Merge Tobias SCRAM-PLUS work

author: Kim Alvefur <zash@zash.se> 2013-09-22 00:44:20 +0200
committer: Kim Alvefur <zash@zash.se> 2013-09-22 00:44:20 +0200
commit: 7acb88a57602b9211399b3a08b92437c0d9998fa (patch)
tree: 1ba72d8451742d9783eb651a8e11b02d489f57a2 /plugins/mod_saslauth.lua
parent: bec0e278696c71d1a43be1e04c345be1a27cfc15 (diff)
parent: f06c9f7d0da2fb9f1d0af09ce24e74b983fa49b3 (diff)
download: prosody-7acb88a57602b9211399b3a08b92437c0d9998fa.tar.gz
prosody-7acb88a57602b9211399b3a08b92437c0d9998fa.zip
1 files changed, 10 insertions, 0 deletions
diff --git a/plugins/mod_saslauth.lua b/plugins/mod_saslauth.lua
index 1bf6fb96..f24eacf8 100644
--- a/plugins/mod_saslauth.lua
+++ b/plugins/mod_saslauth.lua
@@ -242,6 +242,16 @@ module:hook("stream-features", function(event)
 			return;
 		end
 		origin.sasl_handler = usermanager_get_sasl_handler(module.host, origin);
+		if origin.secure then
+			-- check wether LuaSec has the nifty binding to the function needed for tls-unique
+			-- FIXME: would be nice to have this check only once and not for every socket
+			if origin.conn:socket().getpeerfinished then
+				origin.sasl_handler:add_cb_handler("tls-unique", function(self)
+					return self.userdata:getpeerfinished();
+				end);
+				origin.sasl_handler["userdata"] = origin.conn:socket();
+			end
+		end
 		local mechanisms = st.stanza("mechanisms", mechanisms_attr);
 		for mechanism in pairs(origin.sasl_handler:mechanisms()) do
 			if mechanism ~= "PLAIN" or origin.secure or allow_unencrypted_plain_auth then
author	Kim Alvefur <zash@zash.se>	2013-09-22 00:44:20 +0200
committer	Kim Alvefur <zash@zash.se>	2013-09-22 00:44:20 +0200
commit	7acb88a57602b9211399b3a08b92437c0d9998fa (patch)
tree	1ba72d8451742d9783eb651a8e11b02d489f57a2 /plugins/mod_saslauth.lua
parent	bec0e278696c71d1a43be1e04c345be1a27cfc15 (diff)
parent	f06c9f7d0da2fb9f1d0af09ce24e74b983fa49b3 (diff)
download	prosody-7acb88a57602b9211399b3a08b92437c0d9998fa.tar.gz prosody-7acb88a57602b9211399b3a08b92437c0d9998fa.zip