Changeset

1086:50ee38e95e75

Don't store password in temporary file, pipe instead
author Mikael Nordfeldth <mmn@hethane.se>
date Mon, 24 Jun 2013 14:29:03 +0200
parents 1085:56fc7a86eb20
children 1087:447af80a16ad
files mod_auth_external/mod_auth_external.lua
diffstat 1 files changed, 9 insertions(+), 8 deletions(-) [+]
line wrap: on
line diff
--- a/mod_auth_external/mod_auth_external.lua	Mon Jun 17 16:06:18 2013 +0100
+++ b/mod_auth_external/mod_auth_external.lua	Mon Jun 24 14:29:03 2013 +0200
@@ -4,6 +4,7 @@
 -- Prosody IM
 -- Copyright (C) 2010 Waqas Hussain
 -- Copyright (C) 2010 Jeff Mitchell
+-- Copyright (C) 2013 Mikael Nordfeldth
 --
 -- This project is MIT/X11 licensed. Please see the
 -- COPYING file in the source package for more information.
@@ -27,18 +28,18 @@
 
 local function send_query(text)
 	local tmpname = os.tmpname();
-	local tmpfile = io.open(tmpname, "wb");
-	tmpfile:write(text);
-	tmpfile:close();
-	local p = io.popen(command.." < "..tmpname, "r");
+	local p = io.popen(command.." > "..tmpname, "w");	-- dump result to file
+	p:write(text);	-- push colon-separated args through pipe to above command
+	p:close();
+	local tmpfile = io.open(tmpname, "r");	-- open file to read auth result
 	local result;
 	if script_type == "ejabberd" then
-		result = p:read(4);
+		result = tmpfile:read(4);
 	elseif script_type == "generic" then
-		result = p:read();
+		result = tmpfile:read();
 	end
-	os.remove(tmpname);
-	p:close();
+	tmpfile:close();
+	os.remove(tmpname);	-- clean up after us
 	return result;
 end