diff options
| author | Matthew Wild <mwild1@gmail.com> | 2009-11-28 17:40:49 +0000 |
|---|---|---|
| committer | Matthew Wild <mwild1@gmail.com> | 2009-11-28 17:40:49 +0000 |
| commit | cfc34ec992be3feceed3497acb7b4b80ba7f259b (patch) | |
| tree | ab9eef4b52e64e0601bf105926e77fe674a0230f /util | |
| parent | 4267a24ab79792f5e8ea993f84a6902beaabe94a (diff) | |
| parent | b022ba7fc29418504fcbe6890a784d3cef2cb265 (diff) | |
| download | prosody-cfc34ec992be3feceed3497acb7b4b80ba7f259b.tar.gz prosody-cfc34ec992be3feceed3497acb7b4b80ba7f259b.zip | |
Merge with Tobias
Diffstat (limited to 'util')
| -rw-r--r-- | util/sasl.lua | 9 | ||||
| -rw-r--r-- | util/sasl/digest-md5.lua | 6 | ||||
| -rw-r--r-- | util/sasl/scram.lua | 4 |
3 files changed, 8 insertions, 11 deletions
diff --git a/util/sasl.lua b/util/sasl.lua index e3ae8087..9c8fff78 100644 --- a/util/sasl.lua +++ b/util/sasl.lua @@ -83,10 +83,11 @@ end -- create a new SASL object which can be used to authenticate clients function new(realm, profile, forbidden) - sasl_i = {profile = profile}; + local sasl_i = {profile = profile}; sasl_i.realm = realm; - s = setmetatable(sasl_i, method); - s:forbidden(sasl_i, forbidden) + local s = setmetatable(sasl_i, method); + if forbidden == nil then forbidden = {} end + s:forbidden(forbidden) return s; end @@ -112,7 +113,7 @@ function method:mechanisms() for backend, f in pairs(self.profile) do if backend_mechanism[backend] then for _, mechanism in ipairs(backend_mechanism[backend]) do - if not sasl_i.restrict:contains(mechanism) then + if not self.restrict:contains(mechanism) then mechanisms[mechanism] = true; end end diff --git a/util/sasl/digest-md5.lua b/util/sasl/digest-md5.lua index f8e0e393..a14e875b 100644 --- a/util/sasl/digest-md5.lua +++ b/util/sasl/digest-md5.lua @@ -28,10 +28,6 @@ module "digest-md5" --========================= --SASL DIGEST-MD5 according to RFC 2831 -local function digest_response() - - return response, A1, A2 -end local function digest(self, message) --TODO complete support for authzid @@ -174,7 +170,7 @@ local function digest(self, message) local password, state = self.profile.plain(response["username"], self.realm) if state == nil then return "failure", "not-authorized" elseif state == false then return "failure", "account-disabled" end - Y = md5(response["username"]..":"..response["realm"]..":"..password); + local Y = md5(response["username"]..":"..response["realm"]..":"..password); elseif self.profile["digest-md5"] then local Y, state = self.profile["digest-md5"](response["username"], self.realm, response["realm"], response["charset"]) if state == nil then return "failure", "not-authorized" diff --git a/util/sasl/scram.lua b/util/sasl/scram.lua index 4413e2a6..1e9c6f7d 100644 --- a/util/sasl/scram.lua +++ b/util/sasl/scram.lua @@ -54,7 +54,7 @@ local function Hi(hmac, str, salt, i) local Ust = hmac(str, salt.."\0\0\0\1"); local res = Ust; for n=1,i-1 do - Und = hmac(str, Ust) + local Und = hmac(str, Ust) res = binaryXOR(res, Und) Ust = Und end @@ -118,7 +118,7 @@ local function scram_sha_1(self, message) local password; if self.profile.plain then - password, state = self.profile.plain(self.state.name, self.realm) + local password, state = self.profile.plain(self.state.name, self.realm) if state == nil then return "failure", "not-authorized" elseif state == false then return "failure", "account-disabled" end password = saslprep(password); |