prosody-modules
86989059de5b
mod_auth_ldap2/mod_auth_ldap2.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody-modules

File

mod_auth_ldap2/mod_auth_ldap2.lua @ 6258:86989059de5b

:multibe Readme.md: correct prosody 0.13 to 13 diff --git a/mod_muc_anonymize_moderation_actions/README.md b/mod_muc_anonymize_moderation_actions/README.md --- a/mod_muc_anonymize_moderation_actions/README.md +++ b/mod_muc_anonymize_moderation_actions/README.md @@ -34,7 +34,7 @@ Component "muc.example.com" "muc" ------ ---------------------- trunk Works as of 25-05-12 - 0.13 Works + 13 Works 0.12 Works ------ ---------------------- diff --git a/mod_sasl2/README.md b/mod_sasl2/README.md --- a/mod_sasl2/README.md +++ b/mod_sasl2/README.md @@ -32,6 +32,6 @@ This module requires Prosody **trunk** a Prosody Version Status ----------------------- ---------------- trunk as of 2025-05-25 Works - 0.13 Works + 13 Works 0.12 Does not work ----------------------- ---------------- diff --git a/mod_sasl2_bind2/README.md b/mod_sasl2_bind2/README.md --- a/mod_sasl2_bind2/README.md +++ b/mod_sasl2_bind2/README.md @@ -17,5 +17,5 @@ This module depends on [mod_sasl2]. It e Prosody-Version Status --------------- ---------------------- trunk Works as of 2025-05-25 - 0.13 Works + 13 Works 0.12 Does not work diff --git a/mod_sasl2_fast/README.md b/mod_sasl2_fast/README.md --- a/mod_sasl2_fast/README.md +++ b/mod_sasl2_fast/README.md @@ -34,5 +34,5 @@ clients being logged out unexpectedly. Prosody-Version Status --------------- ---------------------- trunk Works as of 2025-05-25 - 0.13 Work + 13 Work 0.12 Does not work diff --git a/mod_sasl2_sm/README.md b/mod_sasl2_sm/README.md --- a/mod_sasl2_sm/README.md +++ b/mod_sasl2_sm/README.md @@ -18,5 +18,5 @@ configuration options. Prosody-Version Status --------------- ---------------------- trunk Works as of 2025-05-25 - 0.13 Work + 13 Work 0.12 Does not work diff --git a/mod_sasl_ssdp/README.md b/mod_sasl_ssdp/README.md --- a/mod_sasl_ssdp/README.md +++ b/mod_sasl_ssdp/README.md @@ -21,5 +21,5 @@ There are no configuration options for t Prosody-Version Status --------------- ---------------------- trunk Works as of 2025-05-25 - 0.13 Works + 13 Works 0.12 Does not work diff --git a/mod_vcard_muc/README.md b/mod_vcard_muc/README.md --- a/mod_vcard_muc/README.md +++ b/mod_vcard_muc/README.md @@ -23,7 +23,7 @@ modules_enabled = { # Compatibility ------------------------- ---------------------------------------- - 0.13 Room avatar feature included in Prosody + 13 Room avatar feature included in Prosody 0.12 Works ------------------------- ---------------------------------------- diff --git a/mod_warn_legacy_tls/README.md b/mod_warn_legacy_tls/README.md --- a/mod_warn_legacy_tls/README.md +++ b/mod_warn_legacy_tls/README.md @@ -44,5 +44,5 @@ legacy_tls_versions = { "TLSv1", "TLSv1. Prosody-Version Status --------------- --------------------- trunk Works as of 25-05-25 -0.13 Works +13 Works 0.12 Works
author Menel <menel@snikket.de>
date Wed, 14 May 2025 23:32:04 +0200
parent 3869:f2b29183ef08
line wrap: on
line source

-- vim:sts=4 sw=4

-- Prosody IM
-- Copyright (C) 2008-2010 Matthew Wild
-- Copyright (C) 2008-2010 Waqas Hussain
-- Copyright (C) 2012 Rob Hoelz
--
-- This project is MIT/X11 licensed. Please see the
-- COPYING file in the source package for more information.
--
-- http://code.google.com/p/prosody-modules/source/browse/mod_auth_ldap/mod_auth_ldap.lua
-- adapted to use common LDAP store

local ldap     = module:require 'ldap';
local new_sasl = require 'util.sasl'.new;
local jsplit   = require 'util.jid'.split;

if not ldap then
    return;
end

local provider = {}

function provider.test_password(username, password)
    return ldap.bind(username, password);
end

function provider.user_exists(username)
    local params = ldap.getparams()

    local filter = ldap.filter.combine_and(params.user.filter, params.user.usernamefield .. '=' .. username);

    return ldap.singlematch {
        base   = params.user.basedn,
        filter = filter,
    };
end

function provider.get_password(username)
    return nil, "Passwords unavailable for LDAP.";
end

function provider.set_password(username, password)
    return nil, "Passwords unavailable for LDAP.";
end

function provider.create_user(username, password)
    return nil, "Account creation/modification not available with LDAP.";
end

function provider.get_sasl_handler()
    local testpass_authentication_profile = {
        plain_test = function(sasl, username, password, realm)
            return provider.test_password(username, password), true;
        end,
        mechanisms = { PLAIN = true },
    };
    return new_sasl(module.host, testpass_authentication_profile);
end

function provider.is_admin(jid)
    local username, userhost = jsplit(jid);
    if userhost ~= module.host then
        return false;
    end
    local admin_config = ldap.getparams().admin;

    if not admin_config then
        return;
    end

    local ld       = ldap:getconnection();
    local filter   = ldap.filter.combine_and(admin_config.filter, admin_config.namefield .. '=' .. username);

    return ldap.singlematch {
        base   = admin_config.basedn,
        filter = filter,
    };
end

module:provides("auth", provider);