Software /
code /
prosody
Diff
plugins/mod_legacyauth.lua @ 5083:4629c60a303b
mod_legacyauth: Return an error if username or resource fails stringprep (thanks iron)
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Tue, 07 Aug 2012 17:00:12 +0200 |
parent | 4258:ee445e658848 |
child | 5084:82b9fe0c79c5 |
line wrap: on
line diff
--- a/plugins/mod_legacyauth.lua Sun Aug 05 17:21:19 2012 +0100 +++ b/plugins/mod_legacyauth.lua Tue Aug 07 17:00:12 2012 +0200 @@ -58,6 +58,10 @@ username = nodeprep(username); resource = resourceprep(resource) local reply = st.reply(stanza); + if not (username and resource) then + session.send(st.error_reply(stanza, "modify", "bad-request")); + return true; + end if usermanager.test_password(username, session.host, password) then -- Authentication successful! local success, err = sessionmanager.make_authenticated(session, username);