Mercurial > lxmppd-hg-xmllex / file comparison
comparison: util/sasl/scram.lua
util/sasl/scram.lua
- changeset 3098
- e5d349c0acde
- parent 3097
- 9341ef1a3345
- child 3099
- 2c4d06e7e3d3
equal
deleted
inserted
replaced
| 3097:9341ef1a3345 | 3098:e5d349c0acde |
|---|---|
| 115 | 115 |
| 116 self.state["servernonce"] = generate_uuid(); | 116 self.state["servernonce"] = generate_uuid(); |
| 117 | 117 |
| 118 -- retreive credentials | 118 -- retreive credentials |
| 119 if self.profile.plain then | 119 if self.profile.plain then |
| 120 password, state = self.profile.plain(self.state.name, self.realm) | 120 local password, state = self.profile.plain(self.state.name, self.realm) |
| 121 if state == nil then return "failure", "not-authorized" | 121 if state == nil then return "failure", "not-authorized" |
| 122 elseif state == false then return "failure", "account-disabled" end | 122 elseif state == false then return "failure", "account-disabled" end |
| 123 | 123 |
| 124 password = saslprep(password); | 124 password = saslprep(password); |
| 125 if not password then | 125 if not password then |
| 127 return "failure", "not-authorized", "Invalid password." | 127 return "failure", "not-authorized", "Invalid password." |
| 128 end | 128 end |
| 129 self.state.salt = generate_uuid(); | 129 self.state.salt = generate_uuid(); |
| 130 self.state.iteration_count = default_i; | 130 self.state.iteration_count = default_i; |
| 131 self.state.salted_password = Hi(HMAC_f, password, self.state.salt, default_i); | 131 self.state.salted_password = Hi(HMAC_f, password, self.state.salt, default_i); |
| 132 elseif self.profile["scram-"..hash_name] then | 132 elseif self.profile["scram_"..hash_name] then |
| 133 salted_password, iteration_count, salt, state = self.profile["scram-"..hash_name](self.state.name, self.realm); | 133 local salted_password, iteration_count, salt, state = self.profile["scram-"..hash_name](self.state.name, self.realm); |
| 134 if state == nil then return "failure", "not-authorized" | 134 if state == nil then return "failure", "not-authorized" |
| 135 elseif state == false then return "failure", "account-disabled" end | 135 elseif state == false then return "failure", "account-disabled" end |
| 136 | 136 |
| 137 self.state.salted_password = salted_password; | 137 self.state.salted_password = salted_password; |
| 138 self.state.iteration_count = iteration_count; | 138 self.state.iteration_count = iteration_count; |
| 175 return scram_hash; | 175 return scram_hash; |
| 176 end | 176 end |
| 177 | 177 |
| 178 function init(registerMechanism) | 178 function init(registerMechanism) |
| 179 local function registerSCRAMMechanism(hash_name, hash, hmac_hash) | 179 local function registerSCRAMMechanism(hash_name, hash, hmac_hash) |
| 180 registerMechanism("SCRAM-"..hash_name, {"plain", "scram-"..(hash_name:lower())}, scram_gen(hash_name:lower(), hash, hmac_hash)); | 180 registerMechanism("SCRAM-"..hash_name, {"plain", "scram_"..(hash_name:lower())}, scram_gen(hash_name:lower(), hash, hmac_hash)); |
| 181 end | 181 end |
| 182 | 182 |
| 183 registerSCRAMMechanism("SHA-1", sha1, hmac_sha1); | 183 registerSCRAMMechanism("SHA-1", sha1, hmac_sha1); |
| 184 end | 184 end |
| 185 | 185 |
