local saslprep = require "util.encodings".stringprep.saslprep;
local log = require "util.logger".init("sasl");
-module "plain"
+module "sasl.plain"
-- ================================
-- SASL PLAIN according to RFC 4616
return password, state;
end
-plain-test:
- function(username, realm, password)
+plain_test:
+ function(username, password, realm)
return true or false, state;
end
-
-plain-hashed:
- function(username, realm)
- return hashed_password, hash_function, state;
- end
]]
local function plain(self, message)
local correct, state = false, false;
if self.profile.plain then
local correct_password;
- correct_password, state = self.profile.plain(authentication, self.realm);
- if correct_password == password then correct = true; else correct = false; end
+ correct_password, state = self.profile.plain(self, authentication, self.realm);
+ correct = (correct_password == password);
elseif self.profile.plain_test then
- correct, state = self.profile.plain_test(authentication, self.realm, password);
- elseif self.profile.plain_hashed then
- local hashed_password, hash_f;
- hashed_password, hash_f, state = self.profile.plain_hashed(authentication, self.realm);
- if hashed_password == hash_f(password) then correct = true; else correct = false; end
+ correct, state = self.profile.plain_test(self, authentication, password, self.realm);
end
self.username = authentication
- if not state then
+ if state == false then
return "failure", "account-disabled";
+ elseif state == nil then
+ return "failure", "not-authorized", "Unable to authorize you with the authentication credentials you've sent.";
end
if correct then
end
function init(registerMechanism)
- registerMechanism("PLAIN", {"plain", "plain_test", "plain_hashed"}, plain);
+ registerMechanism("PLAIN", {"plain", "plain_test"}, plain);
end
return _M;