X-Git-Url: https://git.enpas.org/?a=blobdiff_plain;f=plugins%2Fmod_auth_cyrus.lua;h=7668f8c407f2b8255e645d0d88c8dae179796090;hb=a6ffb01c50254ed0cc712362ef1ad44bceb490b8;hp=ed3d5408f573895e33d3ed2ad47c7ce4d46ef60f;hpb=502992b1a6c5cad2edb0fb77ab00162827a486da;p=prosody.git diff --git a/plugins/mod_auth_cyrus.lua b/plugins/mod_auth_cyrus.lua index ed3d5408..7668f8c4 100644 --- a/plugins/mod_auth_cyrus.lua +++ b/plugins/mod_auth_cyrus.lua @@ -14,6 +14,7 @@ local cyrus_service_realm = module:get_option("cyrus_service_realm"); local cyrus_service_name = module:get_option("cyrus_service_name"); local cyrus_application_name = module:get_option("cyrus_application_name"); local require_provisioning = module:get_option("cyrus_require_provisioning") or false; +local host_fqdn = module:get_option("cyrus_server_fqdn"); prosody.unlock_globals(); --FIXME: Figure out why this is needed and -- why cyrussasl isn't caught by the sandbox @@ -23,50 +24,61 @@ local new_sasl = function(realm) return cyrus_new( cyrus_service_realm or realm, cyrus_service_name or "xmpp", - cyrus_application_name or "prosody" + cyrus_application_name or "prosody", + host_fqdn ); end -function new_default_provider(host) - local provider = { name = "cyrus" }; - log("debug", "initializing default authentication provider for host '%s'", host); - - function provider.test_password(username, password) - return nil, "Legacy auth not supported with Cyrus SASL."; - end - - function provider.get_password(username) - return nil, "Passwords unavailable for Cyrus SASL."; +do -- diagnostic + local list; + for mechanism in pairs(new_sasl(module.host):mechanisms()) do + list = (not(list) and mechanism) or (list..", "..mechanism); end - - function provider.set_password(username, password) - return nil, "Passwords unavailable for Cyrus SASL."; + if not list then + module:log("error", "No Cyrus SASL mechanisms available"); + else + module:log("debug", "Available Cyrus SASL mechanisms: %s", list); end +end - function provider.user_exists(username) - if require_provisioning then - return usermanager_user_exists(username, module.host); - end - return true; - end +local host = module.host; + +-- define auth provider +local provider = {}; +log("debug", "initializing default authentication provider for host '%s'", host); + +function provider.test_password(username, password) + return nil, "Legacy auth not supported with Cyrus SASL."; +end - function provider.create_user(username, password) - return nil, "Account creation/modification not available with Cyrus SASL."; +function provider.get_password(username) + return nil, "Passwords unavailable for Cyrus SASL."; +end + +function provider.set_password(username, password) + return nil, "Passwords unavailable for Cyrus SASL."; +end + +function provider.user_exists(username) + if require_provisioning then + return usermanager_user_exists(username, host); end + return true; +end + +function provider.create_user(username, password) + return nil, "Account creation/modification not available with Cyrus SASL."; +end - function provider.get_sasl_handler() - local realm = module:get_option("sasl_realm") or module.host; - local handler = new_sasl(realm); - if require_provisioning then - function handler.require_provisioning(username) - return usermanager_user_exists(username, module.host); - end +function provider.get_sasl_handler() + local handler = new_sasl(host); + if require_provisioning then + function handler.require_provisioning(username) + return usermanager_user_exists(username, host); end - return handler; end - - return provider; + return handler; end -module:add_item("auth-provider", new_default_provider(module.host)); +module:provides("auth", provider);