X-Git-Url: https://git.enpas.org/?a=blobdiff_plain;f=util%2Fsasl%2Fplain.lua;h=1a2ba01e406ac1a2b7f63f81fea28c1b3116e7f6;hb=898fc1ff90e3c6244bbe8e88b5c533cde30bb588;hp=46a86bb92ef65239535756a58a53dcd1c5de65f1;hpb=72a98d4f123a3d7c2822ba1a96f096c43ae393ce;p=prosody.git diff --git a/util/sasl/plain.lua b/util/sasl/plain.lua index 46a86bb9..1a2ba01e 100644 --- a/util/sasl/plain.lua +++ b/util/sasl/plain.lua @@ -1,5 +1,5 @@ -- sasl.lua v0.4 --- Copyright (C) 2008-2009 Tobias Markmann +-- Copyright (C) 2008-2010 Tobias Markmann -- -- All rights reserved. -- @@ -17,22 +17,38 @@ local log = require "util.logger".init("sasl"); module "plain" ---========================= ---SASL PLAIN according to RFC 4616 +-- ================================ +-- SASL PLAIN according to RFC 4616 + +--[[ +Supported Authentication Backends + +plain: + function(username, realm) + return password, state; + end + +plain_test: + function(username, password, realm) + return true or false, state; + end +]] + local function plain(self, message) - local response = message - local authorization = s_match(response, "([^%z]+)") - local authentication = s_match(response, "%z([^%z]+)%z") - local password = s_match(response, "%z[^%z]+%z([^%z]+)") + if not message then + return "failure", "malformed-request"; + end + + local authorization, authentication, password = s_match(message, "^([^%z]*)%z([^%z]+)%z([^%z]+)"); - if authentication == nil or password == nil then + if not authorization then return "failure", "malformed-request"; end - + -- SASLprep password and authentication authentication = saslprep(authentication); password = saslprep(password); - + if (not password) or (password == "") or (not authentication) or (authentication == "") then log("debug", "Username or password violates SASLprep."); return "failure", "malformed-request", "Invalid username or password."; @@ -42,9 +58,9 @@ local function plain(self, message) if self.profile.plain then local correct_password; correct_password, state = self.profile.plain(authentication, self.realm); - if correct_password == password then correct = true; else correct = false; end + correct = (correct_password == password); elseif self.profile.plain_test then - correct, state = self.profile.plain_test(authentication, self.realm, password); + correct, state = self.profile.plain_test(authentication, password, self.realm); end self.username = authentication @@ -63,4 +79,4 @@ function init(registerMechanism) registerMechanism("PLAIN", {"plain", "plain_test"}, plain); end -return _M; \ No newline at end of file +return _M;