-- create a new SASL object which can be used to authenticate clients
function new(realm, profile, forbidden)
- sasl_i = {profile = profile};
+ local sasl_i = {profile = profile};
sasl_i.realm = realm;
- s = setmetatable(sasl_i, method);
- s:forbidden(sasl_i, forbidden)
+ local s = setmetatable(sasl_i, method);
+ if forbidden == nil then forbidden = {} end
+ s:forbidden(forbidden)
return s;
end
+-- get a fresh clone with the same realm, profiles and forbidden mechanisms
+function method:clean_clone()
+ return new(self.realm, self.profile, self:forbidden())
+end
+
-- set the forbidden mechanisms
-function method:forbidden( forbidden )
- if forbidden then
+function method:forbidden( restrict )
+ if restrict then
-- set forbidden
- self.forbidden = set.new(forbidden);
+ self.restrict = set.new(restrict);
else
-- get forbidden
- return array.collect(self.forbidden:items());
+ return array.collect(self.restrict:items());
end
end
for backend, f in pairs(self.profile) do
if backend_mechanism[backend] then
for _, mechanism in ipairs(backend_mechanism[backend]) do
- if not sasl_i.forbidden:contains(mechanism) then
+ if not self.restrict:contains(mechanism) then
mechanisms[mechanism] = true;
end
end