13 local xmlns_bind ='urn:ietf:params:xml:ns:xmpp-bind'; |
13 local xmlns_bind ='urn:ietf:params:xml:ns:xmpp-bind'; |
14 local xmlns_stanzas ='urn:ietf:params:xml:ns:xmpp-stanzas'; |
14 local xmlns_stanzas ='urn:ietf:params:xml:ns:xmpp-stanzas'; |
15 |
15 |
16 local new_sasl = require "util.sasl".new; |
16 local new_sasl = require "util.sasl".new; |
17 |
17 |
18 add_handler("c2s_unauthed", "auth", xmlns_sasl, |
18 add_handler("c2s_unauthed", "auth", xmlns_sasl, function (session, stanza) |
19 function (session, stanza) |
19 if not session.sasl_handler then |
20 if not session.sasl_handler then |
20 session.sasl_handler = new_sasl(stanza.attr.mechanism, |
21 session.sasl_handler = new_sasl(stanza.attr.mechanism, |
21 function (username, password) |
22 function (username, password) |
22 -- onAuth |
23 -- onAuth |
23 require "core.usermanager" |
24 require "core.usermanager" |
24 if usermanager_validate_credentials(session.host, username, password) then |
25 if usermanager_validate_credentials(session.host, username, password) then |
25 return true; |
26 return true; |
26 end |
27 end |
27 return false; |
28 return false; |
28 end, |
29 end, |
29 function (username) |
30 function (username) |
30 -- onSuccess |
31 -- onSuccess |
31 local success, err = sessionmanager.make_authenticated(session, username); |
32 local success, err = sessionmanager.make_authenticated(session, username); |
32 if not success then |
33 if not success then |
33 sessionmanager.destroy_session(session); |
34 sessionmanager.destroy_session(session); |
34 return; |
35 return; |
35 end |
36 end |
36 session.sasl_handler = nil; |
37 session.sasl_handler = nil; |
37 session:reset_stream(); |
38 session:reset_stream(); |
38 end, |
39 end, |
39 function (reason) |
40 function (reason) |
40 -- onFail |
41 -- onFail |
41 log("debug", "SASL failure, reason: %s", reason); |
42 log("debug", "SASL failure, reason: %s", reason); |
42 end, |
43 end, |
43 function (stanza) |
44 function (stanza) |
44 -- onWrite |
45 -- onWrite |
45 log("debug", "SASL writes: %s", tostring(stanza)); |
46 log("debug", "SASL writes: %s", tostring(stanza)); |
46 send(session, stanza); |
47 send(session, stanza); |
|
48 end |
|
49 ); |
|
50 session.sasl_handler:feed(stanza); |
|
51 else |
|
52 error("Client tried to negotiate SASL again", 0); |
|
53 end |
47 end |
54 |
48 ); |
55 end); |
49 session.sasl_handler:feed(stanza); |
|
50 else |
|
51 error("Client tried to negotiate SASL again", 0); |
|
52 end |
|
53 end); |
|
54 |
|
55 add_handler("c2s_unauthed", "response", xmlns_sasl, function (session, stanza) |
|
56 if session.sasl_handler then |
|
57 session.sasl_handler:feed(stanza); |
|
58 end |
|
59 end); |
56 |
60 |
57 add_event_hook("stream-features", |
61 add_event_hook("stream-features", |
58 function (session, features) |
62 function (session, features) |
59 if not session.username then |
63 if not session.username then |
60 t_insert(features, "<mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>"); |
64 t_insert(features, "<mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>"); |
61 t_insert(features, "<mechanism>PLAIN</mechanism>"); |
65 t_insert(features, "<mechanism>PLAIN</mechanism>"); |
|
66 t_insert(features, "<mechanism>DIGEST-MD5</mechanism>"); |
62 t_insert(features, "</mechanisms>"); |
67 t_insert(features, "</mechanisms>"); |
63 else |
68 else |
64 t_insert(features, "<bind xmlns='urn:ietf:params:xml:ns:xmpp-bind'><required/></bind>"); |
69 t_insert(features, "<bind xmlns='urn:ietf:params:xml:ns:xmpp-bind'><required/></bind>"); |
65 t_insert(features, "<session xmlns='urn:ietf:params:xml:ns:xmpp-session'/>"); |
70 t_insert(features, "<session xmlns='urn:ietf:params:xml:ns:xmpp-session'/>"); |
66 end |
71 end |