prosody
13587cf24435
util/sasl.lua
Software / code / prosody
Comparison
util/sasl.lua @ 1376:13587cf24435
Adjust PLAIN and DIGEST-MD5 mechanisms to new password_handler API.
| author | Tobias Markmann <tm@ayena.de> |
|---|---|
| date | Sat, 20 Jun 2009 22:19:24 +0200 |
| parent | 1374:e85726d084d6 |
| child | 1485:fbefd16d2955 |
comparison
equal
deleted
inserted
replaced
| 1375:50ee4b327f86 | 1376:13587cf24435 |
|---|---|
| 39 local authentication = s_match(response, "%z([^&%z]+)%z") | 39 local authentication = s_match(response, "%z([^&%z]+)%z") |
| 40 local password = s_match(response, "%z[^&%z]+%z([^&%z]+)") | 40 local password = s_match(response, "%z[^&%z]+%z([^&%z]+)") |
| 41 | 41 |
| 42 if authentication == nil or password == nil then return "failure", "malformed-request" end | 42 if authentication == nil or password == nil then return "failure", "malformed-request" end |
| 43 | 43 |
| 44 local password_encoding, correct_password = self.password_handler(authentication, self.realm, "PLAIN") | 44 local password_encoding, correct_password = self.password_handler(authentication, self.realm, self.realm, "PLAIN") |
| 45 | 45 |
| 46 if correct_password == nil then return "failure", "not-authorized" | 46 if correct_password == nil then return "failure", "not-authorized" |
| 47 elseif correct_password == false then return "failure", "account-disabled" end | 47 elseif correct_password == false then return "failure", "account-disabled" end |
| 48 | 48 |
| 49 local claimed_password = "" | 49 local claimed_password = "" |
| 174 | 174 |
| 175 if not response["cnonce"] then return "failure", "malformed-request", "Missing entry for cnonce in SASL message." end | 175 if not response["cnonce"] then return "failure", "malformed-request", "Missing entry for cnonce in SASL message." end |
| 176 if not response["qop"] then response["qop"] = "auth" end | 176 if not response["qop"] then response["qop"] = "auth" end |
| 177 | 177 |
| 178 if response["realm"] == nil or response["realm"] == "" then | 178 if response["realm"] == nil or response["realm"] == "" then |
| 179 response["realm"] = self.realm; | 179 response["realm"] = ""; |
| 180 elseif response["realm"] ~= self.realm then | 180 elseif response["realm"] ~= self.realm then |
| 181 return "failure", "not-authorized", "Incorrect realm value"; | 181 return "failure", "not-authorized", "Incorrect realm value"; |
| 182 end | 182 end |
| 183 | 183 |
| 184 local decoder; | 184 local decoder; |
| 197 return "failure", "malformed-request", "Missing entry for digest-uri in SASL message." | 197 return "failure", "malformed-request", "Missing entry for digest-uri in SASL message." |
| 198 end | 198 end |
| 199 | 199 |
| 200 --TODO maybe realm support | 200 --TODO maybe realm support |
| 201 self.username = response["username"]; | 201 self.username = response["username"]; |
| 202 local password_encoding, Y = self.password_handler(response["username"], response["realm"], "DIGEST-MD5", decoder) | 202 local password_encoding, Y = self.password_handler(response["username"], domain, response["realm"], "DIGEST-MD5", decoder); |
| 203 if Y == nil then return "failure", "not-authorized" | 203 if Y == nil then return "failure", "not-authorized" |
| 204 elseif Y == false then return "failure", "account-disabled" end | 204 elseif Y == false then return "failure", "account-disabled" end |
| 205 local A1 = ""; | 205 local A1 = ""; |
| 206 if response.authzid then | 206 if response.authzid then |
| 207 if response.authzid == self.username.."@"..self.realm then | 207 if response.authzid == self.username.."@"..self.realm then |
