115 |
115 |
116 self.state["servernonce"] = generate_uuid(); |
116 self.state["servernonce"] = generate_uuid(); |
117 |
117 |
118 -- retreive credentials |
118 -- retreive credentials |
119 if self.profile.plain then |
119 if self.profile.plain then |
120 password, state = self.profile.plain(self.state.name, self.realm) |
120 local password, state = self.profile.plain(self.state.name, self.realm) |
121 if state == nil then return "failure", "not-authorized" |
121 if state == nil then return "failure", "not-authorized" |
122 elseif state == false then return "failure", "account-disabled" end |
122 elseif state == false then return "failure", "account-disabled" end |
123 |
123 |
124 password = saslprep(password); |
124 password = saslprep(password); |
125 if not password then |
125 if not password then |
128 end |
128 end |
129 self.state.salt = generate_uuid(); |
129 self.state.salt = generate_uuid(); |
130 self.state.iteration_count = default_i; |
130 self.state.iteration_count = default_i; |
131 self.state.salted_password = Hi(HMAC_f, password, self.state.salt, default_i); |
131 self.state.salted_password = Hi(HMAC_f, password, self.state.salt, default_i); |
132 elseif self.profile["scram_"..hash_name] then |
132 elseif self.profile["scram_"..hash_name] then |
133 salted_password, iteration_count, salt, state = self.profile["scram-"..hash_name](self.state.name, self.realm); |
133 local salted_password, iteration_count, salt, state = self.profile["scram-"..hash_name](self.state.name, self.realm); |
134 if state == nil then return "failure", "not-authorized" |
134 if state == nil then return "failure", "not-authorized" |
135 elseif state == false then return "failure", "account-disabled" end |
135 elseif state == false then return "failure", "account-disabled" end |
136 |
136 |
137 self.state.salted_password = salted_password; |
137 self.state.salted_password = salted_password; |
138 self.state.iteration_count = iteration_count; |
138 self.state.iteration_count = iteration_count; |