aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTobias Markmann <tm@ayena.de>2008-11-23 21:26:06 +0100
committerTobias Markmann <tm@ayena.de>2008-11-23 21:26:06 +0100
commit8e11baf028003ad7354752c32682505976d01af3 (patch)
tree19cdfb8eba5565efc9e26134017a7d64c7f9cb26
parent560094822d86f10450567785544cfcca61dd8a3b (diff)
downloadprosody-8e11baf028003ad7354752c32682505976d01af3.tar.gz
prosody-8e11baf028003ad7354752c32682505976d01af3.zip
Some changes to report more correct SASL failures. Support for disabled accounts.
-rw-r--r--util/sasl.lua6
1 files changed, 4 insertions, 2 deletions
diff --git a/util/sasl.lua b/util/sasl.lua
index 12e8953e..cc2456c7 100644
--- a/util/sasl.lua
+++ b/util/sasl.lua
@@ -28,7 +28,8 @@ local function new_plain(realm, password_handler)
local password_encoding, correct_password = self.password_handler(authentication, self.realm, "PLAIN")
- if correct_password == nil then return "failure", "malformed-request" end
+ if correct_password == nil then return "failure", "not-authorized" end
+ elseif correct_password == false then return "failure", "account-disabled" end
local claimed_password = ""
if password_encoding == nil then claimed_password = password
@@ -125,7 +126,8 @@ local function new_digest_md5(realm, password_handler)
--TODO maybe realm support
self.username = response["username"]
local password_encoding, Y = self.password_handler(response["username"], response["realm"], "DIGEST-MD5")
- if Y == nil then return "failure", "malformed-request" end
+ if Y == nil then return "failure", "not-authorized" end
+ elseif Y == false then return "failure", "account-disabled" end
local A1 = Y..":"..response["nonce"]..":"..response["cnonce"]--:authzid
local A2 = "AUTHENTICATE:"..protocol.."/"..domain