prosody
270cb2821566
plugins/mod_auth_cyrus.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

File

plugins/mod_auth_cyrus.lua @ 10399:270cb2821566

mod_ping: Remove ad-hoc command 17:27:40 <Ge0rG> Zash: the Ping thing is absolutely worthless 17:27:55 <Zash> The command provided by mod_ping? 17:27:59 <pep.> To own server? 17:28:14 <Ge0rG> the Ping command in mod_admin_web, whatever it maps to 17:28:29 <Ge0rG> > Pong > 2019-11-07T16:28:16Z What am I supposed to do with that result? 17:28:29 <Zash> Yeah, mod_ping provides that 17:28:41 <Ge0rG> Is it a ping to my own server? Where's the RTT? 17:28:48 <Zash> Dunno if it's useful for more than verifying that the adhoc command system works 17:29:02 <Ge0rG> (it lags, but there is no indication of how much) 17:29:14 <Zash> It can't really test that itself 17:29:52 <Zash> Anyone opposed to deleting it? 17:30:42 <Zash> Half the module 17:42:47 <MattJ> Zash, I'm fine with removing it
author Kim Alvefur <zash@zash.se>
date Thu, 07 Nov 2019 19:23:42 +0100
parent 8054:0ba461b7d9af
line wrap: on
line source

-- Prosody IM
-- Copyright (C) 2008-2010 Matthew Wild
-- Copyright (C) 2008-2010 Waqas Hussain
--
-- This project is MIT/X11 licensed. Please see the
-- COPYING file in the source package for more information.
--
-- luacheck: ignore 212

local log = require "util.logger".init("auth_cyrus");

local usermanager_user_exists = require "core.usermanager".user_exists;

local cyrus_service_realm = module:get_option("cyrus_service_realm");
local cyrus_service_name = module:get_option("cyrus_service_name");
local cyrus_application_name = module:get_option("cyrus_application_name");
local require_provisioning = module:get_option("cyrus_require_provisioning") or false;
local host_fqdn = module:get_option("cyrus_server_fqdn");

prosody.unlock_globals(); --FIXME: Figure out why this is needed and
						  -- why cyrussasl isn't caught by the sandbox
local cyrus_new = require "util.sasl_cyrus".new;
prosody.lock_globals();
local new_sasl = function(realm)
	return cyrus_new(
		cyrus_service_realm or realm,
		cyrus_service_name or "xmpp",
		cyrus_application_name or "prosody",
		host_fqdn
	);
end

do -- diagnostic
	local list;
	for mechanism in pairs(new_sasl(module.host):mechanisms()) do
		list = (not(list) and mechanism) or (list..", "..mechanism);
	end
	if not list then
		module:log("error", "No Cyrus SASL mechanisms available");
	else
		module:log("debug", "Available Cyrus SASL mechanisms: %s", list);
	end
end

local host = module.host;

-- define auth provider
local provider = {};
log("debug", "initializing default authentication provider for host '%s'", host);

function provider.test_password(username, password)
	return nil, "Legacy auth not supported with Cyrus SASL.";
end

function provider.get_password(username)
	return nil, "Passwords unavailable for Cyrus SASL.";
end

function provider.set_password(username, password)
	return nil, "Passwords unavailable for Cyrus SASL.";
end

function provider.user_exists(username)
	if require_provisioning then
		return usermanager_user_exists(username, host);
	end
	return true;
end

function provider.create_user(username, password)
	return nil, "Account creation/modification not available with Cyrus SASL.";
end

function provider.get_sasl_handler()
	local handler = new_sasl(host);
	if require_provisioning then
		function handler.require_provisioning(username)
			return usermanager_user_exists(username, host);
		end
	end
	return handler;
end

module:provides("auth", provider);