Sat, 16 May 2009 03:58:05 +0500
stanza_router: Added global function core_post_stanza
894 | 1 | -- Prosody IM v0.4 |
760
90ce865eebd8
Update copyright notices for 2009
Matthew Wild <mwild1@gmail.com>
parents:
759
diff
changeset
|
2 | -- Copyright (C) 2008-2009 Matthew Wild |
90ce865eebd8
Update copyright notices for 2009
Matthew Wild <mwild1@gmail.com>
parents:
759
diff
changeset
|
3 | -- Copyright (C) 2008-2009 Waqas Hussain |
519
cccd610a0ef9
Insert copyright/license headers
Matthew Wild <mwild1@gmail.com>
parents:
449
diff
changeset
|
4 | -- |
758 | 5 | -- This project is MIT/X11 licensed. Please see the |
6 | -- COPYING file in the source package for more information. | |
519
cccd610a0ef9
Insert copyright/license headers
Matthew Wild <mwild1@gmail.com>
parents:
449
diff
changeset
|
7 | -- |
cccd610a0ef9
Insert copyright/license headers
Matthew Wild <mwild1@gmail.com>
parents:
449
diff
changeset
|
8 | |
cccd610a0ef9
Insert copyright/license headers
Matthew Wild <mwild1@gmail.com>
parents:
449
diff
changeset
|
9 | |
38 | 10 | |
11 | local st = require "util.stanza"; | |
46
d6b3f9dbb624
Resource binding, XMPP sessions (whatever they're for...)
Matthew Wild <mwild1@gmail.com>
parents:
38
diff
changeset
|
12 | local sm_bind_resource = require "core.sessionmanager".bind_resource; |
1065
3806173670f2
mod_*: Fix many unnecessary global accesses in modules (already committed to main repo)
Matthew Wild <mwild1@gmail.com>
parents:
938
diff
changeset
|
13 | local sm_make_authenticated = require "core.sessionmanager".make_authenticated; |
447
c0dae734d3bf
Stopped using the lbase64 library
Waqas Hussain <waqas20@gmail.com>
parents:
438
diff
changeset
|
14 | local base64 = require "util.encodings".base64; |
38 | 15 | |
1065
3806173670f2
mod_*: Fix many unnecessary global accesses in modules (already committed to main repo)
Matthew Wild <mwild1@gmail.com>
parents:
938
diff
changeset
|
16 | local datamanager_load = require "util.datamanager".load; |
38 | 17 | local usermanager_validate_credentials = require "core.usermanager".validate_credentials; |
46
d6b3f9dbb624
Resource binding, XMPP sessions (whatever they're for...)
Matthew Wild <mwild1@gmail.com>
parents:
38
diff
changeset
|
18 | local t_concat, t_insert = table.concat, table.insert; |
38 | 19 | local tostring = tostring; |
288
dc53343af9ac
Set username in a SASL object.
Tobias Markmann <tm@ayena.de>
parents:
286
diff
changeset
|
20 | local jid_split = require "util.jid".split |
449
c0a4a1e63d70
Completely switched to new hashes library from the old md5 library
Waqas Hussain <waqas20@gmail.com>
parents:
447
diff
changeset
|
21 | local md5 = require "util.hashes".md5; |
887
eef21d7bbe04
mod_saslauth: Disable SASL ANONYMOUS unless explicitly enabled with sasl_anonymous = true
Matthew Wild <mwild1@gmail.com>
parents:
799
diff
changeset
|
22 | local config = require "core.configmanager"; |
38 | 23 | |
1071
216f9a9001f1
mod_saslauth: Use module logger instead of creating a new one
Matthew Wild <mwild1@gmail.com>
parents:
1065
diff
changeset
|
24 | local log = module._log; |
38 | 25 | |
26 | local xmlns_sasl ='urn:ietf:params:xml:ns:xmpp-sasl'; | |
46
d6b3f9dbb624
Resource binding, XMPP sessions (whatever they're for...)
Matthew Wild <mwild1@gmail.com>
parents:
38
diff
changeset
|
27 | local xmlns_bind ='urn:ietf:params:xml:ns:xmpp-bind'; |
d6b3f9dbb624
Resource binding, XMPP sessions (whatever they're for...)
Matthew Wild <mwild1@gmail.com>
parents:
38
diff
changeset
|
28 | local xmlns_stanzas ='urn:ietf:params:xml:ns:xmpp-stanzas'; |
38 | 29 | |
30 | local new_sasl = require "util.sasl".new; | |
31 | ||
292
33175ad2f682
Started using realm in password hashing, and added support for error message replies from sasl
Waqas Hussain <waqas20@gmail.com>
parents:
291
diff
changeset
|
32 | local function build_reply(status, ret, err_msg) |
281
826308c07627
mod_saslauth updated for digest-md5
Waqas Hussain <waqas20@gmail.com>
parents:
120
diff
changeset
|
33 | local reply = st.stanza(status, {xmlns = xmlns_sasl}); |
826308c07627
mod_saslauth updated for digest-md5
Waqas Hussain <waqas20@gmail.com>
parents:
120
diff
changeset
|
34 | if status == "challenge" then |
1072
c7967004b5d0
mod_saslauth: Various logging fixes
Matthew Wild <mwild1@gmail.com>
parents:
1071
diff
changeset
|
35 | log("debug", "%s", ret or ""); |
293
b446de4e258e
base64 encode the sasl responses
Waqas Hussain <waqas20@gmail.com>
parents:
292
diff
changeset
|
36 | reply:text(base64.encode(ret or "")); |
281
826308c07627
mod_saslauth updated for digest-md5
Waqas Hussain <waqas20@gmail.com>
parents:
120
diff
changeset
|
37 | elseif status == "failure" then |
826308c07627
mod_saslauth updated for digest-md5
Waqas Hussain <waqas20@gmail.com>
parents:
120
diff
changeset
|
38 | reply:tag(ret):up(); |
293
b446de4e258e
base64 encode the sasl responses
Waqas Hussain <waqas20@gmail.com>
parents:
292
diff
changeset
|
39 | if err_msg then reply:tag("text"):text(err_msg); end |
281
826308c07627
mod_saslauth updated for digest-md5
Waqas Hussain <waqas20@gmail.com>
parents:
120
diff
changeset
|
40 | elseif status == "success" then |
1072
c7967004b5d0
mod_saslauth: Various logging fixes
Matthew Wild <mwild1@gmail.com>
parents:
1071
diff
changeset
|
41 | log("debug", "%s", ret or ""); |
293
b446de4e258e
base64 encode the sasl responses
Waqas Hussain <waqas20@gmail.com>
parents:
292
diff
changeset
|
42 | reply:text(base64.encode(ret or "")); |
281
826308c07627
mod_saslauth updated for digest-md5
Waqas Hussain <waqas20@gmail.com>
parents:
120
diff
changeset
|
43 | else |
1073
7c20373d4451
mod_saslauth: Remove 2 instances of raising errors and replacing with more graceful handling
Matthew Wild <mwild1@gmail.com>
parents:
1072
diff
changeset
|
44 | module:log("error", "Unknown sasl status: %s", status); |
281
826308c07627
mod_saslauth updated for digest-md5
Waqas Hussain <waqas20@gmail.com>
parents:
120
diff
changeset
|
45 | end |
826308c07627
mod_saslauth updated for digest-md5
Waqas Hussain <waqas20@gmail.com>
parents:
120
diff
changeset
|
46 | return reply; |
826308c07627
mod_saslauth updated for digest-md5
Waqas Hussain <waqas20@gmail.com>
parents:
120
diff
changeset
|
47 | end |
826308c07627
mod_saslauth updated for digest-md5
Waqas Hussain <waqas20@gmail.com>
parents:
120
diff
changeset
|
48 | |
826308c07627
mod_saslauth updated for digest-md5
Waqas Hussain <waqas20@gmail.com>
parents:
120
diff
changeset
|
49 | local function handle_status(session, status) |
826308c07627
mod_saslauth updated for digest-md5
Waqas Hussain <waqas20@gmail.com>
parents:
120
diff
changeset
|
50 | if status == "failure" then |
826308c07627
mod_saslauth updated for digest-md5
Waqas Hussain <waqas20@gmail.com>
parents:
120
diff
changeset
|
51 | session.sasl_handler = nil; |
826308c07627
mod_saslauth updated for digest-md5
Waqas Hussain <waqas20@gmail.com>
parents:
120
diff
changeset
|
52 | elseif status == "success" then |
1073
7c20373d4451
mod_saslauth: Remove 2 instances of raising errors and replacing with more graceful handling
Matthew Wild <mwild1@gmail.com>
parents:
1072
diff
changeset
|
53 | if not session.sasl_handler.username then -- TODO move this to sessionmanager |
7c20373d4451
mod_saslauth: Remove 2 instances of raising errors and replacing with more graceful handling
Matthew Wild <mwild1@gmail.com>
parents:
1072
diff
changeset
|
54 | module:log("warn", "SASL succeeded but we didn't get a username!"); |
7c20373d4451
mod_saslauth: Remove 2 instances of raising errors and replacing with more graceful handling
Matthew Wild <mwild1@gmail.com>
parents:
1072
diff
changeset
|
55 | session.sasl_handler = nil; |
7c20373d4451
mod_saslauth: Remove 2 instances of raising errors and replacing with more graceful handling
Matthew Wild <mwild1@gmail.com>
parents:
1072
diff
changeset
|
56 | session:reset_stream(); |
7c20373d4451
mod_saslauth: Remove 2 instances of raising errors and replacing with more graceful handling
Matthew Wild <mwild1@gmail.com>
parents:
1072
diff
changeset
|
57 | return; |
7c20373d4451
mod_saslauth: Remove 2 instances of raising errors and replacing with more graceful handling
Matthew Wild <mwild1@gmail.com>
parents:
1072
diff
changeset
|
58 | end |
1065
3806173670f2
mod_*: Fix many unnecessary global accesses in modules (already committed to main repo)
Matthew Wild <mwild1@gmail.com>
parents:
938
diff
changeset
|
59 | sm_make_authenticated(session, session.sasl_handler.username); |
281
826308c07627
mod_saslauth updated for digest-md5
Waqas Hussain <waqas20@gmail.com>
parents:
120
diff
changeset
|
60 | session.sasl_handler = nil; |
826308c07627
mod_saslauth updated for digest-md5
Waqas Hussain <waqas20@gmail.com>
parents:
120
diff
changeset
|
61 | session:reset_stream(); |
826308c07627
mod_saslauth updated for digest-md5
Waqas Hussain <waqas20@gmail.com>
parents:
120
diff
changeset
|
62 | end |
826308c07627
mod_saslauth updated for digest-md5
Waqas Hussain <waqas20@gmail.com>
parents:
120
diff
changeset
|
63 | end |
826308c07627
mod_saslauth updated for digest-md5
Waqas Hussain <waqas20@gmail.com>
parents:
120
diff
changeset
|
64 | |
599
30655c5cc531
Latin1 support for SASL DIGEST-MD5 (second, and possibly final commit)
Waqas Hussain <waqas20@gmail.com>
parents:
595
diff
changeset
|
65 | local function password_callback(node, host, mechanism, decoder) |
1065
3806173670f2
mod_*: Fix many unnecessary global accesses in modules (already committed to main repo)
Matthew Wild <mwild1@gmail.com>
parents:
938
diff
changeset
|
66 | local password = (datamanager_load(node, host, "accounts") or {}).password; -- FIXME handle hashed passwords |
281
826308c07627
mod_saslauth updated for digest-md5
Waqas Hussain <waqas20@gmail.com>
parents:
120
diff
changeset
|
67 | local func = function(x) return x; end; |
826308c07627
mod_saslauth updated for digest-md5
Waqas Hussain <waqas20@gmail.com>
parents:
120
diff
changeset
|
68 | if password then |
826308c07627
mod_saslauth updated for digest-md5
Waqas Hussain <waqas20@gmail.com>
parents:
120
diff
changeset
|
69 | if mechanism == "PLAIN" then |
826308c07627
mod_saslauth updated for digest-md5
Waqas Hussain <waqas20@gmail.com>
parents:
120
diff
changeset
|
70 | return func, password; |
826308c07627
mod_saslauth updated for digest-md5
Waqas Hussain <waqas20@gmail.com>
parents:
120
diff
changeset
|
71 | elseif mechanism == "DIGEST-MD5" then |
599
30655c5cc531
Latin1 support for SASL DIGEST-MD5 (second, and possibly final commit)
Waqas Hussain <waqas20@gmail.com>
parents:
595
diff
changeset
|
72 | if decoder then node, host, password = decoder(node), decoder(host), decoder(password); end |
595
08ed4fa2f89d
Latin1 support for SASL DIGEST-MD5 (initial commit)
Waqas Hussain <waqas20@gmail.com>
parents:
565
diff
changeset
|
73 | return func, md5(node..":"..host..":"..password); |
281
826308c07627
mod_saslauth updated for digest-md5
Waqas Hussain <waqas20@gmail.com>
parents:
120
diff
changeset
|
74 | end |
826308c07627
mod_saslauth updated for digest-md5
Waqas Hussain <waqas20@gmail.com>
parents:
120
diff
changeset
|
75 | end |
826308c07627
mod_saslauth updated for digest-md5
Waqas Hussain <waqas20@gmail.com>
parents:
120
diff
changeset
|
76 | return func, nil; |
826308c07627
mod_saslauth updated for digest-md5
Waqas Hussain <waqas20@gmail.com>
parents:
120
diff
changeset
|
77 | end |
826308c07627
mod_saslauth updated for digest-md5
Waqas Hussain <waqas20@gmail.com>
parents:
120
diff
changeset
|
78 | |
705
11afa1d88c55
mod_saslauth, mod_tls: minor code cleanup
Waqas Hussain <waqas20@gmail.com>
parents:
615
diff
changeset
|
79 | local function sasl_handler(session, stanza) |
295
bb078eb1f1de
mod_saslauth: Code cleanup
Waqas Hussain <waqas20@gmail.com>
parents:
293
diff
changeset
|
80 | if stanza.name == "auth" then |
bb078eb1f1de
mod_saslauth: Code cleanup
Waqas Hussain <waqas20@gmail.com>
parents:
293
diff
changeset
|
81 | -- FIXME ignoring duplicates because ejabberd does |
935
efe3eaaeff34
Fixed: mod_saslauth: "anonymous_login" currently makes SASL ANONYMOUS an exclusive mechanism. Corrected advertised mechanisms and error replies.
Waqas Hussain <waqas20@gmail.com>
parents:
934
diff
changeset
|
82 | if config.get(session.host or "*", "core", "anonymous_login") and stanza.attr.mechanism ~= "ANONYMOUS" then |
efe3eaaeff34
Fixed: mod_saslauth: "anonymous_login" currently makes SASL ANONYMOUS an exclusive mechanism. Corrected advertised mechanisms and error replies.
Waqas Hussain <waqas20@gmail.com>
parents:
934
diff
changeset
|
83 | return session.send(build_reply("failure", "invalid-mechanism")); |
938
663f75dd7b42
Fixed: Some nil access bugs
Waqas Hussain <waqas20@gmail.com>
parents:
935
diff
changeset
|
84 | elseif stanza.attr.mechanism == "ANONYMOUS" then |
935
efe3eaaeff34
Fixed: mod_saslauth: "anonymous_login" currently makes SASL ANONYMOUS an exclusive mechanism. Corrected advertised mechanisms and error replies.
Waqas Hussain <waqas20@gmail.com>
parents:
934
diff
changeset
|
85 | return session.send(build_reply("failure", "mechanism-too-weak")); |
efe3eaaeff34
Fixed: mod_saslauth: "anonymous_login" currently makes SASL ANONYMOUS an exclusive mechanism. Corrected advertised mechanisms and error replies.
Waqas Hussain <waqas20@gmail.com>
parents:
934
diff
changeset
|
86 | end |
295
bb078eb1f1de
mod_saslauth: Code cleanup
Waqas Hussain <waqas20@gmail.com>
parents:
293
diff
changeset
|
87 | session.sasl_handler = new_sasl(stanza.attr.mechanism, session.host, password_callback); |
935
efe3eaaeff34
Fixed: mod_saslauth: "anonymous_login" currently makes SASL ANONYMOUS an exclusive mechanism. Corrected advertised mechanisms and error replies.
Waqas Hussain <waqas20@gmail.com>
parents:
934
diff
changeset
|
88 | if not session.sasl_handler then |
efe3eaaeff34
Fixed: mod_saslauth: "anonymous_login" currently makes SASL ANONYMOUS an exclusive mechanism. Corrected advertised mechanisms and error replies.
Waqas Hussain <waqas20@gmail.com>
parents:
934
diff
changeset
|
89 | return session.send(build_reply("failure", "invalid-mechanism")); |
efe3eaaeff34
Fixed: mod_saslauth: "anonymous_login" currently makes SASL ANONYMOUS an exclusive mechanism. Corrected advertised mechanisms and error replies.
Waqas Hussain <waqas20@gmail.com>
parents:
934
diff
changeset
|
90 | end |
295
bb078eb1f1de
mod_saslauth: Code cleanup
Waqas Hussain <waqas20@gmail.com>
parents:
293
diff
changeset
|
91 | elseif not session.sasl_handler then |
bb078eb1f1de
mod_saslauth: Code cleanup
Waqas Hussain <waqas20@gmail.com>
parents:
293
diff
changeset
|
92 | return; -- FIXME ignoring out of order stanzas because ejabberd does |
bb078eb1f1de
mod_saslauth: Code cleanup
Waqas Hussain <waqas20@gmail.com>
parents:
293
diff
changeset
|
93 | end |
284
4f540755260c
mod_saslauth: Added base64 decoding, encoding check, and cleaned the code up.
Waqas Hussain <waqas20@gmail.com>
parents:
281
diff
changeset
|
94 | local text = stanza[1]; |
4f540755260c
mod_saslauth: Added base64 decoding, encoding check, and cleaned the code up.
Waqas Hussain <waqas20@gmail.com>
parents:
281
diff
changeset
|
95 | if text then |
4f540755260c
mod_saslauth: Added base64 decoding, encoding check, and cleaned the code up.
Waqas Hussain <waqas20@gmail.com>
parents:
281
diff
changeset
|
96 | text = base64.decode(text); |
1072
c7967004b5d0
mod_saslauth: Various logging fixes
Matthew Wild <mwild1@gmail.com>
parents:
1071
diff
changeset
|
97 | log("debug", "%s", text); |
284
4f540755260c
mod_saslauth: Added base64 decoding, encoding check, and cleaned the code up.
Waqas Hussain <waqas20@gmail.com>
parents:
281
diff
changeset
|
98 | if not text then |
4f540755260c
mod_saslauth: Added base64 decoding, encoding check, and cleaned the code up.
Waqas Hussain <waqas20@gmail.com>
parents:
281
diff
changeset
|
99 | session.sasl_handler = nil; |
4f540755260c
mod_saslauth: Added base64 decoding, encoding check, and cleaned the code up.
Waqas Hussain <waqas20@gmail.com>
parents:
281
diff
changeset
|
100 | session.send(build_reply("failure", "incorrect-encoding")); |
4f540755260c
mod_saslauth: Added base64 decoding, encoding check, and cleaned the code up.
Waqas Hussain <waqas20@gmail.com>
parents:
281
diff
changeset
|
101 | return; |
4f540755260c
mod_saslauth: Added base64 decoding, encoding check, and cleaned the code up.
Waqas Hussain <waqas20@gmail.com>
parents:
281
diff
changeset
|
102 | end |
4f540755260c
mod_saslauth: Added base64 decoding, encoding check, and cleaned the code up.
Waqas Hussain <waqas20@gmail.com>
parents:
281
diff
changeset
|
103 | end |
292
33175ad2f682
Started using realm in password hashing, and added support for error message replies from sasl
Waqas Hussain <waqas20@gmail.com>
parents:
291
diff
changeset
|
104 | local status, ret, err_msg = session.sasl_handler:feed(text); |
284
4f540755260c
mod_saslauth: Added base64 decoding, encoding check, and cleaned the code up.
Waqas Hussain <waqas20@gmail.com>
parents:
281
diff
changeset
|
105 | handle_status(session, status); |
292
33175ad2f682
Started using realm in password hashing, and added support for error message replies from sasl
Waqas Hussain <waqas20@gmail.com>
parents:
291
diff
changeset
|
106 | local s = build_reply(status, ret, err_msg); |
1072
c7967004b5d0
mod_saslauth: Various logging fixes
Matthew Wild <mwild1@gmail.com>
parents:
1071
diff
changeset
|
107 | log("debug", "sasl reply: %s", tostring(s)); |
288
dc53343af9ac
Set username in a SASL object.
Tobias Markmann <tm@ayena.de>
parents:
286
diff
changeset
|
108 | session.send(s); |
284
4f540755260c
mod_saslauth: Added base64 decoding, encoding check, and cleaned the code up.
Waqas Hussain <waqas20@gmail.com>
parents:
281
diff
changeset
|
109 | end |
4f540755260c
mod_saslauth: Added base64 decoding, encoding check, and cleaned the code up.
Waqas Hussain <waqas20@gmail.com>
parents:
281
diff
changeset
|
110 | |
438
193f9dd64f17
Bumper commit for the new modulemanager API \o/ Updates all the modules, though some more changes may be in store.
Matthew Wild <mwild1@gmail.com>
parents:
357
diff
changeset
|
111 | module:add_handler("c2s_unauthed", "auth", xmlns_sasl, sasl_handler); |
193f9dd64f17
Bumper commit for the new modulemanager API \o/ Updates all the modules, though some more changes may be in store.
Matthew Wild <mwild1@gmail.com>
parents:
357
diff
changeset
|
112 | module:add_handler("c2s_unauthed", "abort", xmlns_sasl, sasl_handler); |
193f9dd64f17
Bumper commit for the new modulemanager API \o/ Updates all the modules, though some more changes may be in store.
Matthew Wild <mwild1@gmail.com>
parents:
357
diff
changeset
|
113 | module:add_handler("c2s_unauthed", "response", xmlns_sasl, sasl_handler); |
284
4f540755260c
mod_saslauth: Added base64 decoding, encoding check, and cleaned the code up.
Waqas Hussain <waqas20@gmail.com>
parents:
281
diff
changeset
|
114 | |
357
17bcecb06420
Use a stanza for c2s stream features instead of an array of strings. Removes a FIXME.
Matthew Wild <mwild1@gmail.com>
parents:
313
diff
changeset
|
115 | local mechanisms_attr = { xmlns='urn:ietf:params:xml:ns:xmpp-sasl' }; |
17bcecb06420
Use a stanza for c2s stream features instead of an array of strings. Removes a FIXME.
Matthew Wild <mwild1@gmail.com>
parents:
313
diff
changeset
|
116 | local bind_attr = { xmlns='urn:ietf:params:xml:ns:xmpp-bind' }; |
17bcecb06420
Use a stanza for c2s stream features instead of an array of strings. Removes a FIXME.
Matthew Wild <mwild1@gmail.com>
parents:
313
diff
changeset
|
117 | local xmpp_session_attr = { xmlns='urn:ietf:params:xml:ns:xmpp-session' }; |
438
193f9dd64f17
Bumper commit for the new modulemanager API \o/ Updates all the modules, though some more changes may be in store.
Matthew Wild <mwild1@gmail.com>
parents:
357
diff
changeset
|
118 | module:add_event_hook("stream-features", |
705
11afa1d88c55
mod_saslauth, mod_tls: minor code cleanup
Waqas Hussain <waqas20@gmail.com>
parents:
615
diff
changeset
|
119 | function (session, features) |
11afa1d88c55
mod_saslauth, mod_tls: minor code cleanup
Waqas Hussain <waqas20@gmail.com>
parents:
615
diff
changeset
|
120 | if not session.username then |
11afa1d88c55
mod_saslauth, mod_tls: minor code cleanup
Waqas Hussain <waqas20@gmail.com>
parents:
615
diff
changeset
|
121 | features:tag("mechanisms", mechanisms_attr); |
11afa1d88c55
mod_saslauth, mod_tls: minor code cleanup
Waqas Hussain <waqas20@gmail.com>
parents:
615
diff
changeset
|
122 | -- TODO: Provide PLAIN only if TLS is active, this is a SHOULD from the introduction of RFC 4616. This behavior could be overridden via configuration but will issuing a warning or so. |
934
0bda9b5b6a06
Fixed: mod_saslauth: Changed anonymous host option from "sasl_anonymous" to "anonymous_login"
Waqas Hussain <waqas20@gmail.com>
parents:
894
diff
changeset
|
123 | if config.get(session.host or "*", "core", "anonymous_login") then |
887
eef21d7bbe04
mod_saslauth: Disable SASL ANONYMOUS unless explicitly enabled with sasl_anonymous = true
Matthew Wild <mwild1@gmail.com>
parents:
799
diff
changeset
|
124 | features:tag("mechanism"):text("ANONYMOUS"):up(); |
935
efe3eaaeff34
Fixed: mod_saslauth: "anonymous_login" currently makes SASL ANONYMOUS an exclusive mechanism. Corrected advertised mechanisms and error replies.
Waqas Hussain <waqas20@gmail.com>
parents:
934
diff
changeset
|
125 | else |
efe3eaaeff34
Fixed: mod_saslauth: "anonymous_login" currently makes SASL ANONYMOUS an exclusive mechanism. Corrected advertised mechanisms and error replies.
Waqas Hussain <waqas20@gmail.com>
parents:
934
diff
changeset
|
126 | features:tag("mechanism"):text("DIGEST-MD5"):up(); |
efe3eaaeff34
Fixed: mod_saslauth: "anonymous_login" currently makes SASL ANONYMOUS an exclusive mechanism. Corrected advertised mechanisms and error replies.
Waqas Hussain <waqas20@gmail.com>
parents:
934
diff
changeset
|
127 | features:tag("mechanism"):text("PLAIN"):up(); |
887
eef21d7bbe04
mod_saslauth: Disable SASL ANONYMOUS unless explicitly enabled with sasl_anonymous = true
Matthew Wild <mwild1@gmail.com>
parents:
799
diff
changeset
|
128 | end |
705
11afa1d88c55
mod_saslauth, mod_tls: minor code cleanup
Waqas Hussain <waqas20@gmail.com>
parents:
615
diff
changeset
|
129 | features:up(); |
11afa1d88c55
mod_saslauth, mod_tls: minor code cleanup
Waqas Hussain <waqas20@gmail.com>
parents:
615
diff
changeset
|
130 | else |
11afa1d88c55
mod_saslauth, mod_tls: minor code cleanup
Waqas Hussain <waqas20@gmail.com>
parents:
615
diff
changeset
|
131 | features:tag("bind", bind_attr):tag("required"):up():up(); |
11afa1d88c55
mod_saslauth, mod_tls: minor code cleanup
Waqas Hussain <waqas20@gmail.com>
parents:
615
diff
changeset
|
132 | features:tag("session", xmpp_session_attr):up(); |
11afa1d88c55
mod_saslauth, mod_tls: minor code cleanup
Waqas Hussain <waqas20@gmail.com>
parents:
615
diff
changeset
|
133 | end |
11afa1d88c55
mod_saslauth, mod_tls: minor code cleanup
Waqas Hussain <waqas20@gmail.com>
parents:
615
diff
changeset
|
134 | end); |
46
d6b3f9dbb624
Resource binding, XMPP sessions (whatever they're for...)
Matthew Wild <mwild1@gmail.com>
parents:
38
diff
changeset
|
135 | |
438
193f9dd64f17
Bumper commit for the new modulemanager API \o/ Updates all the modules, though some more changes may be in store.
Matthew Wild <mwild1@gmail.com>
parents:
357
diff
changeset
|
136 | module:add_iq_handler("c2s", "urn:ietf:params:xml:ns:xmpp-bind", |
46
d6b3f9dbb624
Resource binding, XMPP sessions (whatever they're for...)
Matthew Wild <mwild1@gmail.com>
parents:
38
diff
changeset
|
137 | function (session, stanza) |
1072
c7967004b5d0
mod_saslauth: Various logging fixes
Matthew Wild <mwild1@gmail.com>
parents:
1071
diff
changeset
|
138 | log("debug", "Client requesting a resource bind"); |
46
d6b3f9dbb624
Resource binding, XMPP sessions (whatever they're for...)
Matthew Wild <mwild1@gmail.com>
parents:
38
diff
changeset
|
139 | local resource; |
d6b3f9dbb624
Resource binding, XMPP sessions (whatever they're for...)
Matthew Wild <mwild1@gmail.com>
parents:
38
diff
changeset
|
140 | if stanza.attr.type == "set" then |
d6b3f9dbb624
Resource binding, XMPP sessions (whatever they're for...)
Matthew Wild <mwild1@gmail.com>
parents:
38
diff
changeset
|
141 | local bind = stanza.tags[1]; |
d6b3f9dbb624
Resource binding, XMPP sessions (whatever they're for...)
Matthew Wild <mwild1@gmail.com>
parents:
38
diff
changeset
|
142 | if bind and bind.attr.xmlns == xmlns_bind then |
d6b3f9dbb624
Resource binding, XMPP sessions (whatever they're for...)
Matthew Wild <mwild1@gmail.com>
parents:
38
diff
changeset
|
143 | resource = bind:child_with_name("resource"); |
d6b3f9dbb624
Resource binding, XMPP sessions (whatever they're for...)
Matthew Wild <mwild1@gmail.com>
parents:
38
diff
changeset
|
144 | if resource then |
d6b3f9dbb624
Resource binding, XMPP sessions (whatever they're for...)
Matthew Wild <mwild1@gmail.com>
parents:
38
diff
changeset
|
145 | resource = resource[1]; |
d6b3f9dbb624
Resource binding, XMPP sessions (whatever they're for...)
Matthew Wild <mwild1@gmail.com>
parents:
38
diff
changeset
|
146 | end |
d6b3f9dbb624
Resource binding, XMPP sessions (whatever they're for...)
Matthew Wild <mwild1@gmail.com>
parents:
38
diff
changeset
|
147 | end |
d6b3f9dbb624
Resource binding, XMPP sessions (whatever they're for...)
Matthew Wild <mwild1@gmail.com>
parents:
38
diff
changeset
|
148 | end |
304
7b28fa8bbfe5
Code cleanup for resource binding
Waqas Hussain <waqas20@gmail.com>
parents:
297
diff
changeset
|
149 | local success, err_type, err, err_msg = sm_bind_resource(session, resource); |
46
d6b3f9dbb624
Resource binding, XMPP sessions (whatever they're for...)
Matthew Wild <mwild1@gmail.com>
parents:
38
diff
changeset
|
150 | if not success then |
304
7b28fa8bbfe5
Code cleanup for resource binding
Waqas Hussain <waqas20@gmail.com>
parents:
297
diff
changeset
|
151 | session.send(st.error_reply(stanza, err_type, err, err_msg)); |
46
d6b3f9dbb624
Resource binding, XMPP sessions (whatever they're for...)
Matthew Wild <mwild1@gmail.com>
parents:
38
diff
changeset
|
152 | else |
304
7b28fa8bbfe5
Code cleanup for resource binding
Waqas Hussain <waqas20@gmail.com>
parents:
297
diff
changeset
|
153 | session.send(st.reply(stanza) |
7b28fa8bbfe5
Code cleanup for resource binding
Waqas Hussain <waqas20@gmail.com>
parents:
297
diff
changeset
|
154 | :tag("bind", { xmlns = xmlns_bind}) |
7b28fa8bbfe5
Code cleanup for resource binding
Waqas Hussain <waqas20@gmail.com>
parents:
297
diff
changeset
|
155 | :tag("jid"):text(session.full_jid)); |
46
d6b3f9dbb624
Resource binding, XMPP sessions (whatever they're for...)
Matthew Wild <mwild1@gmail.com>
parents:
38
diff
changeset
|
156 | end |
d6b3f9dbb624
Resource binding, XMPP sessions (whatever they're for...)
Matthew Wild <mwild1@gmail.com>
parents:
38
diff
changeset
|
157 | end); |
d6b3f9dbb624
Resource binding, XMPP sessions (whatever they're for...)
Matthew Wild <mwild1@gmail.com>
parents:
38
diff
changeset
|
158 | |
438
193f9dd64f17
Bumper commit for the new modulemanager API \o/ Updates all the modules, though some more changes may be in store.
Matthew Wild <mwild1@gmail.com>
parents:
357
diff
changeset
|
159 | module:add_iq_handler("c2s", "urn:ietf:params:xml:ns:xmpp-session", |
46
d6b3f9dbb624
Resource binding, XMPP sessions (whatever they're for...)
Matthew Wild <mwild1@gmail.com>
parents:
38
diff
changeset
|
160 | function (session, stanza) |
1072
c7967004b5d0
mod_saslauth: Various logging fixes
Matthew Wild <mwild1@gmail.com>
parents:
1071
diff
changeset
|
161 | log("debug", "Client requesting a session"); |
313
a273f3a7b8f8
Fixed mod_saslauth to use session.send for sending stanzas
Waqas Hussain <waqas20@gmail.com>
parents:
304
diff
changeset
|
162 | session.send(st.reply(stanza)); |
46
d6b3f9dbb624
Resource binding, XMPP sessions (whatever they're for...)
Matthew Wild <mwild1@gmail.com>
parents:
38
diff
changeset
|
163 | end); |