X-Git-Url: https://git.enpas.org/?a=blobdiff_plain;f=util%2Fsasl%2Fplain.lua;h=c9ec2911797ecaacae50ac0e6f969adb062b5591;hb=eb667887d3e88dca83c75c485654e9e74e60d5ee;hp=2abbc53a1688dd66c2d02253676a69446a5aac85;hpb=accfc1cd7f0dab59b183074173f6265eba772d13;p=prosody.git

diff --git a/util/sasl/plain.lua b/util/sasl/plain.lua
index 2abbc53a..c9ec2911 100644
--- a/util/sasl/plain.lua
+++ b/util/sasl/plain.lua
@@ -13,9 +13,10 @@
 
 local s_match = string.match;
 local saslprep = require "util.encodings".stringprep.saslprep;
+local nodeprep = require "util.encodings".stringprep.nodeprep;
 local log = require "util.logger".init("sasl");
 
-module "plain"
+module "sasl.plain"
 
 -- ================================
 -- SASL PLAIN according to RFC 4616
@@ -28,15 +29,10 @@ plain:
 		return password, state;
 	end
 
-plain-test:
-	function(username, realm, password)
+plain_test:
+	function(username, password, realm)
 		return true or false, state;
 	end
-	
-plain-hashed:
-	function(username, realm)
-		return hashed_password, hash_function, state;
-	end
 ]]
 
 local function plain(self, message)
@@ -59,33 +55,35 @@ local function plain(self, message)
 		return "failure", "malformed-request", "Invalid username or password.";
 	end
 
+	local _nodeprep = self.profile.nodeprep;
+	if _nodeprep ~= false then
+		authentication = (_nodeprep or nodeprep)(authentication);
+		if not authentication or authentication == "" then
+			return "failure", "malformed-request", "Invalid username or password."
+		end
+	end
+
 	local correct, state = false, false;
 	if self.profile.plain then
 		local correct_password;
-		correct_password, state = self.profile.plain(authentication, self.realm);
-		if correct_password == password then correct = true; else correct = false; end
+		correct_password, state = self.profile.plain(self, authentication, self.realm);
+		correct = (correct_password == password);
 	elseif self.profile.plain_test then
-		correct, state = self.profile.plain_test(authentication, self.realm, password);
-	elseif self.profile.plain_hashed then
-		local hashed_password, hash_f;
-		hashed_password, hash_f, state = self.profile.plain_hashed(authentication, self.realm);
-		if hashed_password == hash_f(password) then correct = true; else correct = false; end
+		correct, state = self.profile.plain_test(self, authentication, password, self.realm);
 	end
 
 	self.username = authentication
-	if not state then
+	if state == false then
 		return "failure", "account-disabled";
-	end
-
-	if correct then
-		return "success";
-	else
+	elseif state == nil or not correct then
 		return "failure", "not-authorized", "Unable to authorize you with the authentication credentials you've sent.";
 	end
+
+	return "success";
 end
 
 function init(registerMechanism)
-	registerMechanism("PLAIN", {"plain", "plain_test", "plain_hashed"}, plain);
+	registerMechanism("PLAIN", {"plain", "plain_test"}, plain);
 end
 
 return _M;