From e42b058b2b4157b2bed2120db82495860fc502d9 Mon Sep 17 00:00:00 2001 From: Waqas Hussain Date: Mon, 7 Jun 2010 02:33:40 +0500 Subject: mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler. --- plugins/mod_auth_internal_hashed.lua | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) (limited to 'plugins/mod_auth_internal_hashed.lua') diff --git a/plugins/mod_auth_internal_hashed.lua b/plugins/mod_auth_internal_hashed.lua index e2c423f2..1741a05a 100644 --- a/plugins/mod_auth_internal_hashed.lua +++ b/plugins/mod_auth_internal_hashed.lua @@ -18,6 +18,8 @@ local saltedPasswordSHA1 = require "util.sasl.scram".saltedPasswordSHA1; local config = require "core.configmanager"; local usermanager = require "core.usermanager"; local generate_uuid = require "util.uuid".generate; +local new_sasl = require "util.sasl".new; +local nodeprep = require "util.encodings".stringprep.nodeprep; local hosts = hosts; local prosody = _G.prosody; @@ -105,8 +107,19 @@ function new_hashpass_provider(host) return datamanager.store(username, host, "accounts", {hashpass = hexpass, salt = salt, iteration_count = iteration_count}); end - function provider.get_supported_methods() - return {["PLAIN"] = true}; -- TODO this should be taken from the config + function provider.get_sasl_handler() + local realm = module:get_option("sasl_realm") or origin.host; + local testpass_authentication_profile = { + plain_test = function(username, password, realm) + local prepped_username = nodeprep(username); + if not prepped_username then + log("debug", "NODEprep failed on username: %s", username); + return "", nil; + end + return usermanager.test_password(prepped_username, password, realm), true; + end + }; + return new_sasl(realm, testpass_authentication_profile); end function provider.is_admin(jid) -- cgit v1.2.3 From 4e378598de3fa5ca92b5cec696966626a41cef5e Mon Sep 17 00:00:00 2001 From: Waqas Hussain Date: Mon, 7 Jun 2010 02:38:20 +0500 Subject: mod_auth_internal, mod_auth_internal_hashed: Fixed a global access. --- plugins/mod_auth_internal_hashed.lua | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'plugins/mod_auth_internal_hashed.lua') diff --git a/plugins/mod_auth_internal_hashed.lua b/plugins/mod_auth_internal_hashed.lua index 1741a05a..e793add2 100644 --- a/plugins/mod_auth_internal_hashed.lua +++ b/plugins/mod_auth_internal_hashed.lua @@ -108,7 +108,7 @@ function new_hashpass_provider(host) end function provider.get_sasl_handler() - local realm = module:get_option("sasl_realm") or origin.host; + local realm = module:get_option("sasl_realm") or module.host; local testpass_authentication_profile = { plain_test = function(username, password, realm) local prepped_username = nodeprep(username); -- cgit v1.2.3 From 21d34b1fb9c0a676b4373c769400e7587471cb01 Mon Sep 17 00:00:00 2001 From: Waqas Hussain Date: Mon, 7 Jun 2010 03:07:58 +0500 Subject: mod_auth_internal_hashed: Added SCRAM-SHA-1 support for SASL. --- plugins/mod_auth_internal_hashed.lua | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'plugins/mod_auth_internal_hashed.lua') diff --git a/plugins/mod_auth_internal_hashed.lua b/plugins/mod_auth_internal_hashed.lua index e793add2..9cffcc6e 100644 --- a/plugins/mod_auth_internal_hashed.lua +++ b/plugins/mod_auth_internal_hashed.lua @@ -117,6 +117,16 @@ function new_hashpass_provider(host) return "", nil; end return usermanager.test_password(prepped_username, password, realm), true; + end, + scram_sha_1 = function(username, realm) + local credentials = datamanager.load(username, host, "accounts") or {}; + if credentials.password then + usermanager.set_password(username, credentials.password); + credentials = datamanager.load(username, host, "accounts") or {}; + end + local salted_password, iteration_count, salt = credentials.hashpass, credentials.iteration_count, credentials.salt; + salted_password = salted_password and salted_password:gsub("..", function(x) return string.char(tonumber(x, 16)); end); + return salted_password, iteration_count, salt, true; end }; return new_sasl(realm, testpass_authentication_profile); -- cgit v1.2.3