diff options
-rw-r--r-- | plugins/mod_compression.lua | 2 | ||||
-rw-r--r-- | plugins/mod_privacy.lua | 2 | ||||
-rw-r--r-- | plugins/mod_register.lua | 1 | ||||
-rw-r--r-- | util/sasl_cyrus.lua | 47 |
4 files changed, 47 insertions, 5 deletions
diff --git a/plugins/mod_compression.lua b/plugins/mod_compression.lua index 9edee44a..d890931f 100644 --- a/plugins/mod_compression.lua +++ b/plugins/mod_compression.lua @@ -56,7 +56,7 @@ module:hook_stanza(xmlns_stream, "features", local algorithm = a[1] if algorithm == "zlib" then session.sends2s(st.stanza("compress", {xmlns=xmlns_compression_protocol}):tag("method"):text("zlib")) - session.log("info", "Enabled compression using zlib.") + session.log("debug", "Enabled compression using zlib.") return true; end end diff --git a/plugins/mod_privacy.lua b/plugins/mod_privacy.lua index 8dbc2bc4..10f44950 100644 --- a/plugins/mod_privacy.lua +++ b/plugins/mod_privacy.lua @@ -301,7 +301,7 @@ function checkIfNeedToBeBlocked(e, session) local origin, stanza = e.origin, e.stanza; local privacy_lists = datamanager.load(session.username, session.host, "privacy") or {}; local bare_jid = session.username.."@"..session.host; - local to = stanza.attr.to; + local to = stanza.attr.to or bare_jid; local from = stanza.attr.from; local is_to_user = bare_jid == jid_bare(to); diff --git a/plugins/mod_register.lua b/plugins/mod_register.lua index 7e150ac7..a35b4c5c 100644 --- a/plugins/mod_register.lua +++ b/plugins/mod_register.lua @@ -59,6 +59,7 @@ module:add_iq_handler("c2s", "jabber:iq:register", function (session, stanza) end end datamanager.store(username, host, "roster", nil); + datamanager.store(username, host, "privacy", nil); datamanager.store(username, host, "accounts", nil); -- delete accounts datastore at the end module:log("info", "User removed their account: %s@%s", username, host); module:fire_event("user-deregistered", { username = username, host = host, source = "mod_register", session = session }); diff --git a/util/sasl_cyrus.lua b/util/sasl_cyrus.lua index add7fe45..7d35b5e4 100644 --- a/util/sasl_cyrus.lua +++ b/util/sasl_cyrus.lua @@ -27,6 +27,47 @@ local print = print local pcall = pcall local s_match, s_gmatch = string.match, string.gmatch +local sasl_errstring = { + -- SASL result codes -- + [1] = "another step is needed in authentication"; + [0] = "successful result"; + [-1] = "generic failure"; + [-2] = "memory shortage failure"; + [-3] = "overflowed buffer"; + [-4] = "mechanism not supported"; + [-5] = "bad protocol / cancel"; + [-6] = "can't request info until later in exchange"; + [-7] = "invalid parameter supplied"; + [-8] = "transient failure (e.g., weak key)"; + [-9] = "integrity check failed"; + [-12] = "SASL library not initialized"; + + -- client only codes -- + [2] = "needs user interaction"; + [-10] = "server failed mutual authentication step"; + [-11] = "mechanism doesn't support requested feature"; + + -- server only codes -- + [-13] = "authentication failure"; + [-14] = "authorization failure"; + [-15] = "mechanism too weak for this user"; + [-16] = "encryption needed to use mechanism"; + [-17] = "One time use of a plaintext password will enable requested mechanism for user"; + [-18] = "passphrase expired, has to be reset"; + [-19] = "account disabled"; + [-20] = "user not found"; + [-23] = "version mismatch with plug-in"; + [-24] = "remote authentication server unavailable"; + [-26] = "user exists, but no verifier for user"; + + -- codes for password setting -- + [-21] = "passphrase locked"; + [-22] = "requested change was not needed"; + [-27] = "passphrase is too weak for security policy"; + [-28] = "user supplied passwords not permitted"; +}; +setmetatable(sasl_errstring, { __index = function() return "undefined error!" end }); + module "sasl_cyrus" local method = {}; @@ -125,10 +166,10 @@ function method:process(message) log("debug", "SASL mechanism not available from remote end") return "failure", "invalid-mechanism", "SASL mechanism not available" elseif (err == -13) then -- SASL_BADAUTH - return "failure", "not-authorized", cyrussasl.get_message( self.cyrus ) + return "failure", "not-authorized", sasl_errstring[err]; else - log("debug", "Got SASL error condition %d: %s", err, cyrussasl.get_message( self.cyrus )) - return "failure", "undefined-condition", cyrussasl.get_message( self.cyrus ) + log("debug", "Got SASL error condition %d: %s", err, sasl_errstring[err]); + return "failure", "undefined-condition", sasl_errstring[err]; end end |