diff options
Diffstat (limited to 'plugins/mod_auth_cyrus.lua')
-rw-r--r-- | plugins/mod_auth_cyrus.lua | 78 |
1 files changed, 45 insertions, 33 deletions
diff --git a/plugins/mod_auth_cyrus.lua b/plugins/mod_auth_cyrus.lua index ed3d5408..7668f8c4 100644 --- a/plugins/mod_auth_cyrus.lua +++ b/plugins/mod_auth_cyrus.lua @@ -14,6 +14,7 @@ local cyrus_service_realm = module:get_option("cyrus_service_realm"); local cyrus_service_name = module:get_option("cyrus_service_name"); local cyrus_application_name = module:get_option("cyrus_application_name"); local require_provisioning = module:get_option("cyrus_require_provisioning") or false; +local host_fqdn = module:get_option("cyrus_server_fqdn"); prosody.unlock_globals(); --FIXME: Figure out why this is needed and -- why cyrussasl isn't caught by the sandbox @@ -23,50 +24,61 @@ local new_sasl = function(realm) return cyrus_new( cyrus_service_realm or realm, cyrus_service_name or "xmpp", - cyrus_application_name or "prosody" + cyrus_application_name or "prosody", + host_fqdn ); end -function new_default_provider(host) - local provider = { name = "cyrus" }; - log("debug", "initializing default authentication provider for host '%s'", host); - - function provider.test_password(username, password) - return nil, "Legacy auth not supported with Cyrus SASL."; - end - - function provider.get_password(username) - return nil, "Passwords unavailable for Cyrus SASL."; +do -- diagnostic + local list; + for mechanism in pairs(new_sasl(module.host):mechanisms()) do + list = (not(list) and mechanism) or (list..", "..mechanism); end - - function provider.set_password(username, password) - return nil, "Passwords unavailable for Cyrus SASL."; + if not list then + module:log("error", "No Cyrus SASL mechanisms available"); + else + module:log("debug", "Available Cyrus SASL mechanisms: %s", list); end +end - function provider.user_exists(username) - if require_provisioning then - return usermanager_user_exists(username, module.host); - end - return true; - end +local host = module.host; + +-- define auth provider +local provider = {}; +log("debug", "initializing default authentication provider for host '%s'", host); + +function provider.test_password(username, password) + return nil, "Legacy auth not supported with Cyrus SASL."; +end - function provider.create_user(username, password) - return nil, "Account creation/modification not available with Cyrus SASL."; +function provider.get_password(username) + return nil, "Passwords unavailable for Cyrus SASL."; +end + +function provider.set_password(username, password) + return nil, "Passwords unavailable for Cyrus SASL."; +end + +function provider.user_exists(username) + if require_provisioning then + return usermanager_user_exists(username, host); end + return true; +end + +function provider.create_user(username, password) + return nil, "Account creation/modification not available with Cyrus SASL."; +end - function provider.get_sasl_handler() - local realm = module:get_option("sasl_realm") or module.host; - local handler = new_sasl(realm); - if require_provisioning then - function handler.require_provisioning(username) - return usermanager_user_exists(username, module.host); - end +function provider.get_sasl_handler() + local handler = new_sasl(host); + if require_provisioning then + function handler.require_provisioning(username) + return usermanager_user_exists(username, host); end - return handler; end - - return provider; + return handler; end -module:add_item("auth-provider", new_default_provider(module.host)); +module:provides("auth", provider); |