From 8980fe5b9644551f76ca0d4bb59598ad2fb9940e Mon Sep 17 00:00:00 2001 From: Tobias Markmann Date: Mon, 24 May 2010 18:15:16 +0200 Subject: util.sasl.*: Adjusting authentication provider names. All '-' replaced with '_' --- util/sasl/digest-md5.lua | 4 ++-- util/sasl/scram.lua | 13 ++++++++++--- 2 files changed, 12 insertions(+), 5 deletions(-) diff --git a/util/sasl/digest-md5.lua b/util/sasl/digest-md5.lua index 8986ca45..2837148e 100644 --- a/util/sasl/digest-md5.lua +++ b/util/sasl/digest-md5.lua @@ -32,13 +32,13 @@ module "digest-md5" --[[ Supported Authentication Backends -digest-md5: +digest_md5: function(username, domain, realm, encoding) -- domain and realm are usually the same; for some broken -- implementations it's not return digesthash, state; end -digest-md5-test: +digest_md5_test: function(username, domain, realm, encoding, digesthash) return true or false, state; end diff --git a/util/sasl/scram.lua b/util/sasl/scram.lua index 48536dff..41c7a50a 100644 --- a/util/sasl/scram.lua +++ b/util/sasl/scram.lua @@ -32,7 +32,8 @@ module "scram" --[[ Supported Authentication Backends -scram-{MECH}: +scram_{MECH}: + -- MECH being a standard hash name (like those at IANA's hash registry) with '-' replaced with '_' function(username, realm) return salted_password, iteration_count, salt, state; end @@ -92,6 +93,12 @@ local function validate_username(username) return username; end +local function hashprep( hashname ) + local hash = hashname:lower() + hash = hash:gsub("-", "_") + return hash +end + function saltedPasswordSHA1(password, salt, iteration_count) local salted_password if type(password) ~= "string" or type(salt) ~= "string" or type(iteration_count) ~= "number" then @@ -156,7 +163,7 @@ local function scram_gen(hash_name, H_f, HMAC_f) log("error", "Generating salted password failed. Reason: %s", self.state.salted_password); return "failure", "temporary-auth-failure"; end - elseif self.profile["scram_"..hash_name] then + elseif self.profile["scram_"..hashprep(hash_name)] then local salted_password, iteration_count, salt, state = self.profile["scram-"..hash_name](self.state.name, self.realm); if state == nil then return "failure", "not-authorized" elseif state == false then return "failure", "account-disabled" end @@ -206,7 +213,7 @@ end function init(registerMechanism) local function registerSCRAMMechanism(hash_name, hash, hmac_hash) - registerMechanism("SCRAM-"..hash_name, {"plain", "scram_"..(hash_name:lower())}, scram_gen(hash_name:lower(), hash, hmac_hash)); + registerMechanism("SCRAM-"..hash_name, {"plain", "scram_"..(hashprep(hash_name))}, scram_gen(hash_name:lower(), hash, hmac_hash)); end registerSCRAMMechanism("SHA-1", sha1, hmac_sha1); -- cgit v1.2.3 From a48703aa3b3006d66c7e0e685fa13fc6723c936d Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Mon, 24 May 2010 19:44:27 +0100 Subject: util.sasl.scram: Fix remaining - in profile name --- util/sasl/scram.lua | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/util/sasl/scram.lua b/util/sasl/scram.lua index 41c7a50a..52656a89 100644 --- a/util/sasl/scram.lua +++ b/util/sasl/scram.lua @@ -164,7 +164,7 @@ local function scram_gen(hash_name, H_f, HMAC_f) return "failure", "temporary-auth-failure"; end elseif self.profile["scram_"..hashprep(hash_name)] then - local salted_password, iteration_count, salt, state = self.profile["scram-"..hash_name](self.state.name, self.realm); + local salted_password, iteration_count, salt, state = self.profile["scram_"..hashprep(hash_name)](self.state.name, self.realm); if state == nil then return "failure", "not-authorized" elseif state == false then return "failure", "account-disabled" end -- cgit v1.2.3