Software /
code /
prosody
File
plugins/mod_auth_insecure.lua @ 12578:10bb58ad5583
executables: Reject Lua 5.1 early
Prevents attempting to load libraries that may no longer be found and
crashing with a traceback.
Platforms like Debian where multiple Lua versions can be installed at
the same time and 'lua' pointing to one of the installed interpreters
via symlinks, there's the possibility that prosody/prosodyctl may be
invoked with Lua 5.1, which will no longer have any of the rest of
Prosody libraries available to be require(), and thus would immediately
fail with an unfriendly traceback.
Checking and aborting early with a friendlier message and reference to
more information is better.
Part of #1600
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Sat, 02 Jul 2022 17:27:39 +0200 (2022-07-02) |
parent | 10914:0d7d71dee0a0 |
child | 12671:32881d0c359f |
line wrap: on
line source
-- Prosody IM -- Copyright (C) 2008-2010 Matthew Wild -- Copyright (C) 2008-2010 Waqas Hussain -- -- This project is MIT/X11 licensed. Please see the -- COPYING file in the source package for more information. -- -- luacheck: ignore 212 local datamanager = require "util.datamanager"; local new_sasl = require "util.sasl".new; local saslprep = require "util.encodings".stringprep.saslprep; local host = module.host; local provider = { name = "insecure" }; assert(module:get_option_string("insecure_open_authentication") == "Yes please, I know what I'm doing!"); function provider.test_password(username, password) return true; end function provider.set_password(username, password) local account = datamanager.load(username, host, "accounts"); password = saslprep(password); if not password then return nil, "Password fails SASLprep."; end if account then account.password = password; return datamanager.store(username, host, "accounts", account); end return nil, "Account not available."; end function provider.user_exists(username) return true; end function provider.create_user(username, password) return datamanager.store(username, host, "accounts", {password = password}); end function provider.delete_user(username) return datamanager.store(username, host, "accounts", nil); end function provider.get_sasl_handler() local getpass_authentication_profile = { plain_test = function(sasl, username, password, realm) return true, true; end }; return new_sasl(module.host, getpass_authentication_profile); end module:add_item("auth-provider", provider);