X-Git-Url: https://git.enpas.org/?a=blobdiff_plain;f=plugins%2Fmod_saslauth.lua;h=da66717cf2e48a0e744709f4c60acfe749fe1d1a;hb=d6ac47c50ec04d29c21929db2468d093d58083a3;hp=87f242739eafc66e6c48150b940a19dae53113fe;hpb=f3ec49912d4d7d2717d9d572ec7745b3253f5843;p=prosody.git

diff --git a/plugins/mod_saslauth.lua b/plugins/mod_saslauth.lua
index 87f24273..da66717c 100644
--- a/plugins/mod_saslauth.lua
+++ b/plugins/mod_saslauth.lua
@@ -1,7 +1,7 @@
 -- Prosody IM
 -- Copyright (C) 2008-2009 Matthew Wild
 -- Copyright (C) 2008-2009 Waqas Hussain
---
+-- 
 -- This project is MIT/X11 licensed. Please see the
 -- COPYING file in the source package for more information.
 --
@@ -13,6 +13,7 @@ local sm_bind_resource = require "core.sessionmanager".bind_resource;
 local sm_make_authenticated = require "core.sessionmanager".make_authenticated;
 local base64 = require "util.encodings".base64;
 
+local nodeprep = require "util.encodings".stringprep.nodeprep;
 local datamanager_load = require "util.datamanager".load;
 local usermanager_validate_credentials = require "core.usermanager".validate_credentials;
 local usermanager_get_supported_methods = require "core.usermanager".get_supported_methods;
@@ -68,18 +69,31 @@ local function handle_status(session, status)
 end
 
 local function credentials_callback(mechanism, ...)
-  if mechanism == "PLAIN" then
-    local username, hostname, password = arg[1], arg[2], arg[3];
-    local response = usermanager_validate_credentials(hostname, username, password, mechanism)
-    if response == nil then return false
-    else return response end
-  elseif mechanism == "DIGEST-MD5" then
-    function func(x) return x; end
-    local node, domain, realm, decoder = arg[1], arg[2], arg[3], arg[4];
-    local password = usermanager_get_password(node, domain)
-    if decoder then node, realm, password = decoder(node), decoder(realm), decoder(password); end
-    return func, md5(node..":"..realm..":"..password);
-  end
+	if mechanism == "PLAIN" then
+		local username, hostname, password = ...;
+		username = nodeprep(username);
+		if not username then
+			return false;
+		end
+		local response = usermanager_validate_credentials(hostname, username, password, mechanism);
+		if response == nil then
+			return false;
+		else
+			return response;
+		end
+	elseif mechanism == "DIGEST-MD5" then
+		function func(x) return x; end
+		local node, domain, realm, decoder = ...;
+		local password = usermanager_get_password(node, domain);
+		if password then
+			if decoder then
+				node, realm, password = decoder(node), decoder(realm), decoder(password);
+			end
+			return func, md5(node..":"..realm..":"..password);
+		else
+			return func, nil;
+		end
+	end
 end
 
 local function sasl_handler(session, stanza)