Merge 0.6->0.7

[prosody.git] / plugins / mod_saslauth.lua

diff --git a/plugins/mod_saslauth.lua b/plugins/mod_saslauth.lua
index 47c0fbb32b87628d1877018c2eef0b29bf3b8b06..d407e5da8588ff5bc8787e05fb5232c34326b03e 100644 (file)
--- a/plugins/mod_saslauth.lua
+++ b/plugins/mod_saslauth.lua
@@ -15,11 +15,10 @@ local base64 = require "util.encodings".base64;
 
 local nodeprep = require "util.encodings".stringprep.nodeprep;
 local datamanager_load = require "util.datamanager".load;
-local usermanager_get_provider = require "core.usermanager".get_provider;
-local usermanager_get_sasl_handler = require "core.usermanager".get_sasl_handler;
+local usermanager_validate_credentials = require "core.usermanager".validate_credentials;
+local usermanager_get_supported_methods = require "core.usermanager".get_supported_methods;
 local usermanager_user_exists = require "core.usermanager".user_exists;
 local usermanager_get_password = require "core.usermanager".get_password;
-local usermanager_test_password = require "core.usermanager".test_password;
 local t_concat, t_insert = table.concat, table.insert;
 local tostring = tostring;
 local jid_split = require "util.jid".split;
@@ -67,6 +66,21 @@ else
        error("Unknown SASL backend");
 end
 
+local default_authentication_profile = {
+       plain = function(username, realm)
+               local prepped_username = nodeprep(username);
+               if not prepped_username then
+                       log("debug", "NODEprep failed on username: %s", username);
+                       return "", nil;
+               end
+               local password = usermanager_get_password(prepped_username, realm);
+               if not password then
+                       return "", nil;
+               end
+               return password, true;
+       end
+};
+
 local anonymous_authentication_profile = {
        anonymous = function(username, realm)
                return true; -- for normal usage you should always return true here
@@ -97,8 +111,8 @@ local function handle_status(session, status, ret, err_msg)
                local username = nodeprep(session.sasl_handler.username);
 
                if not(require_provisioning) or usermanager_user_exists(username, session.host) then
-                       local ok, err = sm_make_authenticated(session, session.sasl_handler.username);
-                       if ok then
+                       local aret, err = sm_make_authenticated(session, session.sasl_handler.username);
+                       if aret then
                                session.sasl_handler = nil;
                                session:reset_stream();
                        else
@@ -169,14 +183,14 @@ module:hook("stream-features", function(event)
                if module:get_option("anonymous_login") then
                        origin.sasl_handler = new_sasl(realm, anonymous_authentication_profile);
                else
-                       origin.sasl_handler = usermanager_get_sasl_handler(module.host);
+                       origin.sasl_handler = new_sasl(realm, default_authentication_profile);
                        if not (module:get_option("allow_unencrypted_plain_auth")) and not origin.secure then
                                origin.sasl_handler:forbidden({"PLAIN"});
                        end
                end
                features:tag("mechanisms", mechanisms_attr);
-               for k in pairs(origin.sasl_handler:mechanisms()) do
-                       features:tag("mechanism"):text(k):up();
+               for k, v in pairs(origin.sasl_handler:mechanisms()) do
+                       features:tag("mechanism"):text(v):up();
                end
                features:up();
        else