prosody
0d7d71dee0a0
plugins/mod_auth_insecure.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

Comparison

plugins/mod_auth_insecure.lua @ 10914:0d7d71dee0a0 0.11

mod_auth_internal_*: Apply saslprep to passwords Related to #1560
author Kim Alvefur <zash@zash.se>
date Sat, 23 May 2020 14:17:04 +0200
parent 9292:d5f798efb1ba
child 12671:32881d0c359f
comparison
equal deleted inserted replaced
10913:54953b5a214b 10914:0d7d71dee0a0
7 -- 7 --
8 -- luacheck: ignore 212 8 -- luacheck: ignore 212
9 9
10 local datamanager = require "util.datamanager"; 10 local datamanager = require "util.datamanager";
11 local new_sasl = require "util.sasl".new; 11 local new_sasl = require "util.sasl".new;
12 local saslprep = require "util.encodings".stringprep.saslprep;
12 13
13 local host = module.host; 14 local host = module.host;
14 local provider = { name = "insecure" }; 15 local provider = { name = "insecure" };
15 16
16 assert(module:get_option_string("insecure_open_authentication") == "Yes please, I know what I'm doing!"); 17 assert(module:get_option_string("insecure_open_authentication") == "Yes please, I know what I'm doing!");
19 return true; 20 return true;
20 end 21 end
21 22
22 function provider.set_password(username, password) 23 function provider.set_password(username, password)
23 local account = datamanager.load(username, host, "accounts"); 24 local account = datamanager.load(username, host, "accounts");
25 password = saslprep(password);
26 if not password then
27 return nil, "Password fails SASLprep.";
28 end
24 if account then 29 if account then
25 account.password = password; 30 account.password = password;
26 return datamanager.store(username, host, "accounts", account); 31 return datamanager.store(username, host, "accounts", account);
27 end 32 end
28 return nil, "Account not available."; 33 return nil, "Account not available.";