From 6db3d039b3d8d55c9e03ebdc776cf1a23dd826c2 Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Thu, 2 Oct 2008 01:08:58 +0100 Subject: SASL! (but before you get too excited, no resource binding yet. And yes, there are still plenty of rough edges to the code...) ((eg. must move out of xmlhandlers.lua o_O )) --- util/sasl.lua | 43 ++++++++++++++++++++++++++----------------- 1 file changed, 26 insertions(+), 17 deletions(-) (limited to 'util') diff --git a/util/sasl.lua b/util/sasl.lua index 0d7740c8..515bcf8a 100644 --- a/util/sasl.lua +++ b/util/sasl.lua @@ -1,34 +1,43 @@ -require "base64" -sasl = {} -function sasl:new_plain(onAuth, onSuccess, onFail, onWrite) +local base64 = require "base64" +local log = require "util.logger".init("sasl"); +local tostring = tostring; +local st = require "util.stanza"; +local s_match = string.match; +module "sasl" + + +local function new_plain(onAuth, onSuccess, onFail, onWrite) local object = { mechanism = "PLAIN", onAuth = onAuth, onSuccess = onSuccess, onFail = onFail, onWrite = onWrite} - local challenge = base64.encode(""); - onWrite(stanza.stanza("challenge", {xmlns = "urn:ietf:params:xml:ns:xmpp-sasl"}):text(challenge)) + --local challenge = base64.encode(""); + --onWrite(st.stanza("challenge", {xmlns = "urn:ietf:params:xml:ns:xmpp-sasl"}):text(challenge)) object.feed = function(self, stanza) - if (stanza.name ~= "response") then self.onFail() end - if (stanza.attr.xmlns ~= "urn:ietf:params:xml:ns:xmpp-sasl") then self.onFail() end - local response = base64.decode(stanza.tag[1]) - local authorization = string.match(response, "([^&\0]+)") - local authentication = string.match(response, "\0([^&\0]+)\0") - local password = string.match(response, "\0[^&\0]+\0([^&\0]+)") + if stanza.name ~= "response" and stanza.name ~= "auth" then self.onFail("invalid-stanza-tag") end + if stanza.attr.xmlns ~= "urn:ietf:params:xml:ns:xmpp-sasl" then self.onFail("invalid-stanza-namespace") end + local response = base64.decode(stanza[1]) + local authorization = s_match(response, "([^&%z]+)") + local authentication = s_match(response, "%z([^&%z]+)%z") + local password = s_match(response, "%z[^&%z]+%z([^&%z]+)") if self.onAuth(authorization, password) == true then - self.onWrite(stanza.stanza("success", {xmlns = "urn:ietf:params:xml:ns:xmpp-sasl"})) - self.onSuccess() + self.onWrite(st.stanza("success", {xmlns = "urn:ietf:params:xml:ns:xmpp-sasl"})) + self.onSuccess(authentication) else - self.onWrite(stanza.stanza("failure", {xmlns = "urn:ietf:params:xml:ns:xmpp-sasl"}):tag("temporary-auth-failure")); + self.onWrite(st.stanza("failure", {xmlns = "urn:ietf:params:xml:ns:xmpp-sasl"}):tag("temporary-auth-failure")); end end return object end -function sasl:new(mechanism, onAuth, onSuccess, onFail, onWrite) + +function new(mechanism, onAuth, onSuccess, onFail, onWrite) local object if mechanism == "PLAIN" then object = new_plain(onAuth, onSuccess, onFail, onWrite) - else onFail() + else + log("debug", "Unsupported SASL mechanism: "..tostring(mechanism)); + onFail("unsupported-mechanism") end return object end -module "sasl" +return _M; \ No newline at end of file -- cgit v1.2.3