X-Git-Url: https://git.enpas.org/?a=blobdiff_plain;f=util%2Fsasl%2Fplain.lua;h=c9ec2911797ecaacae50ac0e6f969adb062b5591;hb=ecd2e6962f8993af96ffa869659f7949e64054ae;hp=ba4645e10bb08ce0ffa77c58699e351b070be7a7;hpb=82479210c48db64d3b6e429ad0b69d87cac04edc;p=prosody.git

diff --git a/util/sasl/plain.lua b/util/sasl/plain.lua
index ba4645e1..c9ec2911 100644
--- a/util/sasl/plain.lua
+++ b/util/sasl/plain.lua
@@ -13,6 +13,7 @@
 
 local s_match = string.match;
 local saslprep = require "util.encodings".stringprep.saslprep;
+local nodeprep = require "util.encodings".stringprep.nodeprep;
 local log = require "util.logger".init("sasl");
 
 module "sasl.plain"
@@ -54,6 +55,14 @@ local function plain(self, message)
 		return "failure", "malformed-request", "Invalid username or password.";
 	end
 
+	local _nodeprep = self.profile.nodeprep;
+	if _nodeprep ~= false then
+		authentication = (_nodeprep or nodeprep)(authentication);
+		if not authentication or authentication == "" then
+			return "failure", "malformed-request", "Invalid username or password."
+		end
+	end
+
 	local correct, state = false, false;
 	if self.profile.plain then
 		local correct_password;
@@ -66,15 +75,11 @@ local function plain(self, message)
 	self.username = authentication
 	if state == false then
 		return "failure", "account-disabled";
-	elseif state == nil then
+	elseif state == nil or not correct then
 		return "failure", "not-authorized", "Unable to authorize you with the authentication credentials you've sent.";
 	end
 
-	if correct then
-		return "success";
-	else
-		return "failure", "not-authorized", "Unable to authorize you with the authentication credentials you've sent.";
-	end
+	return "success";
 end
 
 function init(registerMechanism)