Software /
code /
prosody
Comparison
util/sasl.lua @ 2176:aaf2b2df61f7 sasl
Mostly making the code run; includes fixing typos and so on.
author | Tobias Markmann <tm@ayena.de> |
---|---|
date | Mon, 10 Aug 2009 23:04:19 +0200 |
parent | 2175:3ca8755581a1 |
child | 2177:8505e1da5408 |
comparison
equal
deleted
inserted
replaced
2175:3ca8755581a1 | 2176:aaf2b2df61f7 |
---|---|
15 local md5 = require "util.hashes".md5; | 15 local md5 = require "util.hashes".md5; |
16 local log = require "util.logger".init("sasl"); | 16 local log = require "util.logger".init("sasl"); |
17 local tostring = tostring; | 17 local tostring = tostring; |
18 local st = require "util.stanza"; | 18 local st = require "util.stanza"; |
19 local generate_uuid = require "util.uuid".generate; | 19 local generate_uuid = require "util.uuid".generate; |
20 local pairs, ipairs = pairs, ipairs; | |
20 local t_insert, t_concat = table.insert, table.concat; | 21 local t_insert, t_concat = table.insert, table.concat; |
21 local to_byte, to_char = string.byte, string.char; | 22 local to_byte, to_char = string.byte, string.char; |
22 local to_unicode = require "util.encodings".idna.to_unicode; | 23 local to_unicode = require "util.encodings".idna.to_unicode; |
23 local s_match = string.match; | 24 local s_match = string.match; |
24 local gmatch = string.gmatch | 25 local gmatch = string.gmatch |
28 local error = error | 29 local error = error |
29 local print = print | 30 local print = print |
30 local setmetatable = setmetatable; | 31 local setmetatable = setmetatable; |
31 local assert = assert; | 32 local assert = assert; |
32 | 33 |
34 require "util.iterators" | |
35 local keys = keys | |
36 | |
37 local array = require "util.array" | |
33 module "sasl" | 38 module "sasl" |
34 | 39 |
35 local method = {} | 40 local method = {}; |
41 method.__index = method; | |
36 local mechanisms = {}; | 42 local mechanisms = {}; |
37 local backend_mechanism = {}; | 43 local backend_mechanism = {}; |
38 | 44 |
39 -- register a new SASL mechanims | 45 -- register a new SASL mechanims |
40 local function registerMechanism(name, backends, f) | 46 local function registerMechanism(name, backends, f) |
41 assert(type(name) == "string", "Parameter name MUST be a string."); | 47 assert(type(name) == "string", "Parameter name MUST be a string."); |
42 assert(type(backends) == "string" or type(backends) == "table", "Parameter backends MUST be either a string or a table."); | 48 assert(type(backends) == "string" or type(backends) == "table", "Parameter backends MUST be either a string or a table."); |
43 assert(type(f) == "function", "Parameter f MUST be a function."); | 49 assert(type(f) == "function", "Parameter f MUST be a function."); |
44 mechanism[name] = f | 50 mechanisms[name] = f |
45 for _, backend_name in ipairs(backend) | 51 for _, backend_name in ipairs(backends) do |
52 if backend_mechanism[backend_name] == nil then backend_mechanism[backend_name] = {}; end | |
53 t_insert(backend_mechanism[backend_name], name); | |
54 end | |
46 end | 55 end |
47 | 56 |
48 -- create a new SASL object which can be used to authenticate clients | 57 -- create a new SASL object which can be used to authenticate clients |
49 function new(realm, profile) | 58 function new(realm, profile) |
50 sasl_i = {}; | 59 sasl_i = {profile = profile}; |
51 | |
52 return setmetatable(sasl_i, method); | 60 return setmetatable(sasl_i, method); |
53 end | 61 end |
54 | 62 |
55 -- get a list of possible SASL mechanims to use | 63 -- get a list of possible SASL mechanims to use |
56 function method:mechanisms() | 64 function method:mechanisms() |
65 local mechanisms = {} | |
66 for backend, f in pairs(self.profile) do | |
67 print(backend) | |
68 if backend_mechanism[backend] then | |
69 for _, mechanism in ipairs(backend_mechanism[backend]) do | |
70 mechanisms[mechanism] = true; | |
71 end | |
72 end | |
73 end | |
74 return array.collect(keys(mechanisms)); | |
75 end | |
76 | |
77 -- select a mechanism to use | |
78 function method:select(mechanism) | |
57 | 79 |
58 end | 80 end |
59 | 81 |
60 -- select a mechanism to use | 82 -- feed new messages to process into the library |
61 function method.select( mechanism ) | 83 function method:process(message) |
62 | 84 |
63 end | 85 end |
64 | 86 |
87 --========================= | |
88 --SASL PLAIN | |
89 local function sasl_mechanism_plain(realm, credentials_handler) | |
90 local object = { mechanism = "PLAIN", realm = realm, credentials_handler = credentials_handler} | |
91 function object.feed(self, message) | |
92 if message == "" or message == nil then return "failure", "malformed-request" end | |
93 local response = message | |
94 local authorization = s_match(response, "([^&%z]+)") | |
95 local authentication = s_match(response, "%z([^&%z]+)%z") | |
96 local password = s_match(response, "%z[^&%z]+%z([^&%z]+)") | |
97 | |
98 if authentication == nil or password == nil then return "failure", "malformed-request" end | |
99 self.username = authentication | |
100 local auth_success = self.credentials_handler("PLAIN", self.username, self.realm, password) | |
101 | |
102 if auth_success then | |
103 return "success" | |
104 elseif auth_success == nil then | |
105 return "failure", "account-disabled" | |
106 else | |
107 return "failure", "not-authorized" | |
108 end | |
109 end | |
110 return object | |
111 end | |
112 registerMechanism("PLAIN", {"plain", "plain_test"}, sasl_mechanism_plain); | |
113 | |
65 return _M; | 114 return _M; |