prosody
eef21d7bbe04
plugins/mod_saslauth.lua
Software / code / prosody
Comparison
plugins/mod_saslauth.lua @ 887:eef21d7bbe04
mod_saslauth: Disable SASL ANONYMOUS unless explicitly enabled with sasl_anonymous = true
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Sat, 07 Mar 2009 20:17:09 +0000 |
| parent | 799:b7ea802f3527 |
| child | 896:2c0b9e3c11c3 |
comparison
equal
deleted
inserted
replaced
| 886:96de7f0a41cc | 887:eef21d7bbe04 |
|---|---|
| 15 local usermanager_validate_credentials = require "core.usermanager".validate_credentials; | 15 local usermanager_validate_credentials = require "core.usermanager".validate_credentials; |
| 16 local t_concat, t_insert = table.concat, table.insert; | 16 local t_concat, t_insert = table.concat, table.insert; |
| 17 local tostring = tostring; | 17 local tostring = tostring; |
| 18 local jid_split = require "util.jid".split | 18 local jid_split = require "util.jid".split |
| 19 local md5 = require "util.hashes".md5; | 19 local md5 = require "util.hashes".md5; |
| 20 local config = require "core.configmanager"; | |
| 20 | 21 |
| 21 local log = require "util.logger".init("mod_saslauth"); | 22 local log = require "util.logger".init("mod_saslauth"); |
| 22 | 23 |
| 23 local xmlns_sasl ='urn:ietf:params:xml:ns:xmpp-sasl'; | 24 local xmlns_sasl ='urn:ietf:params:xml:ns:xmpp-sasl'; |
| 24 local xmlns_bind ='urn:ietf:params:xml:ns:xmpp-bind'; | 25 local xmlns_bind ='urn:ietf:params:xml:ns:xmpp-bind'; |
| 104 if not session.username then | 105 if not session.username then |
| 105 features:tag("mechanisms", mechanisms_attr); | 106 features:tag("mechanisms", mechanisms_attr); |
| 106 -- TODO: Provide PLAIN only if TLS is active, this is a SHOULD from the introduction of RFC 4616. This behavior could be overridden via configuration but will issuing a warning or so. | 107 -- TODO: Provide PLAIN only if TLS is active, this is a SHOULD from the introduction of RFC 4616. This behavior could be overridden via configuration but will issuing a warning or so. |
| 107 features:tag("mechanism"):text("PLAIN"):up(); | 108 features:tag("mechanism"):text("PLAIN"):up(); |
| 108 features:tag("mechanism"):text("DIGEST-MD5"):up(); | 109 features:tag("mechanism"):text("DIGEST-MD5"):up(); |
| 109 features:tag("mechanism"):text("ANONYMOUS"):up(); | 110 if config.get(session.host or "*", "core", "sasl_anonymous") then |
| 111 features:tag("mechanism"):text("ANONYMOUS"):up(); | |
| 112 end | |
| 110 features:up(); | 113 features:up(); |
| 111 else | 114 else |
| 112 features:tag("bind", bind_attr):tag("required"):up():up(); | 115 features:tag("bind", bind_attr):tag("required"):up():up(); |
| 113 features:tag("session", xmpp_session_attr):up(); | 116 features:tag("session", xmpp_session_attr):up(); |
| 114 end | 117 end |
