Software /
code /
prosody
Changeset
5303:19a4a3462574
Merge 0.9->trunk
author | Waqas Hussain <waqas20@gmail.com> |
---|---|
date | Tue, 22 Jan 2013 08:30:38 +0500 (2013-01-22) |
parents | 5285:19381ed1cc02 (current diff) 5302:52fe5df91c65 (diff) |
children | 5321:33813f000015 |
files | certs/localhost.cert prosodyctl |
diffstat | 21 files changed, 113 insertions(+), 68 deletions(-) [+] |
line wrap: on
line diff
--- a/certs/Makefile Sat Dec 29 19:13:42 2012 +0100 +++ b/certs/Makefile Tue Jan 22 08:30:38 2013 +0500 @@ -1,4 +1,4 @@ -.DEFAULT: localhost.cert +.DEFAULT: localhost.crt keysize=2048 # How to: @@ -8,7 +8,7 @@ # Then `make yourhost.key` to create your private key, you can # include keysize=number to change the size of the key. # Then you can either `make yourhost.csr` to generate a certificate -# signing request that you can submit to a CA, or `make yourhost.cert` +# signing request that you can submit to a CA, or `make yourhost.crt` # to generate a self signed certificate. .PRECIOUS: %.cnf %.key @@ -18,7 +18,7 @@ openssl req -new -key $(lastword $^) -out $@ -utf8 -config $(firstword $^) # Self signed -%.cert: %.cnf %.key +%.crt: %.cnf %.key openssl req -new -x509 -nodes -key $(lastword $^) -days 365 \ -sha1 -out $@ -utf8 -config $(firstword $^)
--- a/certs/localhost.cert Sat Dec 29 19:13:42 2012 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,22 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDojCCAwugAwIBAgIJAPO1OI+vmUi8MA0GCSqGSIb3DQEBBQUAMIGTMQswCQYD -VQQGEwJHQjETMBEGA1UECBMKSmFiYmVybGFuZDETMBEGA1UEChMKUHJvc29keSBJ -TTE8MDoGA1UECxQzaHR0cDovL3Byb3NvZHkuaW0vZG9jL2FkdmFuY2VkX3NzbF90 -bHMjY2VydGlmaWNhdGVzMRwwGgYDVQQDExNFeGFtcGxlIGNlcnRpZmljYXRlMB4X -DTA5MTAxNzE3MDc1NloXDTEwMTAxNzE3MDc1NlowgZMxCzAJBgNVBAYTAkdCMRMw -EQYDVQQIEwpKYWJiZXJsYW5kMRMwEQYDVQQKEwpQcm9zb2R5IElNMTwwOgYDVQQL -FDNodHRwOi8vcHJvc29keS5pbS9kb2MvYWR2YW5jZWRfc3NsX3RscyNjZXJ0aWZp -Y2F0ZXMxHDAaBgNVBAMTE0V4YW1wbGUgY2VydGlmaWNhdGUwgZ8wDQYJKoZIhvcN -AQEBBQADgY0AMIGJAoGBAN5n5y7+A7V6WZ5n/+n4eqjHiQ+p0XD1BYA2435AgzKE -R+ilmrCFv59aWVIi3jS0YB3goMmuSk8PLv8pi/rjEKYhzDoiuoW/LvzjK5pVzbFM -NlkW5I0t4Lrjb2lMkxbQr/B/k07RDlJJJRTmr2j4N7vMoznVFbjQY6dRAv3svYZF -AgMBAAGjgfswgfgwHQYDVR0OBBYEFJhMTxNc3LEYA1vm3v4sCdHzRnUDMIHIBgNV -HSMEgcAwgb2AFJhMTxNc3LEYA1vm3v4sCdHzRnUDoYGZpIGWMIGTMQswCQYDVQQG -EwJHQjETMBEGA1UECBMKSmFiYmVybGFuZDETMBEGA1UEChMKUHJvc29keSBJTTE8 -MDoGA1UECxQzaHR0cDovL3Byb3NvZHkuaW0vZG9jL2FkdmFuY2VkX3NzbF90bHMj -Y2VydGlmaWNhdGVzMRwwGgYDVQQDExNFeGFtcGxlIGNlcnRpZmljYXRlggkA87U4 -j6+ZSLwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQCtLrTOSpQn+j+/ -5zoiP5wAGLpdZE+Iatzd26QwVsL61zd5399nEb1yFs3Hl9jo4W3idyNoofa67atX -2/+3juA0Q/oN/ZT16bWihmcrzv+Qd/CsQfMOZ5ApYV4SEw40L6GITtrZuBDjO4mU -TavhtScoGRzrZavhJG+PyhDH0Scglg== ------END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/certs/localhost.crt Tue Jan 22 08:30:38 2013 +0500 @@ -0,0 +1,22 @@ +-----BEGIN CERTIFICATE----- +MIIDojCCAwugAwIBAgIJAPO1OI+vmUi8MA0GCSqGSIb3DQEBBQUAMIGTMQswCQYD +VQQGEwJHQjETMBEGA1UECBMKSmFiYmVybGFuZDETMBEGA1UEChMKUHJvc29keSBJ +TTE8MDoGA1UECxQzaHR0cDovL3Byb3NvZHkuaW0vZG9jL2FkdmFuY2VkX3NzbF90 +bHMjY2VydGlmaWNhdGVzMRwwGgYDVQQDExNFeGFtcGxlIGNlcnRpZmljYXRlMB4X +DTA5MTAxNzE3MDc1NloXDTEwMTAxNzE3MDc1NlowgZMxCzAJBgNVBAYTAkdCMRMw +EQYDVQQIEwpKYWJiZXJsYW5kMRMwEQYDVQQKEwpQcm9zb2R5IElNMTwwOgYDVQQL +FDNodHRwOi8vcHJvc29keS5pbS9kb2MvYWR2YW5jZWRfc3NsX3RscyNjZXJ0aWZp +Y2F0ZXMxHDAaBgNVBAMTE0V4YW1wbGUgY2VydGlmaWNhdGUwgZ8wDQYJKoZIhvcN +AQEBBQADgY0AMIGJAoGBAN5n5y7+A7V6WZ5n/+n4eqjHiQ+p0XD1BYA2435AgzKE +R+ilmrCFv59aWVIi3jS0YB3goMmuSk8PLv8pi/rjEKYhzDoiuoW/LvzjK5pVzbFM +NlkW5I0t4Lrjb2lMkxbQr/B/k07RDlJJJRTmr2j4N7vMoznVFbjQY6dRAv3svYZF +AgMBAAGjgfswgfgwHQYDVR0OBBYEFJhMTxNc3LEYA1vm3v4sCdHzRnUDMIHIBgNV +HSMEgcAwgb2AFJhMTxNc3LEYA1vm3v4sCdHzRnUDoYGZpIGWMIGTMQswCQYDVQQG +EwJHQjETMBEGA1UECBMKSmFiYmVybGFuZDETMBEGA1UEChMKUHJvc29keSBJTTE8 +MDoGA1UECxQzaHR0cDovL3Byb3NvZHkuaW0vZG9jL2FkdmFuY2VkX3NzbF90bHMj +Y2VydGlmaWNhdGVzMRwwGgYDVQQDExNFeGFtcGxlIGNlcnRpZmljYXRlggkA87U4 +j6+ZSLwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQCtLrTOSpQn+j+/ +5zoiP5wAGLpdZE+Iatzd26QwVsL61zd5399nEb1yFs3Hl9jo4W3idyNoofa67atX +2/+3juA0Q/oN/ZT16bWihmcrzv+Qd/CsQfMOZ5ApYV4SEw40L6GITtrZuBDjO4mU +TavhtScoGRzrZavhJG+PyhDH0Scglg== +-----END CERTIFICATE-----
--- a/core/certmanager.lua Sat Dec 29 19:13:42 2012 +0100 +++ b/core/certmanager.lua Tue Jan 22 08:30:38 2013 +0500 @@ -33,7 +33,7 @@ local default_options = { "no_sslv2", luasec_has_noticket and "no_ticket" or nil }; local default_verifyext = { "lsec_continue", "lsec_ignore_purpose" }; -if not luasec_has_verifyext and ssl.x509 then +if ssl and not luasec_has_verifyext and ssl.x509 then -- COMPAT mw/luasec-hg for i=1,#default_verifyext do -- Remove lsec_ prefix default_verify[#default_verify+1] = default_verifyext[i]:sub(6);
--- a/net/http/parser.lua Sat Dec 29 19:13:42 2012 +0100 +++ b/net/http/parser.lua Tue Jan 22 08:30:38 2013 +0500 @@ -77,6 +77,7 @@ end end end + if not first_line then error = true; return error_cb("invalid-status-line"); end len = tonumber(headers["content-length"]); -- TODO check for invalid len if client then -- FIXME handle '100 Continue' response (by skipping it)
--- a/net/http/server.lua Sat Dec 29 19:13:42 2012 +0100 +++ b/net/http/server.lua Tue Jan 22 08:30:38 2013 +0500 @@ -156,12 +156,23 @@ local date_header = os_date('!%a, %d %b %Y %H:%M:%S GMT'); -- FIXME use local conn_header = request.headers.connection; - local keep_alive = conn_header == "Keep-Alive" or (request.httpversion == "1.1" and conn_header ~= "close"); + conn_header = conn_header and ","..conn_header:gsub("[ \t]", ""):lower().."," or "" + local httpversion = request.httpversion + local persistent = conn_header:find(",keep-alive,", 1, true) + or (httpversion == "1.1" and not conn_header:find(",close,", 1, true)); + + local response_conn_header; + if persistent then + response_conn_header = "Keep-Alive"; + else + response_conn_header = httpversion == "1.1" and "close" or nil + end local response = { request = request; status_code = 200; - headers = { date = date_header, connection = (keep_alive and "Keep-Alive" or "close") }; + headers = { date = date_header, connection = response_conn_header }; + persistent = persistent; conn = conn; send = _M.send_response; finish_cb = finish_cb; @@ -241,7 +252,7 @@ response:on_destroy(); response.on_destroy = nil; end - if headers.connection == "Keep-Alive" then + if response.persistent then response:finish_cb(); else response.conn:close();
--- a/net/server_event.lua Sat Dec 29 19:13:42 2012 +0100 +++ b/net/server_event.lua Tue Jan 22 08:30:38 2013 +0500 @@ -40,6 +40,9 @@ local coroutine = use "coroutine" local setmetatable = use "setmetatable" +local t_insert = table.insert +local t_concat = table.concat + local ssl = use "ssl" local socket = use "socket" or require "socket" @@ -309,7 +312,7 @@ debug( "error:", err ) -- to much, check your app return nil, err end - self.writebuffer = self.writebuffer .. data -- new buffer + t_insert(self.writebuffer, data) -- new buffer self.writebufferlen = total if not self.eventwrite then -- register new write event --vdebug( "register new write event" ) @@ -466,7 +469,7 @@ type = "client"; conn = client; currenttime = socket_gettime( ); -- safe the origin - writebuffer = ""; -- writebuffer + writebuffer = {}; -- writebuffer writebufferlen = 0; -- length of writebuffer send = client.send; -- caching table lookups receive = client.receive; @@ -520,10 +523,11 @@ interface.eventwritetimeout = false end end - local succ, err, byte = interface.conn:send( interface.writebuffer, 1, interface.writebufferlen ) + interface.writebuffer = { t_concat(interface.writebuffer) } + local succ, err, byte = interface.conn:send( interface.writebuffer[1], 1, interface.writebufferlen ) --vdebug( "write data:", interface.writebuffer, "error:", err, "part:", byte ) if succ then -- writing succesful - interface.writebuffer = "" + interface.writebuffer[1] = nil interface.writebufferlen = 0 interface:ondrain(); if interface.fatalerror then @@ -539,7 +543,7 @@ return -1 elseif byte and (err == "timeout" or err == "wantwrite") then -- want write again --vdebug( "writebuffer is not empty:", err ) - interface.writebuffer = string_sub( interface.writebuffer, byte + 1, interface.writebufferlen ) -- new buffer + interface.writebuffer[1] = string_sub( interface.writebuffer[1], byte + 1, interface.writebufferlen ) -- new buffer interface.writebufferlen = interface.writebufferlen - byte if "wantread" == err then -- happens only with luasec local callback = function( )
--- a/net/server_select.lua Sat Dec 29 19:13:42 2012 +0100 +++ b/net/server_select.lua Tue Jan 22 08:30:38 2013 +0500 @@ -74,6 +74,7 @@ local closeall local addsocket local addserver +local addtimer local getserver local wrapserver local getsettings @@ -237,7 +238,6 @@ local client, err = accept( socket ) -- try to accept if client then local ip, clientport = client:getpeername( ) - client:settimeout( 0 ) local handler, client, err = wrapconnection( handler, listeners, client, ip, serverport, clientport, pattern, sslctx ) -- wrap new client socket if err then -- error while wrapping ssl socket return false
--- a/plugins/mod_auth_internal_hashed.lua Sat Dec 29 19:13:42 2012 +0100 +++ b/plugins/mod_auth_internal_hashed.lua Tue Jan 22 08:30:38 2013 +0500 @@ -13,7 +13,6 @@ local usermanager = require "core.usermanager"; local generate_uuid = require "util.uuid".generate; local new_sasl = require "util.sasl".new; -local nodeprep = require "util.encodings".stringprep.nodeprep; local to_hex; do @@ -124,12 +123,7 @@ function provider.get_sasl_handler() local testpass_authentication_profile = { plain_test = function(sasl, username, password, realm) - local prepped_username = nodeprep(username); - if not prepped_username then - log("debug", "NODEprep failed on username: %s", username); - return "", nil; - end - return usermanager.test_password(prepped_username, realm, password), true; + return usermanager.test_password(username, realm, password), true; end, scram_sha_1 = function(sasl, username, realm) local credentials = datamanager.load(username, host, "accounts");
--- a/plugins/mod_auth_internal_plain.lua Sat Dec 29 19:13:42 2012 +0100 +++ b/plugins/mod_auth_internal_plain.lua Tue Jan 22 08:30:38 2013 +0500 @@ -9,7 +9,6 @@ local datamanager = require "util.datamanager"; local usermanager = require "core.usermanager"; local new_sasl = require "util.sasl".new; -local nodeprep = require "util.encodings".stringprep.nodeprep; local log = module._log; local host = module.host; @@ -67,12 +66,7 @@ function provider.get_sasl_handler() local getpass_authentication_profile = { plain = function(sasl, username, realm) - local prepped_username = nodeprep(username); - if not prepped_username then - log("debug", "NODEprep failed on username: %s", username); - return "", nil; - end - local password = usermanager.get_password(prepped_username, realm); + local password = usermanager.get_password(username, realm); if not password then return "", nil; end
--- a/plugins/mod_component.lua Sat Dec 29 19:13:42 2012 +0100 +++ b/plugins/mod_component.lua Tue Jan 22 08:30:38 2013 +0500 @@ -309,6 +309,7 @@ module:provides("net", { name = "component"; + private = true; listener = listener; default_port = 5347; multiplex = {
--- a/plugins/mod_presence.lua Sat Dec 29 19:13:42 2012 +0100 +++ b/plugins/mod_presence.lua Tue Jan 22 08:30:38 2013 +0500 @@ -18,6 +18,7 @@ local st = require "util.stanza"; local jid_split = require "util.jid".split; local jid_bare = require "util.jid".bare; +local datetime = require "util.datetime"; local hosts = hosts; local NULL = {}; @@ -135,6 +136,7 @@ end else origin.presence = stanza; + stanza:tag("delay", { xmlns = "urn:xmpp:delay", from = host, stamp = datetime.datetime() }):up(); if origin.priority ~= priority then origin.priority = priority; recalc_resource_map(user);
--- a/plugins/muc/muc.lib.lua Sat Dec 29 19:13:42 2012 +0100 +++ b/plugins/muc/muc.lib.lua Tue Jan 22 08:30:38 2013 +0500 @@ -529,7 +529,7 @@ self:_route_stanza(stanza); end stanza.attr.from, stanza.attr.to, stanza.attr.id = from, to, id; - else + elseif type ~= "error" then origin.send(st.error_reply(stanza, "cancel", "not-acceptable")); end elseif stanza.name == "message" and type == "groupchat" then -- groupchat messages not allowed in PM
--- a/prosody Sat Dec 29 19:13:42 2012 +0100 +++ b/prosody Tue Jan 22 08:30:38 2013 +0500 @@ -70,6 +70,8 @@ if CFG_CONFIGDIR then table.insert(filenames, CFG_CONFIGDIR.."/"..arg[2]); end + elseif os.getenv("PROSODY_CONFIG") then -- Passed by prosodyctl + table.insert(filenames, os.getenv("PROSODY_CONFIG")); else for _, format in ipairs(config.parsers()) do table.insert(filenames, (CFG_CONFIGDIR or ".").."/prosody.cfg."..format);
--- a/prosody.cfg.lua.dist Sat Dec 29 19:13:42 2012 +0100 +++ b/prosody.cfg.lua.dist Tue Jan 22 08:30:38 2013 +0500 @@ -89,7 +89,7 @@ -- to use SSL/TLS, you may comment or remove this ssl = { key = "certs/localhost.key"; - certificate = "certs/localhost.cert"; + certificate = "certs/localhost.crt"; } -- Only allow encrypted streams? Encryption is already used when
--- a/prosodyctl Sat Dec 29 19:13:42 2012 +0100 +++ b/prosodyctl Tue Jan 22 08:30:38 2013 +0500 @@ -61,16 +61,17 @@ config = require "core.configmanager" +local ENV_CONFIG; do local filenames = {}; local filename; if arg[1] == "--config" and arg[2] then table.insert(filenames, arg[2]); - table.remove(arg, 1); table.remove(arg, 1); if CFG_CONFIGDIR then table.insert(filenames, CFG_CONFIGDIR.."/"..arg[2]); end + table.remove(arg, 1); table.remove(arg, 1); else for _, format in ipairs(config.parsers()) do table.insert(filenames, (CFG_CONFIGDIR or ".").."/prosody.cfg."..format); @@ -81,6 +82,7 @@ local file = io.open(filename); if file then file:close(); + ENV_CONFIG = filename; CFG_CONFIGDIR = filename:match("^(.*)[\\/][^\\/]*$"); break; end @@ -162,6 +164,7 @@ -- Set our umask to protect data files pposix.umask(config.get("*", "core", "umask") or "027"); pposix.setenv("HOME", data_path); + pposix.setenv("PROSODY_CONFIG", ENV_CONFIG); else print("Error: Unable to load pposix module. Check that Prosody is installed correctly.") print("For more help send the below error to us through http://prosody.im/discuss"); @@ -639,8 +642,8 @@ return 1; end -local openssl = require "util.openssl"; -local lfs = require "lfs"; +local openssl; +local lfs; local cert_commands = {}; @@ -723,7 +726,7 @@ function cert_commands.generate(arg) if #arg >= 1 and arg[1] ~= "--help" then - local cert_filename = (CFG_DATADIR or ".") .. "/" .. arg[1] .. ".cert"; + local cert_filename = (CFG_DATADIR or ".") .. "/" .. arg[1] .. ".crt"; if ask_overwrite(cert_filename) then return nil, cert_filename; end @@ -744,6 +747,8 @@ function commands.cert(arg) if #arg >= 1 and arg[1] ~= "--help" then + openssl = require "util.openssl"; + lfs = require "lfs"; local subcmd = table.remove(arg, 1); if type(cert_commands[subcmd]) == "function" then if not arg[1] then
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/util/http.lua Tue Jan 22 08:30:38 2013 +0500 @@ -0,0 +1,15 @@ +-- Prosody IM +-- Copyright (C) 2013 Florian Zeitz +-- +-- This project is MIT/X11 licensed. Please see the +-- COPYING file in the source package for more information. +-- + +local http = {}; + +function http.contains_token(field, token) + field = ","..field:gsub("[ \t]", ""):lower()..","; + return field:find(","..token:lower()..",", 1, true) ~= nil; +end + +return http;
--- a/util/openssl.lua Sat Dec 29 19:13:42 2012 +0100 +++ b/util/openssl.lua Tue Jan 22 08:30:38 2013 +0500 @@ -72,15 +72,11 @@ return s_format("IA5STRING:%s", s); end -local util = {}; _M.util = { utf8string = utf8string, ia5string = ia5string, }; -local function xmppAddr(t, host) -end - function ssl_config:add_dNSName(host) t_insert(self.subject_alternative_name.DNS, idna_to_ascii(host)); end @@ -95,12 +91,12 @@ s_format("%s;%s", oid_xmppaddr, utf8string(host))); end -function ssl_config:from_prosody(hosts, config, certhosts, raw) +function ssl_config:from_prosody(hosts, config, certhosts) -- TODO Decide if this should go elsewhere local found_matching_hosts = false; for i = 1,#certhosts do local certhost = certhosts[i]; - for name, host in pairs(hosts) do + for name in pairs(hosts) do if name == certhost or name:sub(-1-#certhost) == "."..certhost then found_matching_hosts = true; self:add_dNSName(name); @@ -137,7 +133,7 @@ end end end - for k,v in ipairs(o) do + for _,v in ipairs(o) do t_insert(r, ("'%s'"):format(shell_escape(tostring(v)))); end return t_concat(r, " "); @@ -145,7 +141,7 @@ local os_execute = os.execute; setmetatable(_M, { - __index=function(self,f) + __index=function(_,f) return function(opts) return 0 == os_execute(serialize(f, type(opts) == "table" and opts or {})); end;
--- a/util/sasl/digest-md5.lua Sat Dec 29 19:13:42 2012 +0100 +++ b/util/sasl/digest-md5.lua Tue Jan 22 08:30:38 2013 +0500 @@ -23,6 +23,7 @@ local md5 = require "util.hashes".md5; local log = require "util.logger".init("sasl"); local generate_uuid = require "util.uuid".generate; +local nodeprep = require "util.encodings".stringprep.nodeprep; module "sasl.digest-md5" @@ -139,10 +140,15 @@ end -- check for username, it's REQUIRED by RFC 2831 - if not response["username"] then + local username = response["username"]; + local _nodeprep = self.profile.nodeprep; + if username and _nodeprep ~= false then + username = (_nodeprep or nodeprep)(username); -- FIXME charset + end + if not username or username == "" then return "failure", "malformed-request"; end - self["username"] = response["username"]; + self.username = username; -- check for nonce, ... if not response["nonce"] then @@ -178,7 +184,6 @@ end --TODO maybe realm support - self.username = response["username"]; local Y, state; if self.profile.plain then local password, state = self.profile.plain(self, response["username"], self.realm)
--- a/util/sasl/plain.lua Sat Dec 29 19:13:42 2012 +0100 +++ b/util/sasl/plain.lua Tue Jan 22 08:30:38 2013 +0500 @@ -13,6 +13,7 @@ local s_match = string.match; local saslprep = require "util.encodings".stringprep.saslprep; +local nodeprep = require "util.encodings".stringprep.nodeprep; local log = require "util.logger".init("sasl"); module "sasl.plain" @@ -54,6 +55,14 @@ return "failure", "malformed-request", "Invalid username or password."; end + local _nodeprep = self.profile.nodeprep; + if _nodeprep ~= false then + authentication = (_nodeprep or nodeprep)(authentication); + if not authentication or authentication == "" then + return "failure", "malformed-request", "Invalid username or password." + end + end + local correct, state = false, false; if self.profile.plain then local correct_password;
--- a/util/sasl/scram.lua Sat Dec 29 19:13:42 2012 +0100 +++ b/util/sasl/scram.lua Tue Jan 22 08:30:38 2013 +0500 @@ -19,6 +19,7 @@ local sha1 = require "util.hashes".sha1; local generate_uuid = require "util.uuid".generate; local saslprep = require "util.encodings".stringprep.saslprep; +local nodeprep = require "util.encodings".stringprep.nodeprep; local log = require "util.logger".init("sasl"); local t_concat = table.concat; local char = string.char; @@ -76,7 +77,7 @@ return res end -local function validate_username(username) +local function validate_username(username, _nodeprep) -- check for forbidden char sequences for eq in username:gmatch("=(.?.?)") do if eq ~= "2C" and eq ~= "3D" then @@ -90,6 +91,11 @@ -- apply SASLprep username = saslprep(username); + + if username and _nodeprep ~= false then + username = (_nodeprep or nodeprep)(username); + end + return username and #username>0 and username; end @@ -133,7 +139,7 @@ return "failure", "malformed-request", "Channel binding isn't support at this time."; end - self.state.name = validate_username(self.state.name); + self.state.name = validate_username(self.state.name, self.profile.nodeprep); if not self.state.name then log("debug", "Username violates either SASLprep or contains forbidden character sequences.") return "failure", "malformed-request", "Invalid username.";