prosody
c985536d5452
util/sasl.lua
Software / code / prosody
Comparison
util/sasl.lua @ 2179:c985536d5452 sasl
Making mod_saslauth use the new SASL API.
| author | Tobias Markmann <tm@ayena.de> |
|---|---|
| date | Fri, 28 Aug 2009 13:04:38 +0200 |
| parent | 2178:28d841403a21 |
| child | 2180:8de2f7f5b870 |
comparison
equal
deleted
inserted
replaced
| 2178:28d841403a21 | 2179:c985536d5452 |
|---|---|
| 79 end | 79 end |
| 80 | 80 |
| 81 -- create a new SASL object which can be used to authenticate clients | 81 -- create a new SASL object which can be used to authenticate clients |
| 82 function new(realm, profile) | 82 function new(realm, profile) |
| 83 sasl_i = {profile = profile}; | 83 sasl_i = {profile = profile}; |
| 84 sasl_i.realm = realm; | |
| 84 return setmetatable(sasl_i, method); | 85 return setmetatable(sasl_i, method); |
| 85 end | 86 end |
| 86 | 87 |
| 87 -- get a list of possible SASL mechanims to use | 88 -- get a list of possible SASL mechanims to use |
| 88 function method:mechanisms() | 89 function method:mechanisms() |
| 90 for backend, f in pairs(self.profile) do | 91 for backend, f in pairs(self.profile) do |
| 91 print(backend) | 92 print(backend) |
| 92 if backend_mechanism[backend] then | 93 if backend_mechanism[backend] then |
| 93 for _, mechanism in ipairs(backend_mechanism[backend]) do | 94 for _, mechanism in ipairs(backend_mechanism[backend]) do |
| 94 mechanisms[mechanism] = true; | 95 mechanisms[mechanism] = true; |
| 95 end | 96 end |
| 96 end | 97 end |
| 97 end | 98 end |
| 98 self["possible_mechanisms"] = mechanisms; | 99 self["possible_mechanisms"] = mechanisms; |
| 99 return array.collect(keys(mechanisms)); | 100 return array.collect(keys(mechanisms)); |
| 100 end | 101 end |
| 101 | 102 |
| 102 -- select a mechanism to use | 103 -- select a mechanism to use |
| 103 function method:select(mechanism) | 104 function method:select(mechanism) |
| 104 self.mech_i = mechanisms[mechanism] | 105 self.mech_i = mechanisms[mechanism] |
| 105 if self.mech_i == nil then return false; end | 106 if self.mech_i == nil then |
| 107 return false; | |
| 108 end | |
| 106 return true; | 109 return true; |
| 107 end | 110 end |
| 108 | 111 |
| 109 -- feed new messages to process into the library | 112 -- feed new messages to process into the library |
| 110 function method:process(message) | 113 function method:process(message) |
| 118 local response = message | 121 local response = message |
| 119 local authorization = s_match(response, "([^&%z]+)") | 122 local authorization = s_match(response, "([^&%z]+)") |
| 120 local authentication = s_match(response, "%z([^&%z]+)%z") | 123 local authentication = s_match(response, "%z([^&%z]+)%z") |
| 121 local password = s_match(response, "%z[^&%z]+%z([^&%z]+)") | 124 local password = s_match(response, "%z[^&%z]+%z([^&%z]+)") |
| 122 | 125 |
| 123 if authentication == nil or password == nil then return "failure", "malformed-request" end | 126 if authentication == nil or password == nil then |
| 127 return "failure", "malformed-request"; | |
| 128 end | |
| 124 | 129 |
| 125 local correct, state = false, false, false; | 130 local correct, state = false, false; |
| 126 if self.profile.plain then | 131 if self.profile.plain then |
| 127 local correct_password, state = self.profile.plain(authentication, self.realm); | 132 local correct_password; |
| 133 correct_password, state = self.profile.plain(authentication, self.realm); | |
| 128 if correct_password == password then correct = true; else correct = false; end | 134 if correct_password == password then correct = true; else correct = false; end |
| 129 else if self.profile.plain_test then | 135 elseif self.profile.plain_test then |
| 130 correct, state = self.profile.plain_test(authentication, self.realm, password); | 136 correct, state = self.profile.plain_test(authentication, self.realm, password); |
| 131 end | 137 end |
| 132 | 138 |
| 133 self.username = authentication | 139 self.username = authentication |
| 134 if not state then | 140 if not state then |
