Mercurial > lxmppd-hg-xmllex / file comparison
comparison: plugins/mod_saslauth.lua
plugins/mod_saslauth.lua
- changeset 3064
- 596303990c7c
- parent 3062
- 892c49869293
- child 3066
- 5e5137057b5f
equal
deleted
inserted
replaced
| 3063:ca149818083d | 3064:596303990c7c |
|---|---|
| 25 local md5 = require "util.hashes".md5; | 25 local md5 = require "util.hashes".md5; |
| 26 local config = require "core.configmanager"; | 26 local config = require "core.configmanager"; |
| 27 | 27 |
| 28 local secure_auth_only = module:get_option("c2s_require_encryption") or module:get_option("require_encryption"); | 28 local secure_auth_only = module:get_option("c2s_require_encryption") or module:get_option("require_encryption"); |
| 29 local sasl_backend = module:get_option("sasl_backend") or "builtin"; | 29 local sasl_backend = module:get_option("sasl_backend") or "builtin"; |
| 30 local require_provisioning = module:get_option("cyrus_require_provisioning") or false; | |
| 30 | 31 |
| 31 local log = module._log; | 32 local log = module._log; |
| 32 | 33 |
| 33 local xmlns_sasl ='urn:ietf:params:xml:ns:xmpp-sasl'; | 34 local xmlns_sasl ='urn:ietf:params:xml:ns:xmpp-sasl'; |
| 34 local xmlns_bind ='urn:ietf:params:xml:ns:xmpp-bind'; | 35 local xmlns_bind ='urn:ietf:params:xml:ns:xmpp-bind'; |
| 103 module:log("warn", "SASL succeeded but we didn't get a username!"); | 104 module:log("warn", "SASL succeeded but we didn't get a username!"); |
| 104 session.sasl_handler = nil; | 105 session.sasl_handler = nil; |
| 105 session:reset_stream(); | 106 session:reset_stream(); |
| 106 return status, ret, err_msg; | 107 return status, ret, err_msg; |
| 107 end | 108 end |
| 108 sm_make_authenticated(session, session.sasl_handler.username); | 109 |
| 109 session.sasl_handler = nil; | 110 if not(require_provisioning) or usermanager_user_exists(username, session.host) then |
| 110 session:reset_stream(); | 111 sm_make_authenticated(session, session.sasl_handler.username); |
| 112 session.sasl_handler = nil; | |
| 113 session:reset_stream(); | |
| 114 else | |
| 115 module:log("warn", "SASL succeeded but we don't have an account provisioned for %s", username); | |
| 116 session.sasl_handler = session.sasl_handler:clean_clone(); | |
| 117 return "failure", "not-authorized", "User authenticated successfully, but not provisioned for XMPP"; | |
| 118 end | |
| 111 end | 119 end |
| 112 return status, ret, err_msg; | 120 return status, ret, err_msg; |
| 113 end | 121 end |
| 114 | 122 |
| 115 local function sasl_handler(session, stanza) | 123 local function sasl_handler(session, stanza) |
