--- Prosody IM v0.4
+-- Prosody IM
-- Copyright (C) 2008-2009 Matthew Wild
-- Copyright (C) 2008-2009 Waqas Hussain
--
end
end
-local function password_callback(node, host, mechanism, decoder)
- local password = (datamanager_load(node, host, "accounts") or {}).password; -- FIXME handle hashed passwords
+local function password_callback(node, hostname, realm, mechanism, decoder)
+ local password = (datamanager_load(node, hostname, "accounts") or {}).password; -- FIXME handle hashed passwords
local func = function(x) return x; end;
if password then
if mechanism == "PLAIN" then
return func, password;
elseif mechanism == "DIGEST-MD5" then
- if decoder then node, host, password = decoder(node), decoder(host), decoder(password); end
- return func, md5(node..":"..host..":"..password);
+ if decoder then node, realm, password = decoder(node), decoder(realm), decoder(password); end
+ return func, md5(node..":"..realm..":"..password);
end
end
return func, nil;
local xmpp_session_attr = { xmlns='urn:ietf:params:xml:ns:xmpp-session' };
module:add_event_hook("stream-features",
function (session, features)
- if not session.username and ((not secure_auth_only) or session.secure) then
+ if not session.username then
+ if secure_auth_only and not session.secure then
+ return;
+ end
features:tag("mechanisms", mechanisms_attr);
-- TODO: Provide PLAIN only if TLS is active, this is a SHOULD from the introduction of RFC 4616. This behavior could be overridden via configuration but will issuing a warning or so.
if config.get(session.host or "*", "core", "anonymous_login") then
projects / prosody.git / blobdiff