prosody
3e06b0f52363
util/sasl_cyrus.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

Comparison

util/sasl_cyrus.lua @ 2904:3e06b0f52363

Merge 0.7->trunk
author Matthew Wild <mwild1@gmail.com>
date Thu, 18 Mar 2010 10:11:11 +0000
parent 2903:d6da8f8e3502
child 3063:ca149818083d
comparison
equal deleted inserted replaced
2900:5b8411968a05 2904:3e06b0f52363
37 if not initialized then 37 if not initialized then
38 local st, errmsg = pcall(cyrussasl.server_init, service_name); 38 local st, errmsg = pcall(cyrussasl.server_init, service_name);
39 if st then 39 if st then
40 initialized = true; 40 initialized = true;
41 else 41 else
42 log("error", "Failed to initialize CyrusSASL: %s", errmsg); 42 log("error", "Failed to initialize Cyrus SASL: %s", errmsg);
43 end 43 end
44 end 44 end
45 end 45 end
46 46
47 -- create a new SASL object which can be used to authenticate clients 47 -- create a new SASL object which can be used to authenticate clients
50 50
51 init(service_name); 51 init(service_name);
52 52
53 sasl_i.realm = realm; 53 sasl_i.realm = realm;
54 sasl_i.service_name = service_name; 54 sasl_i.service_name = service_name;
55 sasl_i.cyrus = cyrussasl.server_new(service_name, nil, realm, nil, nil) 55
56 local st, ret = pcall(cyrussasl.server_new, service_name, nil, realm, nil, nil)
57 if st then
58 sasl_i.cyrus = ret;
59 else
60 log("error", "Creating SASL server connection failed: %s", ret);
61 return nil;
62 end
56 63
57 if cyrussasl.set_canon_cb then 64 if cyrussasl.set_canon_cb then
58 local c14n_cb = function (user) 65 local c14n_cb = function (user)
59 local node = s_match(user, "^([^@]+)"); 66 local node = s_match(user, "^([^@]+)");
60 log("debug", "Canonicalizing username %s to %s", user, node) 67 log("debug", "Canonicalizing username %s to %s", user, node)
61 return node 68 return node
62 end 69 end
63 cyrussasl.set_canon_cb(sasl_i.cyrus, c14n_cb); 70 cyrussasl.set_canon_cb(sasl_i.cyrus, c14n_cb);
64 end 71 end
65 72
66 if sasl_i.cyrus == 0 then
67 log("error", "got NULL return value from server_new")
68 return nil;
69 end
70 cyrussasl.setssf(sasl_i.cyrus, 0, 0xffffffff) 73 cyrussasl.setssf(sasl_i.cyrus, 0, 0xffffffff)
71 local s = setmetatable(sasl_i, method); 74 local s = setmetatable(sasl_i, method);
72 return s; 75 return s;
73 end 76 end
74 77
77 return new(self.realm, self.service_name) 80 return new(self.realm, self.service_name)
78 end 81 end
79 82
80 -- set the forbidden mechanisms 83 -- set the forbidden mechanisms
81 function method:forbidden( restrict ) 84 function method:forbidden( restrict )
82 log("debug", "Called method:forbidden. NOT IMPLEMENTED.") 85 log("warn", "Called method:forbidden. NOT IMPLEMENTED.")
83 return {} 86 return {}
84 end 87 end
85 88
86 -- get a list of possible SASL mechanims to use 89 -- get a list of possible SASL mechanims to use
87 function method:mechanisms() 90 function method:mechanisms()
118 return "success", data 121 return "success", data
119 elseif (err == 1) then -- SASL_CONTINUE 122 elseif (err == 1) then -- SASL_CONTINUE
120 return "challenge", data 123 return "challenge", data
121 elseif (err == -4) then -- SASL_NOMECH 124 elseif (err == -4) then -- SASL_NOMECH
122 log("debug", "SASL mechanism not available from remote end") 125 log("debug", "SASL mechanism not available from remote end")
123 return "failure", 126 return "failure", "invalid-mechanism", "SASL mechanism not available"
124 "undefined-condition",
125 "SASL mechanism not available"
126 elseif (err == -13) then -- SASL_BADAUTH 127 elseif (err == -13) then -- SASL_BADAUTH
127 return "failure", "not-authorized", cyrussasl.get_message( self.cyrus ) 128 return "failure", "not-authorized", cyrussasl.get_message( self.cyrus )
128 else 129 else
129 log("debug", "Got SASL error condition %d", err) 130 log("debug", "Got SASL error condition %d", err)
130 return "failure", 131 return "failure", "undefined-condition", cyrussasl.get_message( self.cyrus )
131 "undefined-condition",
132 cyrussasl.get_message( self.cyrus )
133 end 132 end
134 end 133 end
135 134
136 return _M; 135 return _M;