aboutsummaryrefslogtreecommitdiffstats
path: root/plugins/mod_auth_insecure.lua
diff options
context:
space:
mode:
authorKim Alvefur <zash@zash.se>2020-05-23 14:17:04 +0200
committerKim Alvefur <zash@zash.se>2020-05-23 14:17:04 +0200
commit3ce91067f6299da1d8d9b4c8a1fdbf304cf91914 (patch)
treea249dec1a21ea653597ecba2e941089a3f886369 /plugins/mod_auth_insecure.lua
parent5919a7557e1c52a2a3efb7b41e26fb0482a7698f (diff)
downloadprosody-3ce91067f6299da1d8d9b4c8a1fdbf304cf91914.tar.gz
prosody-3ce91067f6299da1d8d9b4c8a1fdbf304cf91914.zip
mod_auth_internal_*: Apply saslprep to passwords
Related to #1560
Diffstat (limited to 'plugins/mod_auth_insecure.lua')
-rw-r--r--plugins/mod_auth_insecure.lua5
1 files changed, 5 insertions, 0 deletions
diff --git a/plugins/mod_auth_insecure.lua b/plugins/mod_auth_insecure.lua
index 9e23c29f..dc5ee616 100644
--- a/plugins/mod_auth_insecure.lua
+++ b/plugins/mod_auth_insecure.lua
@@ -9,6 +9,7 @@
local datamanager = require "util.datamanager";
local new_sasl = require "util.sasl".new;
+local saslprep = require "util.encodings".stringprep.saslprep;
local host = module.host;
local provider = { name = "insecure" };
@@ -21,6 +22,10 @@ end
function provider.set_password(username, password)
local account = datamanager.load(username, host, "accounts");
+ password = saslprep(password);
+ if not password then
+ return nil, "Password fails SASLprep.";
+ end
if account then
account.password = password;
return datamanager.store(username, host, "accounts", account);