# HG changeset patch
# User Kim Alvefur <zash@zash.se>
# Date 1344351612 -7200
# Node ID 4629c60a303b88a0a27b4da4f364ba8e7d6bf56f
# Parent  1ffc788c56960142661f6762133ee058bcf3b9ee
mod_legacyauth: Return an error if username or resource fails stringprep (thanks iron)

diff -r 1ffc788c5696 -r 4629c60a303b plugins/mod_legacyauth.lua
--- a/plugins/mod_legacyauth.lua	Sun Aug 05 17:21:19 2012 +0100
+++ b/plugins/mod_legacyauth.lua	Tue Aug 07 17:00:12 2012 +0200
@@ -58,6 +58,10 @@
 		username = nodeprep(username);
 		resource = resourceprep(resource)
 		local reply = st.reply(stanza);
+		if not (username and resource) then
+			session.send(st.error_reply(stanza, "modify", "bad-request"));
+			return true;
+		end
 		if usermanager.test_password(username, session.host, password) then
 			-- Authentication successful!
 			local success, err = sessionmanager.make_authenticated(session, username);