aboutsummaryrefslogtreecommitdiffstats
path: root/plugins/mod_saslauth.lua
diff options
context:
space:
mode:
authorJeff Mitchell <jeff@jefferai.org>2010-05-28 14:47:32 -0400
committerJeff Mitchell <jeff@jefferai.org>2010-05-28 14:47:32 -0400
commit79df72e1a67a9566c952414a2a1dc9cded7ed625 (patch)
tree1a2b28664dcbf8575d1938876db91524b028ea10 /plugins/mod_saslauth.lua
parentb9196dd592b734c54b1282c04d3f6825f6bf4c53 (diff)
downloadprosody-79df72e1a67a9566c952414a2a1dc9cded7ed625.tar.gz
prosody-79df72e1a67a9566c952414a2a1dc9cded7ed625.zip
Correct out of order logic in mod_hashpassauth
Make saslauth check the existence of the get_password and test_password functions to determine which authentication profile to use.
Diffstat (limited to 'plugins/mod_saslauth.lua')
-rw-r--r--plugins/mod_saslauth.lua17
1 files changed, 9 insertions, 8 deletions
diff --git a/plugins/mod_saslauth.lua b/plugins/mod_saslauth.lua
index 4ba0f1fd..6499eafe 100644
--- a/plugins/mod_saslauth.lua
+++ b/plugins/mod_saslauth.lua
@@ -15,6 +15,7 @@ local base64 = require "util.encodings".base64;
local nodeprep = require "util.encodings".stringprep.nodeprep;
local datamanager_load = require "util.datamanager".load;
+local usermanager_get_provider = require "core.usermanager".get_provider;
local usermanager_get_supported_methods = require "core.usermanager".get_supported_methods;
local usermanager_user_exists = require "core.usermanager".user_exists;
local usermanager_get_password = require "core.usermanager".get_password;
@@ -66,7 +67,7 @@ else
error("Unknown SASL backend");
end
-local default_authentication_profile = {
+local getpass_authentication_profile = {
plain = function(username, realm)
local prepped_username = nodeprep(username);
if not prepped_username then
@@ -81,7 +82,7 @@ local default_authentication_profile = {
end
};
-local hashpass_authentication_profile = {
+local testpass_authentication_profile = {
plain_test = function(username, password, realm)
local prepped_username = nodeprep(username);
if not prepped_username then
@@ -194,12 +195,12 @@ module:hook("stream-features", function(event)
if module:get_option("anonymous_login") then
origin.sasl_handler = new_sasl(realm, anonymous_authentication_profile);
else
- local authentication = module:get_option("authentication");
- log("debug", "AUTH: creating handler for '%s' type", authentication);
- if authentication == nil or authentication == "default" then
- origin.sasl_handler = new_sasl(realm, default_authentication_profile);
- elseif authentication == "hashpass" then
- origin.sasl_handler = new_sasl(realm, hashpass_authentication_profile);
+ if usermanager_get_provider(realm).get_password then
+ origin.sasl_handler = new_sasl(realm, getpass_authentication_profile);
+ elseif usermanager_get_provider(realm).test_password then
+ origin.sasl_handler = new_sasl(realm, testpass_authentication_profile);
+ else
+ log("warning", "AUTH: Could not load an authentication profile for the given provider.");
end
if not (module:get_option("allow_unencrypted_plain_auth")) and not origin.secure then
origin.sasl_handler:forbidden({"PLAIN"});