Changeset

--- a/mod_sasl2/mod_sasl2.lua	Fri Nov 01 11:08:26 2024 -0500
+++ b/mod_sasl2/mod_sasl2.lua	Fri Nov 01 11:09:49 2024 -0500
@@ -155,9 +155,27 @@
 		handle_status(session, "failure", err);
 		return true;
 	end
-	event.success = st.stanza("success", { xmlns = xmlns_sasl2 });
-	if event.message then
-		event.success:text_tag("additional-data", base64.encode(event.message));
+	local tasks = module:fire_event("sasl2/c2s/tasks", { session = session })
+	if tasks then
+		local continue = st.stanza("continue", { xmlns = xmlns_sasl2 });
+		if event.message then
+			continue:text_tag("additional-data", base64.encode(event.message));
+		end
+		if tasks.text then
+			continue:text_tag("text", tasks.text)
+		end
+		continue:tag("tasks");
+		for task in pairs(tasks.tasks) do
+			continue:text_tag("task", task)
+		end
+		session.tasks = tasks.tasks;
+		session.send(continue);
+		return true;
+	else
+		event.success = st.stanza("success", { xmlns = xmlns_sasl2 });
+		if event.message then
+			event.success:text_tag("additional-data", base64.encode(event.message));
+		end
 	end
 end, 1000);
 
@@ -226,3 +244,23 @@
 	end
 	return process_cdata(session, response:get_text());
 end);
+
+module:hook_tag(xmlns_sasl2, "next", function (session, next)
+	if not session.tasks or not next.attr.task or not session.tasks[next.attr.task] then
+		return handle_status(session, "failure", "invalid-mechanism");
+	end
+
+	session.task = session.tasks[next.attr.task];
+	session.tasks = nil;
+	session.task(session, next);
+	return true;
+end);
+
+module:hook_tag(xmlns_sasl2, "task-data", function (session, data)
+	if not session.task then
+		return handle_status(session, "failure", "invalid-mechanism");
+	end
+
+	session.task(session, data);
+	return true;
+end);