local md5 = require "util.hashes".md5;
local log = require "util.logger".init("sasl");
-local tostring = tostring;
local st = require "util.stanza";
local set = require "util.set";
local array = require "util.array";
+local to_unicode = require "util.encodings".idna.to_unicode;
+
+local tostring = tostring;
local pairs, ipairs = pairs, ipairs;
local t_insert, t_concat = table.insert, table.concat;
-local to_unicode = require "util.encodings".idna.to_unicode;
local s_match = string.match;
-local gmatch = string.gmatch
-local string = string
-local math = require "math"
local type = type
local error = error
-local print = print
local setmetatable = setmetatable;
local assert = assert;
-local dofile = dofile;
local require = require;
require "util.iterators"
-- create a new SASL object which can be used to authenticate clients
function new(realm, profile, forbidden)
- sasl_i = {profile = profile};
+ local sasl_i = {profile = profile};
sasl_i.realm = realm;
- s = setmetatable(sasl_i, method);
- s:forbidden(sasl_i, forbidden)
+ local s = setmetatable(sasl_i, method);
+ if forbidden == nil then forbidden = {} end
+ s:forbidden(forbidden)
return s;
end
+-- get a fresh clone with the same realm, profiles and forbidden mechanisms
+function method:clean_clone()
+ return new(self.realm, self.profile, self:forbidden())
+end
+
-- set the forbidden mechanisms
-function method:forbidden( forbidden )
- if forbidden then
+function method:forbidden( restrict )
+ if restrict then
-- set forbidden
- self.forbidden = set.new(forbidden);
+ self.restrict = set.new(restrict);
else
-- get forbidden
- return array.collect(self.forbidden:items());
+ return array.collect(self.restrict:items());
end
end
for backend, f in pairs(self.profile) do
if backend_mechanism[backend] then
for _, mechanism in ipairs(backend_mechanism[backend]) do
- if not sasl_i.forbidden:contains(mechanism) then
+ if not self.restrict:contains(mechanism) then
mechanisms[mechanism] = true;
end
end