aboutsummaryrefslogtreecommitdiffstats
path: root/plugins
diff options
context:
space:
mode:
authorKim Alvefur <zash@zash.se>2012-08-07 17:00:12 +0200
committerKim Alvefur <zash@zash.se>2012-08-07 17:00:12 +0200
commitba9418cd026869de7a067bac32b9b77172ec78b2 (patch)
treeca9cd6e962036467daed6a3f48b521dbb4cc5c4f /plugins
parentbcb9e7e055f7bd808e4437571f54ffea9174b101 (diff)
downloadprosody-ba9418cd026869de7a067bac32b9b77172ec78b2.tar.gz
prosody-ba9418cd026869de7a067bac32b9b77172ec78b2.zip
mod_legacyauth: Return an error if username or resource fails stringprep (thanks iron)
Diffstat (limited to 'plugins')
-rw-r--r--plugins/mod_legacyauth.lua4
1 files changed, 4 insertions, 0 deletions
diff --git a/plugins/mod_legacyauth.lua b/plugins/mod_legacyauth.lua
index a47f0223..7a3038bc 100644
--- a/plugins/mod_legacyauth.lua
+++ b/plugins/mod_legacyauth.lua
@@ -58,6 +58,10 @@ module:hook("stanza/iq/jabber:iq:auth:query", function(event)
username = nodeprep(username);
resource = resourceprep(resource)
local reply = st.reply(stanza);
+ if not (username and resource) then
+ session.send(st.error_reply(stanza, "modify", "bad-request"));
+ return true;
+ end
if usermanager.test_password(username, session.host, password) then
-- Authentication successful!
local success, err = sessionmanager.make_authenticated(session, username);