diff options
author | Kim Alvefur <zash@zash.se> | 2012-08-07 17:00:12 +0200 |
---|---|---|
committer | Kim Alvefur <zash@zash.se> | 2012-08-07 17:00:12 +0200 |
commit | 715867da8ab2fc1793d33bc198303af8ada0a14a (patch) | |
tree | ca9cd6e962036467daed6a3f48b521dbb4cc5c4f | |
parent | f6edccc24c0ebf7b4ec86826d66259ba1cad8f0d (diff) | |
download | prosody-715867da8ab2fc1793d33bc198303af8ada0a14a.tar.gz prosody-715867da8ab2fc1793d33bc198303af8ada0a14a.zip |
mod_legacyauth: Return an error if username or resource fails stringprep (thanks iron)
-rw-r--r-- | plugins/mod_legacyauth.lua | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/plugins/mod_legacyauth.lua b/plugins/mod_legacyauth.lua index a47f0223..7a3038bc 100644 --- a/plugins/mod_legacyauth.lua +++ b/plugins/mod_legacyauth.lua @@ -58,6 +58,10 @@ module:hook("stanza/iq/jabber:iq:auth:query", function(event) username = nodeprep(username); resource = resourceprep(resource) local reply = st.reply(stanza); + if not (username and resource) then + session.send(st.error_reply(stanza, "modify", "bad-request")); + return true; + end if usermanager.test_password(username, session.host, password) then -- Authentication successful! local success, err = sessionmanager.make_authenticated(session, username); |