projects / prosody.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge 0.9->0.10
[prosody.git] / util / sasl_cyrus.lua
diff --git a/util/sasl_cyrus.lua b/util/sasl_cyrus.lua
index 1f901d5704df6042d3aea646107263e977e69cb9..a0e8bd69d45c4dde830efd2881a3a55efcdaf1b1 100644 (file)
--- a/util/sasl_cyrus.lua
+++ b/util/sasl_cyrus.lua
@@ -78,11 +78,15 @@ local function init(service_name)
 end
 
 -- create a new SASL object which can be used to authenticate clients
-function new(realm, service_name, app_name)
+-- host_fqdn may be nil in which case gethostname() gives the value.
+--      For GSSAPI, this determines the hostname in the service ticket (after
+--      reverse DNS canonicalization, only if [libdefaults] rdns = true which
+--      is the default).
+function new(realm, service_name, app_name, host_fqdn)
 
        init(app_name or service_name);
 
-       local st, ret = pcall(cyrussasl.server_new, service_name, nil, realm, nil, nil)
+       local st, ret = pcall(cyrussasl.server_new, service_name, host_fqdn, realm, nil, nil)
        if not st then
                log("error", "Creating SASL server connection failed: %s", ret);
                return nil;
@@ -121,8 +125,10 @@ end
 
 -- select a mechanism to use
 function method:select(mechanism)
-       self.mechanism = mechanism;
-       return self:mechanisms()[mechanism];
+       if not self.selected and self.mechs[mechanism] then
+               self.selected = mechanism;
+               return true;
+       end
 end
 
 -- feed new messages to process into the library
@@ -131,7 +137,7 @@ function method:process(message)
        local data;
 
        if not self.first_step_done then
-               err, data = cyrussasl.server_start(self.cyrus, self.mechanism, message or "")
+               err, data = cyrussasl.server_start(self.cyrus, self.selected, message or "")
                self.first_step_done = true;
        else
                err, data = cyrussasl.server_step(self.cyrus, message or "")