prosody
b953b0c0f203
plugins/mod_saslauth.lua
Software / code / prosody
Comparison
plugins/mod_saslauth.lua @ 3535:b953b0c0f203
mod_saslauth: Updated to use the new events API.
| author | Waqas Hussain <waqas20@gmail.com> |
|---|---|
| date | Sat, 16 Oct 2010 07:18:01 +0500 |
| parent | 3524:d206b4e0a9f3 |
| child | 3548:cd8d1cacc65b |
comparison
equal
deleted
inserted
replaced
| 3534:c68590b13a6d | 3535:b953b0c0f203 |
|---|---|
| 70 end | 70 end |
| 71 end | 71 end |
| 72 return status, ret, err_msg; | 72 return status, ret, err_msg; |
| 73 end | 73 end |
| 74 | 74 |
| 75 local function sasl_handler(session, stanza) | 75 local function sasl_handler(event) |
| 76 local session, stanza = event.origin, event.stanza; | |
| 77 if session.type ~= "c2s_unauthed" then return; end | |
| 78 | |
| 76 if stanza.name == "auth" then | 79 if stanza.name == "auth" then |
| 77 -- FIXME ignoring duplicates because ejabberd does | 80 -- FIXME ignoring duplicates because ejabberd does |
| 78 local mechanism = stanza.attr.mechanism; | 81 local mechanism = stanza.attr.mechanism; |
| 79 if anonymous_login then | 82 if anonymous_login then |
| 80 if mechanism ~= "ANONYMOUS" then | 83 if mechanism ~= "ANONYMOUS" then |
| 81 return session.send(build_reply("failure", "invalid-mechanism")); | 84 session.send(build_reply("failure", "invalid-mechanism")); |
| 85 return true; | |
| 82 end | 86 end |
| 83 elseif mechanism == "ANONYMOUS" then | 87 elseif mechanism == "ANONYMOUS" then |
| 84 return session.send(build_reply("failure", "mechanism-too-weak")); | 88 session.send(build_reply("failure", "mechanism-too-weak")); |
| 89 return true; | |
| 85 end | 90 end |
| 86 if not session.secure and (secure_auth_only or (mechanism == "PLAIN" and not allow_unencrypted_plain_auth)) then | 91 if not session.secure and (secure_auth_only or (mechanism == "PLAIN" and not allow_unencrypted_plain_auth)) then |
| 87 return session.send(build_reply("failure", "encryption-required")); | 92 session.send(build_reply("failure", "encryption-required")); |
| 93 return true; | |
| 88 end | 94 end |
| 89 local valid_mechanism = session.sasl_handler:select(mechanism); | 95 local valid_mechanism = session.sasl_handler:select(mechanism); |
| 90 if not valid_mechanism then | 96 if not valid_mechanism then |
| 91 return session.send(build_reply("failure", "invalid-mechanism")); | 97 session.send(build_reply("failure", "invalid-mechanism")); |
| 98 return true; | |
| 92 end | 99 end |
| 93 elseif not session.sasl_handler then | 100 elseif not session.sasl_handler then |
| 94 return; -- FIXME ignoring out of order stanzas because ejabberd does | 101 return true; -- FIXME ignoring out of order stanzas because ejabberd does |
| 95 end | 102 end |
| 96 local text = stanza[1]; | 103 local text = stanza[1]; |
| 97 if text then | 104 if text then |
| 98 text = base64.decode(text); | 105 text = base64.decode(text); |
| 99 --log("debug", "AUTH: %s", text:gsub("[%z\001-\008\011\012\014-\031]", " ")); | 106 --log("debug", "AUTH: %s", text:gsub("[%z\001-\008\011\012\014-\031]", " ")); |
| 100 if not text then | 107 if not text then |
| 101 session.sasl_handler = nil; | 108 session.sasl_handler = nil; |
| 102 session.send(build_reply("failure", "incorrect-encoding")); | 109 session.send(build_reply("failure", "incorrect-encoding")); |
| 103 return; | 110 return true; |
| 104 end | 111 end |
| 105 end | 112 end |
| 106 local status, ret, err_msg = session.sasl_handler:process(text); | 113 local status, ret, err_msg = session.sasl_handler:process(text); |
| 107 status, ret, err_msg = handle_status(session, status, ret, err_msg); | 114 status, ret, err_msg = handle_status(session, status, ret, err_msg); |
| 108 local s = build_reply(status, ret, err_msg); | 115 local s = build_reply(status, ret, err_msg); |
| 109 log("debug", "sasl reply: %s", tostring(s)); | 116 log("debug", "sasl reply: %s", tostring(s)); |
| 110 session.send(s); | 117 session.send(s); |
| 118 return true; | |
| 111 end | 119 end |
| 112 | 120 |
| 113 module:add_handler("c2s_unauthed", "auth", xmlns_sasl, sasl_handler); | 121 module:hook("stanza/urn:ietf:params:xml:ns:xmpp-sasl:auth", sasl_handler); |
| 114 module:add_handler("c2s_unauthed", "abort", xmlns_sasl, sasl_handler); | 122 module:hook("stanza/urn:ietf:params:xml:ns:xmpp-sasl:abort", sasl_handler); |
| 115 module:add_handler("c2s_unauthed", "response", xmlns_sasl, sasl_handler); | 123 module:hook("stanza/urn:ietf:params:xml:ns:xmpp-sasl:response", sasl_handler); |
| 116 | 124 |
| 117 local mechanisms_attr = { xmlns='urn:ietf:params:xml:ns:xmpp-sasl' }; | 125 local mechanisms_attr = { xmlns='urn:ietf:params:xml:ns:xmpp-sasl' }; |
| 118 local bind_attr = { xmlns='urn:ietf:params:xml:ns:xmpp-bind' }; | 126 local bind_attr = { xmlns='urn:ietf:params:xml:ns:xmpp-bind' }; |
| 119 local xmpp_session_attr = { xmlns='urn:ietf:params:xml:ns:xmpp-session' }; | 127 local xmpp_session_attr = { xmlns='urn:ietf:params:xml:ns:xmpp-session' }; |
| 120 module:hook("stream-features", function(event) | 128 module:hook("stream-features", function(event) |
