diff options
Diffstat (limited to 'plugins/mod_saslauth.lua')
| -rw-r--r-- | plugins/mod_saslauth.lua | 27 |
1 files changed, 14 insertions, 13 deletions
diff --git a/plugins/mod_saslauth.lua b/plugins/mod_saslauth.lua index 0cae5833..c0360553 100644 --- a/plugins/mod_saslauth.lua +++ b/plugins/mod_saslauth.lua @@ -1,7 +1,7 @@ -- Prosody IM --- Copyright (C) 2008-2009 Matthew Wild --- Copyright (C) 2008-2009 Waqas Hussain --- +-- Copyright (C) 2008-2010 Matthew Wild +-- Copyright (C) 2008-2010 Waqas Hussain +-- -- This project is MIT/X11 licensed. Please see the -- COPYING file in the source package for more information. -- @@ -35,7 +35,9 @@ local xmlns_bind ='urn:ietf:params:xml:ns:xmpp-bind'; local xmlns_stanzas ='urn:ietf:params:xml:ns:xmpp-stanzas'; local new_sasl; -if sasl_backend == "cyrus" then +if sasl_backend == "builtin" then + new_sasl = require "util.sasl".new; +elseif sasl_backend == "cyrus" then prosody.unlock_globals(); --FIXME: Figure out why this is needed and -- why cyrussasl isn't caught by the sandbox local ok, cyrus = pcall(require, "util.sasl_cyrus"); @@ -46,14 +48,12 @@ if sasl_backend == "cyrus" then return cyrus_new(realm, module:get_option("cyrus_service_name") or "xmpp"); end else - sasl_backend = "builtin"; - module:log("warn", "Failed to load Cyrus SASL, falling back to builtin auth mechanisms"); - module:log("debug", "Failed to load Cyrus because: %s", cyrus); + module:log("error", "Failed to load Cyrus SASL because: %s", cyrus); + error("Failed to load Cyrus SASL"); end -end -if not new_sasl then - if sasl_backend ~= "builtin" then module:log("warn", "Unknown SASL backend %s", sasl_backend); end; - new_sasl = require "util.sasl".new; +else + module:log("error", "Unknown SASL backend: %s", sasl_backend); + error("Unknown SASL backend"); end local default_authentication_profile = { @@ -161,10 +161,11 @@ module:hook("stream-features", function(event) if secure_auth_only and not origin.secure then return; end + local realm = module:get_option("sasl_realm") or origin.host; if module:get_option("anonymous_login") then - origin.sasl_handler = new_sasl(origin.host, anonymous_authentication_profile); + origin.sasl_handler = new_sasl(realm, anonymous_authentication_profile); else - origin.sasl_handler = new_sasl(origin.host, default_authentication_profile); + origin.sasl_handler = new_sasl(realm, default_authentication_profile); if not (module:get_option("allow_unencrypted_plain_auth")) and not origin.secure then origin.sasl_handler:forbidden({"PLAIN"}); end |