prosody
770a78cd38d7
plugins/mod_saslauth.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

Comparison

plugins/mod_saslauth.lua @ 278:770a78cd38d7

Forward response stanzas to sasl.lua and some other stuff.
author Tobias Markmann <tm@ayena.de>
date Mon, 10 Nov 2008 16:28:15 +0100
parent 120:ef964468f174
child 282:80e7de32b618
comparison
equal deleted inserted replaced
277:00c2fc751f50 278:770a78cd38d7
13 local xmlns_bind ='urn:ietf:params:xml:ns:xmpp-bind'; 13 local xmlns_bind ='urn:ietf:params:xml:ns:xmpp-bind';
14 local xmlns_stanzas ='urn:ietf:params:xml:ns:xmpp-stanzas'; 14 local xmlns_stanzas ='urn:ietf:params:xml:ns:xmpp-stanzas';
15 15
16 local new_sasl = require "util.sasl".new; 16 local new_sasl = require "util.sasl".new;
17 17
18 add_handler("c2s_unauthed", "auth", xmlns_sasl, 18 add_handler("c2s_unauthed", "auth", xmlns_sasl, function (session, stanza)
19 function (session, stanza) 19 if not session.sasl_handler then
20 if not session.sasl_handler then 20 session.sasl_handler = new_sasl(stanza.attr.mechanism,
21 session.sasl_handler = new_sasl(stanza.attr.mechanism, 21 function (username, password)
22 function (username, password) 22 -- onAuth
23 -- onAuth 23 require "core.usermanager"
24 require "core.usermanager" 24 if usermanager_validate_credentials(session.host, username, password) then
25 if usermanager_validate_credentials(session.host, username, password) then 25 return true;
26 return true; 26 end
27 end 27 return false;
28 return false; 28 end,
29 end, 29 function (username)
30 function (username) 30 -- onSuccess
31 -- onSuccess 31 local success, err = sessionmanager.make_authenticated(session, username);
32 local success, err = sessionmanager.make_authenticated(session, username); 32 if not success then
33 if not success then 33 sessionmanager.destroy_session(session);
34 sessionmanager.destroy_session(session); 34 return;
35 return; 35 end
36 end 36 session.sasl_handler = nil;
37 session.sasl_handler = nil; 37 session:reset_stream();
38 session:reset_stream(); 38 end,
39 end, 39 function (reason)
40 function (reason) 40 -- onFail
41 -- onFail 41 log("debug", "SASL failure, reason: %s", reason);
42 log("debug", "SASL failure, reason: %s", reason); 42 end,
43 end, 43 function (stanza)
44 function (stanza) 44 -- onWrite
45 -- onWrite 45 log("debug", "SASL writes: %s", tostring(stanza));
46 log("debug", "SASL writes: %s", tostring(stanza)); 46 send(session, stanza);
47 send(session, stanza);
48 end
49 );
50 session.sasl_handler:feed(stanza);
51 else
52 error("Client tried to negotiate SASL again", 0);
53 end 47 end
54 48 );
55 end); 49 session.sasl_handler:feed(stanza);
50 else
51 error("Client tried to negotiate SASL again", 0);
52 end
53 end);
54
55 add_handler("c2s_unauthed", "response", xmlns_sasl, function (session, stanza)
56 if session.sasl_handler then
57 session.sasl_handler:feed(stanza);
58 end
59 end);
56 60
57 add_event_hook("stream-features", 61 add_event_hook("stream-features",
58 function (session, features) 62 function (session, features)
59 if not session.username then 63 if not session.username then
60 t_insert(features, "<mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>"); 64 t_insert(features, "<mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>");
61 t_insert(features, "<mechanism>PLAIN</mechanism>"); 65 t_insert(features, "<mechanism>PLAIN</mechanism>");
66 t_insert(features, "<mechanism>DIGEST-MD5</mechanism>");
62 t_insert(features, "</mechanisms>"); 67 t_insert(features, "</mechanisms>");
63 else 68 else
64 t_insert(features, "<bind xmlns='urn:ietf:params:xml:ns:xmpp-bind'><required/></bind>"); 69 t_insert(features, "<bind xmlns='urn:ietf:params:xml:ns:xmpp-bind'><required/></bind>");
65 t_insert(features, "<session xmlns='urn:ietf:params:xml:ns:xmpp-session'/>"); 70 t_insert(features, "<session xmlns='urn:ietf:params:xml:ns:xmpp-session'/>");
66 end 71 end