Software /
code /
prosody
Comparison
plugins/mod_saslauth.lua @ 286:7e4908d4bdf6
Merge with Waqas changes to mod_saslauth.
author | Tobias Markmann <tm@ayena.de> |
---|---|
date | Sat, 15 Nov 2008 19:25:51 +0100 |
parent | 283:8e1fd8ff66ee |
parent | 284:4f540755260c |
child | 288:dc53343af9ac |
comparison
equal
deleted
inserted
replaced
285:372d0891e8fd | 286:7e4908d4bdf6 |
---|---|
51 end | 51 end |
52 end | 52 end |
53 return func, nil; | 53 return func, nil; |
54 end | 54 end |
55 | 55 |
56 function do_sasl(session, stanza) | |
57 local text = stanza[1]; | |
58 if text then | |
59 text = base64.decode(text); | |
60 if not text then | |
61 session.sasl_handler = nil; | |
62 session.send(build_reply("failure", "incorrect-encoding")); | |
63 return; | |
64 end | |
65 end | |
66 local status, ret = session.sasl_handler:feed(text); | |
67 handle_status(session, status); | |
68 session.send(build_reply(status, ret)); | |
69 end | |
70 | |
56 add_handler("c2s_unauthed", "auth", xmlns_sasl, | 71 add_handler("c2s_unauthed", "auth", xmlns_sasl, |
57 function (session, stanza) | 72 function (session, stanza) |
58 if not session.sasl_handler then | 73 if not session.sasl_handler then |
59 session.sasl_handler = new_sasl(stanza.attr.mechanism, session.host, password_callback); | 74 session.sasl_handler = new_sasl(stanza.attr.mechanism, session.host, password_callback); |
60 local status, ret = session.sasl_handler:feed(stanza[1]); | 75 do_sasl(session, stanza); |
61 handle_status(session, status); | |
62 session.send(build_reply(status, ret)); | |
63 --[[session.sasl_handler = new_sasl(stanza.attr.mechanism, | |
64 function (username, password) | |
65 -- onAuth | |
66 require "core.usermanager" | |
67 if usermanager_validate_credentials(session.host, username, password) then | |
68 return true; | |
69 end | |
70 return false; | |
71 end, | |
72 function (username) | |
73 -- onSuccess | |
74 local success, err = sessionmanager.make_authenticated(session, username); | |
75 if not success then | |
76 sessionmanager.destroy_session(session); | |
77 return; | |
78 end | |
79 session.sasl_handler = nil; | |
80 session:reset_stream(); | |
81 end, | |
82 function (reason) | |
83 -- onFail | |
84 log("debug", "SASL failure, reason: %s", reason); | |
85 end, | |
86 function (stanza) | |
87 -- onWrite | |
88 log("debug", "SASL writes: %s", tostring(stanza)); | |
89 send(session, stanza); | |
90 end | |
91 ); | |
92 session.sasl_handler:feed(stanza); ]] | |
93 else | 76 else |
94 error("Client tried to negotiate SASL again", 0); | 77 error("Client tried to negotiate SASL again", 0); |
95 end | 78 end |
96 end); | 79 end); |
97 | 80 |
98 add_handler("c2s_unauthed", "abort", xmlns_sasl, | 81 add_handler("c2s_unauthed", "abort", xmlns_sasl, |
99 function(session, stanza) | 82 function(session, stanza) |
100 if not session.sasl_handler then error("Attempt to abort when sasl has not started"); end | 83 if not session.sasl_handler then error("Attempt to abort when sasl has not started"); end |
101 local status, ret = session.sasl_handler:feed(stanza[1]); | 84 do_sasl(session, stanza); |
102 handle_status(session, status); | |
103 session.send(build_reply(status, ret)); | |
104 end); | 85 end); |
105 | 86 |
106 add_handler("c2s_unauthed", "response", xmlns_sasl, | 87 add_handler("c2s_unauthed", "response", xmlns_sasl, |
107 function(session, stanza) | 88 function(session, stanza) |
108 if not session.sasl_handler then error("Attempt to respond when sasl has not started"); end | 89 if not session.sasl_handler then error("Attempt to respond when sasl has not started"); end |
109 local status, ret = session.sasl_handler:feed(stanza[1]); | 90 do_sasl(session, stanza); |
110 handle_status(session, status); | |
111 session.send(build_reply(status, ret)); | |
112 end); | 91 end); |
113 | 92 |
114 add_event_hook("stream-features", | 93 add_event_hook("stream-features", |
115 function (session, features) | 94 function (session, features) |
116 if not session.username then | 95 if not session.username then |
117 t_insert(features, "<mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>"); | 96 t_insert(features, "<mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>"); |
118 -- TODO: Provide PLAIN only if TLS is active, this is a SHOULD from the introduction of RFC 4616. This behavior could be overridden via configuration but will issuing a warning or so. | 97 -- TODO: Provide PLAIN only if TLS is active, this is a SHOULD from the introduction of RFC 4616. This behavior could be overridden via configuration but will issuing a warning or so. |