Comparison

plugins/mod_saslauth.lua @ 10339:8b06d2d51e04

mod_saslauth: Improve logging of why no SASL mechanisms were offered
author Kim Alvefur <zash@zash.se>
date Tue, 15 Oct 2019 22:05:51 +0200
parent 10338:56a0f68b7797
child 10340:5c6912289ce3
comparison
equal deleted inserted replaced
10338:56a0f68b7797 10339:8b06d2d51e04
290 mechanisms:tag("mechanism"):text(mechanism):up(); 290 mechanisms:tag("mechanism"):text(mechanism):up();
291 end 291 end
292 features:add_child(mechanisms); 292 features:add_child(mechanisms);
293 return; 293 return;
294 end 294 end
295 if mechanisms[1] then 295
296 features:add_child(mechanisms); 296 local authmod = module:get_option_string("authentication", "internal_plain");
297 elseif not next(sasl_mechanisms) then 297 if available_mechanisms:empty() then
298 local authmod = module:get_option_string("authentication", "internal_plain");
299 log("error", "No available SASL mechanisms, verify that the configured authentication module '%s' is loaded and configured correctly", authmod); 298 log("error", "No available SASL mechanisms, verify that the configured authentication module '%s' is loaded and configured correctly", authmod);
300 else 299 return;
301 log("warn", "All available authentication mechanisms are either disabled or not suitable for an insecure connection"); 300 end
302 end 301
302 if not origin.secure and not available_insecure:empty() then
303 if not available_disabled:empty() then
304 log("error", "All SASL mechanisms provided by authentication module '%s' are forbidden on insecure connections (%s) or disabled (%s)",
305 authmod, available_insecure, available_disabled);
306 else
307 log("error", "All SASL mechanisms provided by authentication module '%s' are forbidden on insecure connections (%s)",
308 authmod, available_insecure);
309 end
310 elseif not available_disabled:empty() then
311 log("error", "All SASL mechanisms provided by authentication module '%s' are disabled (%s)",
312 authmod, available_disabled);
313 end
314
303 else 315 else
304 features:tag("bind", bind_attr):tag("required"):up():up(); 316 features:tag("bind", bind_attr):tag("required"):up():up();
305 features:tag("session", xmpp_session_attr):tag("optional"):up():up(); 317 features:tag("session", xmpp_session_attr):tag("optional"):up():up();
306 end 318 end
307 end); 319 end);