Comparison

util/sasl.lua @ 2176:aaf2b2df61f7 sasl

Mostly making the code run; includes fixing typos and so on.
author Tobias Markmann <tm@ayena.de>
date Mon, 10 Aug 2009 23:04:19 +0200
parent 2175:3ca8755581a1
child 2177:8505e1da5408
comparison
equal deleted inserted replaced
2175:3ca8755581a1 2176:aaf2b2df61f7
15 local md5 = require "util.hashes".md5; 15 local md5 = require "util.hashes".md5;
16 local log = require "util.logger".init("sasl"); 16 local log = require "util.logger".init("sasl");
17 local tostring = tostring; 17 local tostring = tostring;
18 local st = require "util.stanza"; 18 local st = require "util.stanza";
19 local generate_uuid = require "util.uuid".generate; 19 local generate_uuid = require "util.uuid".generate;
20 local pairs, ipairs = pairs, ipairs;
20 local t_insert, t_concat = table.insert, table.concat; 21 local t_insert, t_concat = table.insert, table.concat;
21 local to_byte, to_char = string.byte, string.char; 22 local to_byte, to_char = string.byte, string.char;
22 local to_unicode = require "util.encodings".idna.to_unicode; 23 local to_unicode = require "util.encodings".idna.to_unicode;
23 local s_match = string.match; 24 local s_match = string.match;
24 local gmatch = string.gmatch 25 local gmatch = string.gmatch
28 local error = error 29 local error = error
29 local print = print 30 local print = print
30 local setmetatable = setmetatable; 31 local setmetatable = setmetatable;
31 local assert = assert; 32 local assert = assert;
32 33
34 require "util.iterators"
35 local keys = keys
36
37 local array = require "util.array"
33 module "sasl" 38 module "sasl"
34 39
35 local method = {} 40 local method = {};
41 method.__index = method;
36 local mechanisms = {}; 42 local mechanisms = {};
37 local backend_mechanism = {}; 43 local backend_mechanism = {};
38 44
39 -- register a new SASL mechanims 45 -- register a new SASL mechanims
40 local function registerMechanism(name, backends, f) 46 local function registerMechanism(name, backends, f)
41 assert(type(name) == "string", "Parameter name MUST be a string."); 47 assert(type(name) == "string", "Parameter name MUST be a string.");
42 assert(type(backends) == "string" or type(backends) == "table", "Parameter backends MUST be either a string or a table."); 48 assert(type(backends) == "string" or type(backends) == "table", "Parameter backends MUST be either a string or a table.");
43 assert(type(f) == "function", "Parameter f MUST be a function."); 49 assert(type(f) == "function", "Parameter f MUST be a function.");
44 mechanism[name] = f 50 mechanisms[name] = f
45 for _, backend_name in ipairs(backend) 51 for _, backend_name in ipairs(backends) do
52 if backend_mechanism[backend_name] == nil then backend_mechanism[backend_name] = {}; end
53 t_insert(backend_mechanism[backend_name], name);
54 end
46 end 55 end
47 56
48 -- create a new SASL object which can be used to authenticate clients 57 -- create a new SASL object which can be used to authenticate clients
49 function new(realm, profile) 58 function new(realm, profile)
50 sasl_i = {}; 59 sasl_i = {profile = profile};
51
52 return setmetatable(sasl_i, method); 60 return setmetatable(sasl_i, method);
53 end 61 end
54 62
55 -- get a list of possible SASL mechanims to use 63 -- get a list of possible SASL mechanims to use
56 function method:mechanisms() 64 function method:mechanisms()
65 local mechanisms = {}
66 for backend, f in pairs(self.profile) do
67 print(backend)
68 if backend_mechanism[backend] then
69 for _, mechanism in ipairs(backend_mechanism[backend]) do
70 mechanisms[mechanism] = true;
71 end
72 end
73 end
74 return array.collect(keys(mechanisms));
75 end
76
77 -- select a mechanism to use
78 function method:select(mechanism)
57 79
58 end 80 end
59 81
60 -- select a mechanism to use 82 -- feed new messages to process into the library
61 function method.select( mechanism ) 83 function method:process(message)
62 84
63 end 85 end
64 86
87 --=========================
88 --SASL PLAIN
89 local function sasl_mechanism_plain(realm, credentials_handler)
90 local object = { mechanism = "PLAIN", realm = realm, credentials_handler = credentials_handler}
91 function object.feed(self, message)
92 if message == "" or message == nil then return "failure", "malformed-request" end
93 local response = message
94 local authorization = s_match(response, "([^&%z]+)")
95 local authentication = s_match(response, "%z([^&%z]+)%z")
96 local password = s_match(response, "%z[^&%z]+%z([^&%z]+)")
97
98 if authentication == nil or password == nil then return "failure", "malformed-request" end
99 self.username = authentication
100 local auth_success = self.credentials_handler("PLAIN", self.username, self.realm, password)
101
102 if auth_success then
103 return "success"
104 elseif auth_success == nil then
105 return "failure", "account-disabled"
106 else
107 return "failure", "not-authorized"
108 end
109 end
110 return object
111 end
112 registerMechanism("PLAIN", {"plain", "plain_test"}, sasl_mechanism_plain);
113
65 return _M; 114 return _M;