From 71c6728e69c98d7a70ec4ae4ffacb08ae683803f Mon Sep 17 00:00:00 2001
From: Kim Alvefur <zash@zash.se>
Date: Sat, 23 May 2020 14:17:04 +0200
Subject: mod_auth_internal_*: Apply saslprep to passwords

Related to #1560
---
 plugins/mod_auth_insecure.lua | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'plugins/mod_auth_insecure.lua')

diff --git a/plugins/mod_auth_insecure.lua b/plugins/mod_auth_insecure.lua
index 9e23c29f..dc5ee616 100644
--- a/plugins/mod_auth_insecure.lua
+++ b/plugins/mod_auth_insecure.lua
@@ -9,6 +9,7 @@
 
 local datamanager = require "util.datamanager";
 local new_sasl = require "util.sasl".new;
+local saslprep = require "util.encodings".stringprep.saslprep;
 
 local host = module.host;
 local provider = { name = "insecure" };
@@ -21,6 +22,10 @@ end
 
 function provider.set_password(username, password)
 	local account = datamanager.load(username, host, "accounts");
+	password = saslprep(password);
+	if not password then
+		return nil, "Password fails SASLprep.";
+	end
 	if account then
 		account.password = password;
 		return datamanager.store(username, host, "accounts", account);
-- 
cgit v1.2.3