From 8ec1bec1fece3058a59ce275b08779859bc9654b Mon Sep 17 00:00:00 2001 From: Paul Aurich Date: Wed, 17 Mar 2010 18:57:19 -0700 Subject: util.sasl_cyrus: Protect the call to cyrussasl.server_new properly. --- util/sasl_cyrus.lua | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/util/sasl_cyrus.lua b/util/sasl_cyrus.lua index d011e08b..f20aff51 100644 --- a/util/sasl_cyrus.lua +++ b/util/sasl_cyrus.lua @@ -52,7 +52,14 @@ function new(realm, service_name) sasl_i.realm = realm; sasl_i.service_name = service_name; - sasl_i.cyrus = cyrussasl.server_new(service_name, nil, realm, nil, nil) + + local st, ret = pcall(cyrussasl.server_new, service_name, nil, realm, nil, nil) + if st then + sasl_i.cyrus = ret; + else + log("error", "server_new failed: %s", ret); + return nil; + end if cyrussasl.set_canon_cb then local c14n_cb = function (user) @@ -63,10 +70,6 @@ function new(realm, service_name) cyrussasl.set_canon_cb(sasl_i.cyrus, c14n_cb); end - if sasl_i.cyrus == 0 then - log("error", "got NULL return value from server_new") - return nil; - end cyrussasl.setssf(sasl_i.cyrus, 0, 0xffffffff) local s = setmetatable(sasl_i, method); return s; -- cgit v1.2.3 From d8c2bb590c23ddc0810c0e7ea6e182065f4b6f6d Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Thu, 18 Mar 2010 10:05:35 +0000 Subject: util.sasl_cyrus: Clarify some log messages and levels --- util/sasl_cyrus.lua | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/util/sasl_cyrus.lua b/util/sasl_cyrus.lua index f20aff51..7e0cbc29 100644 --- a/util/sasl_cyrus.lua +++ b/util/sasl_cyrus.lua @@ -39,7 +39,7 @@ local function init(service_name) if st then initialized = true; else - log("error", "Failed to initialize CyrusSASL: %s", errmsg); + log("error", "Failed to initialize Cyrus SASL: %s", errmsg); end end end @@ -57,7 +57,7 @@ function new(realm, service_name) if st then sasl_i.cyrus = ret; else - log("error", "server_new failed: %s", ret); + log("error", "Creating SASL server connection failed: %s", ret); return nil; end @@ -82,7 +82,7 @@ end -- set the forbidden mechanisms function method:forbidden( restrict ) - log("debug", "Called method:forbidden. NOT IMPLEMENTED.") + log("warn", "Called method:forbidden. NOT IMPLEMENTED.") return {} end -- cgit v1.2.3 From 367052b11183ae48ca5b5c38493ff22fba943b56 Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Thu, 18 Mar 2010 10:10:37 +0000 Subject: util.sasl_cyrus: Return invalid-mechanism instead of undefined-condition where appropriate --- util/sasl_cyrus.lua | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/util/sasl_cyrus.lua b/util/sasl_cyrus.lua index 7e0cbc29..b5b0e08d 100644 --- a/util/sasl_cyrus.lua +++ b/util/sasl_cyrus.lua @@ -123,16 +123,12 @@ function method:process(message) return "challenge", data elseif (err == -4) then -- SASL_NOMECH log("debug", "SASL mechanism not available from remote end") - return "failure", - "undefined-condition", - "SASL mechanism not available" + return "failure", "invalid-mechanism", "SASL mechanism not available" elseif (err == -13) then -- SASL_BADAUTH return "failure", "not-authorized", cyrussasl.get_message( self.cyrus ) else log("debug", "Got SASL error condition %d", err) - return "failure", - "undefined-condition", - cyrussasl.get_message( self.cyrus ) + return "failure", "undefined-condition", cyrussasl.get_message( self.cyrus ) end end -- cgit v1.2.3