aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--plugins/mod_compression.lua2
-rw-r--r--plugins/mod_privacy.lua2
-rw-r--r--plugins/mod_register.lua1
-rw-r--r--util/sasl_cyrus.lua47
4 files changed, 47 insertions, 5 deletions
diff --git a/plugins/mod_compression.lua b/plugins/mod_compression.lua
index 9edee44a..d890931f 100644
--- a/plugins/mod_compression.lua
+++ b/plugins/mod_compression.lua
@@ -56,7 +56,7 @@ module:hook_stanza(xmlns_stream, "features",
local algorithm = a[1]
if algorithm == "zlib" then
session.sends2s(st.stanza("compress", {xmlns=xmlns_compression_protocol}):tag("method"):text("zlib"))
- session.log("info", "Enabled compression using zlib.")
+ session.log("debug", "Enabled compression using zlib.")
return true;
end
end
diff --git a/plugins/mod_privacy.lua b/plugins/mod_privacy.lua
index 8dbc2bc4..10f44950 100644
--- a/plugins/mod_privacy.lua
+++ b/plugins/mod_privacy.lua
@@ -301,7 +301,7 @@ function checkIfNeedToBeBlocked(e, session)
local origin, stanza = e.origin, e.stanza;
local privacy_lists = datamanager.load(session.username, session.host, "privacy") or {};
local bare_jid = session.username.."@"..session.host;
- local to = stanza.attr.to;
+ local to = stanza.attr.to or bare_jid;
local from = stanza.attr.from;
local is_to_user = bare_jid == jid_bare(to);
diff --git a/plugins/mod_register.lua b/plugins/mod_register.lua
index 7e150ac7..a35b4c5c 100644
--- a/plugins/mod_register.lua
+++ b/plugins/mod_register.lua
@@ -59,6 +59,7 @@ module:add_iq_handler("c2s", "jabber:iq:register", function (session, stanza)
end
end
datamanager.store(username, host, "roster", nil);
+ datamanager.store(username, host, "privacy", nil);
datamanager.store(username, host, "accounts", nil); -- delete accounts datastore at the end
module:log("info", "User removed their account: %s@%s", username, host);
module:fire_event("user-deregistered", { username = username, host = host, source = "mod_register", session = session });
diff --git a/util/sasl_cyrus.lua b/util/sasl_cyrus.lua
index add7fe45..7d35b5e4 100644
--- a/util/sasl_cyrus.lua
+++ b/util/sasl_cyrus.lua
@@ -27,6 +27,47 @@ local print = print
local pcall = pcall
local s_match, s_gmatch = string.match, string.gmatch
+local sasl_errstring = {
+ -- SASL result codes --
+ [1] = "another step is needed in authentication";
+ [0] = "successful result";
+ [-1] = "generic failure";
+ [-2] = "memory shortage failure";
+ [-3] = "overflowed buffer";
+ [-4] = "mechanism not supported";
+ [-5] = "bad protocol / cancel";
+ [-6] = "can't request info until later in exchange";
+ [-7] = "invalid parameter supplied";
+ [-8] = "transient failure (e.g., weak key)";
+ [-9] = "integrity check failed";
+ [-12] = "SASL library not initialized";
+
+ -- client only codes --
+ [2] = "needs user interaction";
+ [-10] = "server failed mutual authentication step";
+ [-11] = "mechanism doesn't support requested feature";
+
+ -- server only codes --
+ [-13] = "authentication failure";
+ [-14] = "authorization failure";
+ [-15] = "mechanism too weak for this user";
+ [-16] = "encryption needed to use mechanism";
+ [-17] = "One time use of a plaintext password will enable requested mechanism for user";
+ [-18] = "passphrase expired, has to be reset";
+ [-19] = "account disabled";
+ [-20] = "user not found";
+ [-23] = "version mismatch with plug-in";
+ [-24] = "remote authentication server unavailable";
+ [-26] = "user exists, but no verifier for user";
+
+ -- codes for password setting --
+ [-21] = "passphrase locked";
+ [-22] = "requested change was not needed";
+ [-27] = "passphrase is too weak for security policy";
+ [-28] = "user supplied passwords not permitted";
+};
+setmetatable(sasl_errstring, { __index = function() return "undefined error!" end });
+
module "sasl_cyrus"
local method = {};
@@ -125,10 +166,10 @@ function method:process(message)
log("debug", "SASL mechanism not available from remote end")
return "failure", "invalid-mechanism", "SASL mechanism not available"
elseif (err == -13) then -- SASL_BADAUTH
- return "failure", "not-authorized", cyrussasl.get_message( self.cyrus )
+ return "failure", "not-authorized", sasl_errstring[err];
else
- log("debug", "Got SASL error condition %d: %s", err, cyrussasl.get_message( self.cyrus ))
- return "failure", "undefined-condition", cyrussasl.get_message( self.cyrus )
+ log("debug", "Got SASL error condition %d: %s", err, sasl_errstring[err]);
+ return "failure", "undefined-condition", sasl_errstring[err];
end
end