aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--plugins/mod_saslauth.lua5
-rw-r--r--util/sasl_cyrus.lua10
2 files changed, 13 insertions, 2 deletions
diff --git a/plugins/mod_saslauth.lua b/plugins/mod_saslauth.lua
index 0cae5833..1143549a 100644
--- a/plugins/mod_saslauth.lua
+++ b/plugins/mod_saslauth.lua
@@ -161,10 +161,11 @@ module:hook("stream-features", function(event)
if secure_auth_only and not origin.secure then
return;
end
+ local realm = module:get_option("sasl_realm") or origin.host;
if module:get_option("anonymous_login") then
- origin.sasl_handler = new_sasl(origin.host, anonymous_authentication_profile);
+ origin.sasl_handler = new_sasl(realm, anonymous_authentication_profile);
else
- origin.sasl_handler = new_sasl(origin.host, default_authentication_profile);
+ origin.sasl_handler = new_sasl(realm, default_authentication_profile);
if not (module:get_option("allow_unencrypted_plain_auth")) and not origin.secure then
origin.sasl_handler:forbidden({"PLAIN"});
end
diff --git a/util/sasl_cyrus.lua b/util/sasl_cyrus.lua
index 132da533..d011e08b 100644
--- a/util/sasl_cyrus.lua
+++ b/util/sasl_cyrus.lua
@@ -53,6 +53,16 @@ function new(realm, service_name)
sasl_i.realm = realm;
sasl_i.service_name = service_name;
sasl_i.cyrus = cyrussasl.server_new(service_name, nil, realm, nil, nil)
+
+ if cyrussasl.set_canon_cb then
+ local c14n_cb = function (user)
+ local node = s_match(user, "^([^@]+)");
+ log("debug", "Canonicalizing username %s to %s", user, node)
+ return node
+ end
+ cyrussasl.set_canon_cb(sasl_i.cyrus, c14n_cb);
+ end
+
if sasl_i.cyrus == 0 then
log("error", "got NULL return value from server_new")
return nil;