aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--plugins/mod_saslauth.lua7
-rw-r--r--util/sasl.lua7
2 files changed, 6 insertions, 8 deletions
diff --git a/plugins/mod_saslauth.lua b/plugins/mod_saslauth.lua
index 9884ec5c..bea1012a 100644
--- a/plugins/mod_saslauth.lua
+++ b/plugins/mod_saslauth.lua
@@ -66,15 +66,14 @@ local function handle_status(session, status)
end
end
-local function password_callback(node, host, mechanism, raw_host)
- log("host", host);
- log("raw_host", raw_host);
- local password = (datamanager.load(node, raw_host, "accounts") or {}).password; -- FIXME handle hashed passwords
+local function password_callback(node, host, mechanism, decoder)
+ local password = (datamanager.load(node, host, "accounts") or {}).password; -- FIXME handle hashed passwords
local func = function(x) return x; end;
if password then
if mechanism == "PLAIN" then
return func, password;
elseif mechanism == "DIGEST-MD5" then
+ if decoder then node, host, password = decoder(node), decoder(host), decoder(password); end
return func, md5(node..":"..host..":"..password);
end
end
diff --git a/util/sasl.lua b/util/sasl.lua
index 75f1da96..89980eb2 100644
--- a/util/sasl.lua
+++ b/util/sasl.lua
@@ -177,11 +177,10 @@ local function new_digest_md5(realm, password_handler)
if not response["qop"] then response["qop"] = "auth" end
if response["realm"] == nil then response["realm"] = "" end
- local raw_realm = response["realm"];
+ local decoder;
if response["charset"] == nil then
- response["username"] = latin1toutf8(response["username"])
- response["realm"] = utf8tolatin1ifpossible(response["realm"])
+ decoder = utf8tolatin1ifpossible;
elseif response["charset"] ~= "utf-8" then
return "failure", "incorrect-encoding", "The client's response uses "..response["charset"].." for encoding with isn't supported by sasl.lua. Supported encodings are latin or utf-8."
end
@@ -197,7 +196,7 @@ local function new_digest_md5(realm, password_handler)
--TODO maybe realm support
self.username = response["username"]
- local password_encoding, Y = self.password_handler(response["username"], response["realm"], "DIGEST-MD5", raw_realm)
+ local password_encoding, Y = self.password_handler(response["username"], response["realm"], "DIGEST-MD5", decoder)
if Y == nil then return "failure", "not-authorized"
elseif Y == false then return "failure", "account-disabled" end