap_tls)); +module.unload = function() ld:close(); end + +function do_query(query) + for dn, attribs in ld:search(query) do + return true; -- found a result + end +end + +local provider = { name = "ldap" }; + +local function ldap_filter_escape(s) return (s:gsub("[\\*\\(\\)\\\\%z]", function(c) return ("\\%02x"):format(c:byte()) end)); end +function provider.test_password(username, password) + return do_query({ + base = ldap_base; + filter = "(&(uid="..ldap_filter_escape(username)..")(userPassword="..ldap_filter_escape(password)..")(accountStatus=active))"; + }); +end +function provider.user_exists(username) + return do_query({ + base = ldap_base; + filter = "(uid="..ldap_filter_escape(username)..")"; + }); +end + +function provider.get_password(username) return nil, "Passwords unavailable for LDAP."; end +function provider.set_password(username, password) return nil, "Passwords unavailable for LDAP."; end +function provider.create_user(username, password) return nil, "Account creation/modification not available with LDAP."; end + +function provider.get_sasl_handler() + local realm = module:get_option("sasl_realm") or module.host; + local testpass_authentication_profile = { + plain_test = function(username, password, realm) + local prepped_username = nodeprep(username); + if not prepped_username then + log("debug", "NODEprep failed on username: %s", username); + return "", nil; + end + return provider.test_password(prepped_username, password), true; + end + }; + return new_sasl(realm, testpass_authentication_profile); +end + +module:add_item("auth-provider", provider);