15 local xmlns_bind ='urn:ietf:params:xml:ns:xmpp-bind'; |
15 local xmlns_bind ='urn:ietf:params:xml:ns:xmpp-bind'; |
16 local xmlns_stanzas ='urn:ietf:params:xml:ns:xmpp-stanzas'; |
16 local xmlns_stanzas ='urn:ietf:params:xml:ns:xmpp-stanzas'; |
17 |
17 |
18 local new_sasl = require "util.sasl".new; |
18 local new_sasl = require "util.sasl".new; |
19 |
19 |
20 local function build_reply(status, ret) |
20 local function build_reply(status, ret, err_msg) |
21 local reply = st.stanza(status, {xmlns = xmlns_sasl}); |
21 local reply = st.stanza(status, {xmlns = xmlns_sasl}); |
22 if status == "challenge" then |
22 if status == "challenge" then |
23 reply:text(ret or ""); |
23 reply:text(ret or ""); |
24 elseif status == "failure" then |
24 elseif status == "failure" then |
25 reply:tag(ret):up(); |
25 reply:tag(ret):up(); |
|
26 if err_msg then reply:tag("text"); end |
26 elseif status == "success" then |
27 elseif status == "success" then |
27 reply:text(ret or ""); |
28 reply:text(ret or ""); |
28 else |
29 else |
29 error("Unknown sasl status: "..status); |
30 error("Unknown sasl status: "..status); |
30 end |
31 end |
40 session.sasl_handler = nil; |
41 session.sasl_handler = nil; |
41 session:reset_stream(); |
42 session:reset_stream(); |
42 end |
43 end |
43 end |
44 end |
44 |
45 |
45 local function password_callback(jid, mechanism) |
46 local function password_callback(node, host, mechanism) |
46 local node, host = jid_split(jid); |
|
47 local password = (datamanager.load(node, host, "accounts") or {}).password; -- FIXME handle hashed passwords |
47 local password = (datamanager.load(node, host, "accounts") or {}).password; -- FIXME handle hashed passwords |
48 local func = function(x) return x; end; |
48 local func = function(x) return x; end; |
49 if password then |
49 if password then |
50 if mechanism == "PLAIN" then |
50 if mechanism == "PLAIN" then |
51 return func, password; |
51 return func, password; |
52 elseif mechanism == "DIGEST-MD5" then |
52 elseif mechanism == "DIGEST-MD5" then |
53 return func, require "hashes".md5(node.."::"..password); |
53 return func, require "hashes".md5(node..":"..host..":"..password); |
54 end |
54 end |
55 end |
55 end |
56 return func, nil; |
56 return func, nil; |
57 end |
57 end |
58 |
58 |
64 session.sasl_handler = nil; |
64 session.sasl_handler = nil; |
65 session.send(build_reply("failure", "incorrect-encoding")); |
65 session.send(build_reply("failure", "incorrect-encoding")); |
66 return; |
66 return; |
67 end |
67 end |
68 end |
68 end |
69 local status, ret = session.sasl_handler:feed(text); |
69 local status, ret, err_msg = session.sasl_handler:feed(text); |
70 handle_status(session, status); |
70 handle_status(session, status); |
71 local s = build_reply(status, ret); |
71 local s = build_reply(status, ret, err_msg); |
72 log("debug", "sasl reply: "..tostring(s)); |
72 log("debug", "sasl reply: "..tostring(s)); |
73 session.send(s); |
73 session.send(s); |
74 end |
74 end |
75 |
75 |
76 add_handler("c2s_unauthed", "auth", xmlns_sasl, |
76 add_handler("c2s_unauthed", "auth", xmlns_sasl, |