X-Git-Url: https://git.enpas.org/?a=blobdiff_plain;f=plugins%2Fmod_saslauth.lua;h=d3f32be3d5d1357b776cd735a4fd218275a7495e;hb=740d4f647339acbc871004de3970c46aeeeab759;hp=4934523f5ec6e9a2f7e533e5f69f001e158d5f1b;hpb=8aba1c77f0714f2460cc21660bb494fc217e042b;p=prosody.git

diff --git a/plugins/mod_saslauth.lua b/plugins/mod_saslauth.lua
index 4934523f..d3f32be3 100644
--- a/plugins/mod_saslauth.lua
+++ b/plugins/mod_saslauth.lua
@@ -1,27 +1,15 @@
--- Prosody IM v0.2
--- Copyright (C) 2008 Matthew Wild
--- Copyright (C) 2008 Waqas Hussain
+-- Prosody IM v0.4
+-- Copyright (C) 2008-2009 Matthew Wild
+-- Copyright (C) 2008-2009 Waqas Hussain
 -- 
--- This program is free software; you can redistribute it and/or
--- modify it under the terms of the GNU General Public License
--- as published by the Free Software Foundation; either version 2
--- of the License, or (at your option) any later version.
--- 
--- This program is distributed in the hope that it will be useful,
--- but WITHOUT ANY WARRANTY; without even the implied warranty of
--- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
--- GNU General Public License for more details.
--- 
--- You should have received a copy of the GNU General Public License
--- along with this program; if not, write to the Free Software
--- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+-- This project is MIT/X11 licensed. Please see the
+-- COPYING file in the source package for more information.
 --
 
 
 
 local st = require "util.stanza";
 local sm_bind_resource = require "core.sessionmanager".bind_resource;
-local jid
 local base64 = require "util.encodings".base64;
 
 local usermanager_validate_credentials = require "core.usermanager".validate_credentials;
@@ -29,6 +17,7 @@ local t_concat, t_insert = table.concat, table.insert;
 local tostring = tostring;
 local jid_split = require "util.jid".split
 local md5 = require "util.hashes".md5;
+local config = require "core.configmanager";
 
 local log = require "util.logger".init("mod_saslauth");
 
@@ -41,13 +30,13 @@ local new_sasl = require "util.sasl".new;
 local function build_reply(status, ret, err_msg)
 	local reply = st.stanza(status, {xmlns = xmlns_sasl});
 	if status == "challenge" then
-		log("challenge", ret or "");
+		log("debug", ret or "");
 		reply:text(base64.encode(ret or ""));
 	elseif status == "failure" then
 		reply:tag(ret):up();
 		if err_msg then reply:tag("text"):text(err_msg); end
 	elseif status == "success" then
-		log("success", ret or "");
+		log("debug", ret or "");
 		reply:text(base64.encode(ret or ""));
 	else
 		error("Unknown sasl status: "..status);
@@ -80,7 +69,7 @@ local function password_callback(node, host, mechanism, decoder)
 	return func, nil;
 end
 
-function sasl_handler(session, stanza)
+local function sasl_handler(session, stanza)
 	if stanza.name == "auth" then
 		-- FIXME ignoring duplicates because ejabberd does
 		session.sasl_handler = new_sasl(stanza.attr.mechanism, session.host, password_callback);
@@ -90,7 +79,7 @@ function sasl_handler(session, stanza)
 	local text = stanza[1];
 	if text then
 		text = base64.decode(text);
-		log("recieved", text);
+		log("debug", text);
 		if not text then
 			session.sasl_handler = nil;
 			session.send(build_reply("failure", "incorrect-encoding"));
@@ -112,18 +101,21 @@ local mechanisms_attr = { xmlns='urn:ietf:params:xml:ns:xmpp-sasl' };
 local bind_attr = { xmlns='urn:ietf:params:xml:ns:xmpp-bind' };
 local xmpp_session_attr = { xmlns='urn:ietf:params:xml:ns:xmpp-session' };
 module:add_event_hook("stream-features", 
-					function (session, features)												
-						if not session.username then
-							features:tag("mechanisms", mechanisms_attr);
-							-- TODO: Provide PLAIN only if TLS is active, this is a SHOULD from the introduction of RFC 4616. This behavior could be overridden via configuration but will issuing a warning or so.
-								features:tag("mechanism"):text("PLAIN"):up();
-								features:tag("mechanism"):text("DIGEST-MD5"):up();
-							features:up();
-						else
-							features:tag("bind", bind_attr):tag("required"):up():up();
-							features:tag("session", xmpp_session_attr):up();
-						end
-					end);
+		function (session, features)												
+			if not session.username then
+				features:tag("mechanisms", mechanisms_attr);
+				-- TODO: Provide PLAIN only if TLS is active, this is a SHOULD from the introduction of RFC 4616. This behavior could be overridden via configuration but will issuing a warning or so.
+					features:tag("mechanism"):text("PLAIN"):up();
+					features:tag("mechanism"):text("DIGEST-MD5"):up();
+					if config.get(session.host or "*", "core", "sasl_anonymous") then
+						features:tag("mechanism"):text("ANONYMOUS"):up();
+					end
+				features:up();
+			else
+				features:tag("bind", bind_attr):tag("required"):up():up();
+				features:tag("session", xmpp_session_attr):up();
+			end
+		end);
 					
 module:add_iq_handler("c2s", "urn:ietf:params:xml:ns:xmpp-bind", 
 		function (session, stanza)