25 local md5 = require "util.hashes".md5; |
25 local md5 = require "util.hashes".md5; |
26 local config = require "core.configmanager"; |
26 local config = require "core.configmanager"; |
27 |
27 |
28 local secure_auth_only = module:get_option("c2s_require_encryption") or module:get_option("require_encryption"); |
28 local secure_auth_only = module:get_option("c2s_require_encryption") or module:get_option("require_encryption"); |
29 local sasl_backend = module:get_option("sasl_backend") or "builtin"; |
29 local sasl_backend = module:get_option("sasl_backend") or "builtin"; |
|
30 local require_provisioning = module:get_option("cyrus_require_provisioning") or false; |
30 |
31 |
31 local log = module._log; |
32 local log = module._log; |
32 |
33 |
33 local xmlns_sasl ='urn:ietf:params:xml:ns:xmpp-sasl'; |
34 local xmlns_sasl ='urn:ietf:params:xml:ns:xmpp-sasl'; |
34 local xmlns_bind ='urn:ietf:params:xml:ns:xmpp-bind'; |
35 local xmlns_bind ='urn:ietf:params:xml:ns:xmpp-bind'; |
103 module:log("warn", "SASL succeeded but we didn't get a username!"); |
104 module:log("warn", "SASL succeeded but we didn't get a username!"); |
104 session.sasl_handler = nil; |
105 session.sasl_handler = nil; |
105 session:reset_stream(); |
106 session:reset_stream(); |
106 return status, ret, err_msg; |
107 return status, ret, err_msg; |
107 end |
108 end |
108 sm_make_authenticated(session, session.sasl_handler.username); |
109 |
109 session.sasl_handler = nil; |
110 if not(require_provisioning) or usermanager_user_exists(username, session.host) then |
110 session:reset_stream(); |
111 sm_make_authenticated(session, session.sasl_handler.username); |
|
112 session.sasl_handler = nil; |
|
113 session:reset_stream(); |
|
114 else |
|
115 module:log("warn", "SASL succeeded but we don't have an account provisioned for %s", username); |
|
116 session.sasl_handler = session.sasl_handler:clean_clone(); |
|
117 return "failure", "not-authorized", "User authenticated successfully, but not provisioned for XMPP"; |
|
118 end |
111 end |
119 end |
112 return status, ret, err_msg; |
120 return status, ret, err_msg; |
113 end |
121 end |
114 |
122 |
115 local function sasl_handler(session, stanza) |
123 local function sasl_handler(session, stanza) |