prosody
49e4838f9755
util/sasl.lua
Software / code / prosody
Comparison
util/sasl.lua @ 2201:49e4838f9755
Enable restriction of supported mechanisms in the SASL library.
| author | Tobias Markmann <tm@ayena.de> |
|---|---|
| date | Wed, 18 Nov 2009 22:56:50 +0100 |
| parent | 2198:d18b4d22b8da |
| child | 2202:c320517d6b47 |
comparison
equal
deleted
inserted
replaced
| 2200:dd0b250cb6c4 | 2201:49e4838f9755 |
|---|---|
| 14 | 14 |
| 15 local md5 = require "util.hashes".md5; | 15 local md5 = require "util.hashes".md5; |
| 16 local log = require "util.logger".init("sasl"); | 16 local log = require "util.logger".init("sasl"); |
| 17 local tostring = tostring; | 17 local tostring = tostring; |
| 18 local st = require "util.stanza"; | 18 local st = require "util.stanza"; |
| 19 local set = require "util.set"; | |
| 20 local array = require "util.array"; | |
| 19 local pairs, ipairs = pairs, ipairs; | 21 local pairs, ipairs = pairs, ipairs; |
| 20 local t_insert, t_concat = table.insert, table.concat; | 22 local t_insert, t_concat = table.insert, table.concat; |
| 21 local to_unicode = require "util.encodings".idna.to_unicode; | 23 local to_unicode = require "util.encodings".idna.to_unicode; |
| 22 local s_match = string.match; | 24 local s_match = string.match; |
| 23 local gmatch = string.gmatch | 25 local gmatch = string.gmatch |
| 82 t_insert(backend_mechanism[backend_name], name); | 84 t_insert(backend_mechanism[backend_name], name); |
| 83 end | 85 end |
| 84 end | 86 end |
| 85 | 87 |
| 86 -- create a new SASL object which can be used to authenticate clients | 88 -- create a new SASL object which can be used to authenticate clients |
| 87 function new(realm, profile) | 89 function new(realm, profile, forbidden) |
| 88 sasl_i = {profile = profile}; | 90 sasl_i = {profile = profile}; |
| 89 sasl_i.realm = realm; | 91 sasl_i.realm = realm; |
| 90 return setmetatable(sasl_i, method); | 92 s = setmetatable(sasl_i, method); |
| 93 s:forbidden(sasl_i, forbidden) | |
| 94 return s; | |
| 95 end | |
| 96 | |
| 97 -- set the forbidden mechanisms | |
| 98 function method:forbidden( forbidden ) | |
| 99 if forbidden then | |
| 100 -- set forbidden | |
| 101 self.forbidden = set.new(forbidden); | |
| 102 else | |
| 103 -- get forbidden | |
| 104 return array.collect(self.forbidden:items()); | |
| 105 end | |
| 91 end | 106 end |
| 92 | 107 |
| 93 -- get a list of possible SASL mechanims to use | 108 -- get a list of possible SASL mechanims to use |
| 94 function method:mechanisms() | 109 function method:mechanisms() |
| 95 local mechanisms = {} | 110 local mechanisms = {} |
| 96 for backend, f in pairs(self.profile) do | 111 for backend, f in pairs(self.profile) do |
| 97 print(backend) | |
| 98 if backend_mechanism[backend] then | 112 if backend_mechanism[backend] then |
| 99 for _, mechanism in ipairs(backend_mechanism[backend]) do | 113 for _, mechanism in ipairs(backend_mechanism[backend]) do |
| 100 mechanisms[mechanism] = true; | 114 if not sasl_i.forbidden:contains(mechanism) then |
| 115 mechanisms[mechanism] = true; | |
| 116 end | |
| 101 end | 117 end |
| 102 end | 118 end |
| 103 end | 119 end |
| 104 self["possible_mechanisms"] = mechanisms; | 120 self["possible_mechanisms"] = mechanisms; |
| 105 return array.collect(keys(mechanisms)); | 121 return array.collect(keys(mechanisms)); |
