X-Git-Url: https://git.enpas.org/?a=blobdiff_plain;f=util%2Fsasl%2Fdigest-md5.lua;h=2837148ec4723270b92d11b30ac551299e230184;hb=f2c0726e2c08c9c7c4d82075de645c05eac2623e;hp=1429a5c63e7b19d7dbc57dcca980340a55ad36cf;hpb=00cdbfe6e2e1688552c4d31a9b1790105ccbfb4d;p=prosody.git diff --git a/util/sasl/digest-md5.lua b/util/sasl/digest-md5.lua index 1429a5c6..2837148e 100644 --- a/util/sasl/digest-md5.lua +++ b/util/sasl/digest-md5.lua @@ -1,5 +1,5 @@ -- sasl.lua v0.4 --- Copyright (C) 2008-2009 Tobias Markmann +-- Copyright (C) 2008-2010 Tobias Markmann -- -- All rights reserved. -- @@ -28,10 +28,21 @@ module "digest-md5" --========================= --SASL DIGEST-MD5 according to RFC 2831 -local function digest_response() - - return response, A1, A2 -end + +--[[ +Supported Authentication Backends + +digest_md5: + function(username, domain, realm, encoding) -- domain and realm are usually the same; for some broken + -- implementations it's not + return digesthash, state; + end + +digest_md5_test: + function(username, domain, realm, encoding, digesthash) + return true or false, state; + end +]] local function digest(self, message) --TODO complete support for authzid @@ -39,8 +50,6 @@ local function digest(self, message) local function serialize(message) local data = "" - if type(message) ~= "table" then error("serialize needs an argument of type table.") end - -- testing all possible values if message["realm"] then data = data..[[realm="]]..message.realm..[[",]] end if message["nonce"] then data = data..[[nonce="]]..message.nonce..[[",]] end @@ -101,7 +110,8 @@ local function digest(self, message) end local function parse(data) local message = {} - for k, v in s_gmatch(data, [[([%w%-]+)="?([^",]*)"?,?]]) do -- FIXME The hacky regex makes me shudder + -- COMPAT: %z in the pattern to work around jwchat bug (sends "charset=utf-8\0") + for k, v in s_gmatch(data, [[([%w%-]+)="?([^",%z]*)"?,?]]) do -- FIXME The hacky regex makes me shudder message[k] = v; end return message; @@ -169,13 +179,14 @@ local function digest(self, message) --TODO maybe realm support self.username = response["username"]; + local Y, state; if self.profile.plain then local password, state = self.profile.plain(response["username"], self.realm) if state == nil then return "failure", "not-authorized" elseif state == false then return "failure", "account-disabled" end Y = md5(response["username"]..":"..response["realm"]..":"..password); elseif self.profile["digest-md5"] then - local Y, state = self.profile["digest-md5"](response["username"], self.realm, response["realm"], response["charset"]) + Y, state = self.profile["digest-md5"](response["username"], self.realm, response["realm"], response["charset"]) if state == nil then return "failure", "not-authorized" elseif state == false then return "failure", "account-disabled" end elseif self.profile["digest-md5-test"] then