aboutsummaryrefslogtreecommitdiffstats
path: root/plugins
diff options
context:
space:
mode:
authorKim Alvefur <zash@zash.se>2012-08-07 17:00:12 +0200
committerKim Alvefur <zash@zash.se>2012-08-07 17:00:12 +0200
commit715867da8ab2fc1793d33bc198303af8ada0a14a (patch)
treeca9cd6e962036467daed6a3f48b521dbb4cc5c4f /plugins
parentf6edccc24c0ebf7b4ec86826d66259ba1cad8f0d (diff)
downloadprosody-715867da8ab2fc1793d33bc198303af8ada0a14a.tar.gz
prosody-715867da8ab2fc1793d33bc198303af8ada0a14a.zip
mod_legacyauth: Return an error if username or resource fails stringprep (thanks iron)
Diffstat (limited to 'plugins')
-rw-r--r--plugins/mod_legacyauth.lua4
1 files changed, 4 insertions, 0 deletions
diff --git a/plugins/mod_legacyauth.lua b/plugins/mod_legacyauth.lua
index a47f0223..7a3038bc 100644
--- a/plugins/mod_legacyauth.lua
+++ b/plugins/mod_legacyauth.lua
@@ -58,6 +58,10 @@ module:hook("stanza/iq/jabber:iq:auth:query", function(event)
username = nodeprep(username);
resource = resourceprep(resource)
local reply = st.reply(stanza);
+ if not (username and resource) then
+ session.send(st.error_reply(stanza, "modify", "bad-request"));
+ return true;
+ end
if usermanager.test_password(username, session.host, password) then
-- Authentication successful!
local success, err = sessionmanager.make_authenticated(session, username);