Software /
code /
prosody
Comparison
plugins/mod_saslauth.lua @ 2860:ad534f89c758
mod_saslauth: Don't print raw SASL data to avoid logging passwords unnecessarily
author | Matthew Wild <mwild1@gmail.com> |
---|---|
date | Sat, 13 Feb 2010 19:35:12 +0000 |
parent | 2014:913c0845ef9a |
child | 2877:1edeb8fe7d14 |
comparison
equal
deleted
inserted
replaced
2859:460681180194 | 2860:ad534f89c758 |
---|---|
36 local new_sasl = require "util.sasl".new; | 36 local new_sasl = require "util.sasl".new; |
37 | 37 |
38 local function build_reply(status, ret, err_msg) | 38 local function build_reply(status, ret, err_msg) |
39 local reply = st.stanza(status, {xmlns = xmlns_sasl}); | 39 local reply = st.stanza(status, {xmlns = xmlns_sasl}); |
40 if status == "challenge" then | 40 if status == "challenge" then |
41 log("debug", "%s", ret or ""); | 41 --log("debug", "CHALLENGE: %s", ret or ""); |
42 reply:text(base64.encode(ret or "")); | 42 reply:text(base64.encode(ret or "")); |
43 elseif status == "failure" then | 43 elseif status == "failure" then |
44 reply:tag(ret):up(); | 44 reply:tag(ret):up(); |
45 if err_msg then reply:tag("text"):text(err_msg); end | 45 if err_msg then reply:tag("text"):text(err_msg); end |
46 elseif status == "success" then | 46 elseif status == "success" then |
47 log("debug", "%s", ret or ""); | 47 --log("debug", "SUCCESS: %s", ret or ""); |
48 reply:text(base64.encode(ret or "")); | 48 reply:text(base64.encode(ret or "")); |
49 else | 49 else |
50 module:log("error", "Unknown sasl status: %s", status); | 50 module:log("error", "Unknown sasl status: %s", status); |
51 end | 51 end |
52 return reply; | 52 return reply; |
119 return; -- FIXME ignoring out of order stanzas because ejabberd does | 119 return; -- FIXME ignoring out of order stanzas because ejabberd does |
120 end | 120 end |
121 local text = stanza[1]; | 121 local text = stanza[1]; |
122 if text then | 122 if text then |
123 text = base64.decode(text); | 123 text = base64.decode(text); |
124 log("debug", "%s", text); | 124 --log("debug", "AUTH: %s", text:gsub("[%z\001-\008\011\012\014-\031]", " ")); |
125 if not text then | 125 if not text then |
126 session.sasl_handler = nil; | 126 session.sasl_handler = nil; |
127 session.send(build_reply("failure", "incorrect-encoding")); | 127 session.send(build_reply("failure", "incorrect-encoding")); |
128 return; | 128 return; |
129 end | 129 end |