Diff

plugins/mod_saslauth.lua @ 2179:c985536d5452 sasl

Making mod_saslauth use the new SASL API.
author Tobias Markmann <tm@ayena.de>
date Fri, 28 Aug 2009 13:04:38 +0200
parent 1639:0914d128c55e
child 2193:8fbbdb11a520
line wrap: on
line diff
--- a/plugins/mod_saslauth.lua	Thu Aug 27 21:29:36 2009 +0200
+++ b/plugins/mod_saslauth.lua	Fri Aug 28 13:04:38 2009 +0200
@@ -34,6 +34,12 @@
 
 local new_sasl = require "util.sasl".new;
 
+default_authentication_profile = {
+	plain = function(username, realm)
+			return usermanager_get_password(username, realm), true;
+		end
+};
+
 local function build_reply(status, ret, err_msg)
 	local reply = st.stanza(status, {xmlns = xmlns_sasl});
 	if status == "challenge" then
@@ -101,8 +107,8 @@
 		elseif stanza.attr.mechanism == "ANONYMOUS" then
 			return session.send(build_reply("failure", "mechanism-too-weak"));
 		end
-		session.sasl_handler = new_sasl(stanza.attr.mechanism, session.host, credentials_callback);
-		if not session.sasl_handler then
+		local valid_mechanism = session.sasl_handler:select(stanza.attr.mechanism);
+		if not valid_mechanism then
 			return session.send(build_reply("failure", "invalid-mechanism"));
 		end
 	elseif not session.sasl_handler then
@@ -118,7 +124,7 @@
 			return;
 		end
 	end
-	local status, ret, err_msg = session.sasl_handler:feed(text);
+	local status, ret, err_msg = session.sasl_handler:process(text);
 	handle_status(session, status);
 	local s = build_reply(status, ret, err_msg);
 	log("debug", "sasl reply: %s", tostring(s));
@@ -138,14 +144,14 @@
 				if secure_auth_only and not session.secure then
 					return;
 				end
+				session.sasl_handler = new_sasl(session.host, default_authentication_profile);
 				features:tag("mechanisms", mechanisms_attr);
 				-- TODO: Provide PLAIN only if TLS is active, this is a SHOULD from the introduction of RFC 4616. This behavior could be overridden via configuration but will issuing a warning or so.
 					if config.get(session.host or "*", "core", "anonymous_login") then
 						features:tag("mechanism"):text("ANONYMOUS"):up();
 					else
-						mechanisms = usermanager_get_supported_methods(session.host or "*");
-						for k, v in pairs(mechanisms) do
-							features:tag("mechanism"):text(k):up();
+						for k, v in pairs(session.sasl_handler:mechanisms()) do
+							features:tag("mechanism"):text(v):up();
 						end
 					end
 				features:up();