diff options
| author | Jeff Mitchell <jeff@jefferai.org> | 2010-05-28 14:47:32 -0400 |
|---|---|---|
| committer | Jeff Mitchell <jeff@jefferai.org> | 2010-05-28 14:47:32 -0400 |
| commit | 79df72e1a67a9566c952414a2a1dc9cded7ed625 (patch) | |
| tree | 1a2b28664dcbf8575d1938876db91524b028ea10 /plugins/mod_saslauth.lua | |
| parent | b9196dd592b734c54b1282c04d3f6825f6bf4c53 (diff) | |
| download | prosody-79df72e1a67a9566c952414a2a1dc9cded7ed625.tar.gz prosody-79df72e1a67a9566c952414a2a1dc9cded7ed625.zip | |
Correct out of order logic in mod_hashpassauth
Make saslauth check the existence of the get_password and test_password functions to determine which authentication profile to use.
Diffstat (limited to 'plugins/mod_saslauth.lua')
| -rw-r--r-- | plugins/mod_saslauth.lua | 17 |
1 files changed, 9 insertions, 8 deletions
diff --git a/plugins/mod_saslauth.lua b/plugins/mod_saslauth.lua index 4ba0f1fd..6499eafe 100644 --- a/plugins/mod_saslauth.lua +++ b/plugins/mod_saslauth.lua @@ -15,6 +15,7 @@ local base64 = require "util.encodings".base64; local nodeprep = require "util.encodings".stringprep.nodeprep; local datamanager_load = require "util.datamanager".load; +local usermanager_get_provider = require "core.usermanager".get_provider; local usermanager_get_supported_methods = require "core.usermanager".get_supported_methods; local usermanager_user_exists = require "core.usermanager".user_exists; local usermanager_get_password = require "core.usermanager".get_password; @@ -66,7 +67,7 @@ else error("Unknown SASL backend"); end -local default_authentication_profile = { +local getpass_authentication_profile = { plain = function(username, realm) local prepped_username = nodeprep(username); if not prepped_username then @@ -81,7 +82,7 @@ local default_authentication_profile = { end }; -local hashpass_authentication_profile = { +local testpass_authentication_profile = { plain_test = function(username, password, realm) local prepped_username = nodeprep(username); if not prepped_username then @@ -194,12 +195,12 @@ module:hook("stream-features", function(event) if module:get_option("anonymous_login") then origin.sasl_handler = new_sasl(realm, anonymous_authentication_profile); else - local authentication = module:get_option("authentication"); - log("debug", "AUTH: creating handler for '%s' type", authentication); - if authentication == nil or authentication == "default" then - origin.sasl_handler = new_sasl(realm, default_authentication_profile); - elseif authentication == "hashpass" then - origin.sasl_handler = new_sasl(realm, hashpass_authentication_profile); + if usermanager_get_provider(realm).get_password then + origin.sasl_handler = new_sasl(realm, getpass_authentication_profile); + elseif usermanager_get_provider(realm).test_password then + origin.sasl_handler = new_sasl(realm, testpass_authentication_profile); + else + log("warning", "AUTH: Could not load an authentication profile for the given provider."); end if not (module:get_option("allow_unencrypted_plain_auth")) and not origin.secure then origin.sasl_handler:forbidden({"PLAIN"}); |