36 -- create a new SASL object which can be used to authenticate clients |
37 -- create a new SASL object which can be used to authenticate clients |
37 function new(realm, service_name) |
38 function new(realm, service_name) |
38 local sasl_i = {}; |
39 local sasl_i = {}; |
39 sasl_i.realm = realm; |
40 sasl_i.realm = realm; |
40 sasl_i.service_name = service_name; |
41 sasl_i.service_name = service_name; |
41 sasl_i.cyrus = cyrussasl.server_new(service_name, realm, realm, nil, nil) |
42 sasl_i.cyrus = cyrussasl.server_new(service_name, nil, nil, nil, nil) |
42 if sasl_i.cyrus == 0 then |
43 if sasl_i.cyrus == 0 then |
43 log("error", "got NULL return value from server_new") |
44 log("error", "got NULL return value from server_new") |
44 return nil; |
45 return nil; |
45 end |
46 end |
46 cyrussasl.setssf(sasl_i.cyrus, 0, 0xffffffff) |
47 cyrussasl.setssf(sasl_i.cyrus, 0, 0xffffffff) |
60 end |
61 end |
61 |
62 |
62 -- get a list of possible SASL mechanims to use |
63 -- get a list of possible SASL mechanims to use |
63 function method:mechanisms() |
64 function method:mechanisms() |
64 local mechanisms = {} |
65 local mechanisms = {} |
65 local cyrus_mechs = cyrussasl.listmech(self.cyrus) |
66 local cyrus_mechs = cyrussasl.listmech(self.cyrus, nil, "", " ", "") |
66 for w in s_gmatch(cyrus_mechs, "%a+") do |
67 for w in s_gmatch(cyrus_mechs, "%a+") do |
67 mechanisms[w] = true; |
68 mechanisms[w] = true; |
68 end |
69 end |
69 self.mechanisms = mechanisms |
70 self.mechanisms = mechanisms |
70 return array.collect(keys(mechanisms)); |
71 return array.collect(keys(mechanisms)); |
71 end |
72 end |
72 |
73 |
73 -- select a mechanism to use |
74 -- select a mechanism to use |
74 function method:select(mechanism) |
75 function method:select(mechanism) |
75 self.mechanism = mechanism; |
76 self.mechanism = mechanism; |
76 return not self.mechanisms[mechanisms]; |
77 return self.mechanisms[mechanism]; |
77 end |
78 end |
78 |
79 |
79 -- feed new messages to process into the library |
80 -- feed new messages to process into the library |
80 function method:process(message) |
81 function method:process(message) |
81 local err; |
82 local err; |
82 local data; |
83 local data; |
|
84 |
83 if self.mechanism then |
85 if self.mechanism then |
84 err, data = cyrussasl.server_start(self.cyrus, self.mechanism, message) |
86 err, data = cyrussasl.server_start(self.cyrus, self.mechanism, message or "") |
85 else |
87 else |
86 err, data = cyrussasl.server_step(self.cyrus, message) |
88 err, data = cyrussasl.server_step(self.cyrus, message or "") |
87 end |
89 end |
88 |
90 |
89 self.username = cyrussasl.get_username(self.cyrus) |
91 self.username = cyrussasl.get_username(self.cyrus) |
90 |
92 |
91 if (err == 0) then -- SASL_OK |
93 if (err == 0) then -- SASL_OK |