Changeset

404:4801dbeccc2a

Some changes to report more correct SASL failures. Support for disabled accounts.
author Tobias Markmann <tm@ayena.de>
date Sun, 23 Nov 2008 21:26:06 +0100
parents 403:da92afa267cf
children 405:62706c4e04cf
files util/sasl.lua
diffstat 1 files changed, 4 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/util/sasl.lua	Sun Nov 23 20:44:48 2008 +0100
+++ b/util/sasl.lua	Sun Nov 23 21:26:06 2008 +0100
@@ -28,7 +28,8 @@
 		
 		local password_encoding, correct_password = self.password_handler(authentication, self.realm, "PLAIN")
 		
-		if correct_password == nil then return "failure", "malformed-request" end
+		if correct_password == nil then return "failure", "not-authorized" end
+		elseif correct_password == false then return "failure", "account-disabled" end
 		
 		local claimed_password = ""
 		if password_encoding == nil then claimed_password = password
@@ -125,7 +126,8 @@
 			--TODO maybe realm support
 			self.username = response["username"]
 			local password_encoding, Y = self.password_handler(response["username"], response["realm"], "DIGEST-MD5")
-			if Y == nil then return "failure", "malformed-request" end
+			if Y == nil then return "failure", "not-authorized" end
+			elseif Y == false then return "failure", "account-disabled" end
 			
 			local A1 = Y..":"..response["nonce"]..":"..response["cnonce"]--:authzid
 			local A2 = "AUTHENTICATE:"..protocol.."/"..domain