# HG changeset patch # User Matthew Wild # Date 1259430049 0 # Node ID c1a85068ca3689c740690752af422472358ca8c4 # Parent 482bc84c15ea077def1121cb937a4a5f579cf923# Parent 92e329e1cd99abcd0483cb34e0263e33f04b26ff Merge with Tobias diff -r 482bc84c15ea -r c1a85068ca36 util/sasl.lua --- a/util/sasl.lua Sat Nov 28 17:40:37 2009 +0000 +++ b/util/sasl.lua Sat Nov 28 17:40:49 2009 +0000 @@ -83,10 +83,11 @@ -- create a new SASL object which can be used to authenticate clients function new(realm, profile, forbidden) - sasl_i = {profile = profile}; + local sasl_i = {profile = profile}; sasl_i.realm = realm; - s = setmetatable(sasl_i, method); - s:forbidden(sasl_i, forbidden) + local s = setmetatable(sasl_i, method); + if forbidden == nil then forbidden = {} end + s:forbidden(forbidden) return s; end @@ -112,7 +113,7 @@ for backend, f in pairs(self.profile) do if backend_mechanism[backend] then for _, mechanism in ipairs(backend_mechanism[backend]) do - if not sasl_i.restrict:contains(mechanism) then + if not self.restrict:contains(mechanism) then mechanisms[mechanism] = true; end end diff -r 482bc84c15ea -r c1a85068ca36 util/sasl/digest-md5.lua --- a/util/sasl/digest-md5.lua Sat Nov 28 17:40:37 2009 +0000 +++ b/util/sasl/digest-md5.lua Sat Nov 28 17:40:49 2009 +0000 @@ -28,10 +28,6 @@ --========================= --SASL DIGEST-MD5 according to RFC 2831 -local function digest_response() - - return response, A1, A2 -end local function digest(self, message) --TODO complete support for authzid @@ -174,7 +170,7 @@ local password, state = self.profile.plain(response["username"], self.realm) if state == nil then return "failure", "not-authorized" elseif state == false then return "failure", "account-disabled" end - Y = md5(response["username"]..":"..response["realm"]..":"..password); + local Y = md5(response["username"]..":"..response["realm"]..":"..password); elseif self.profile["digest-md5"] then local Y, state = self.profile["digest-md5"](response["username"], self.realm, response["realm"], response["charset"]) if state == nil then return "failure", "not-authorized" diff -r 482bc84c15ea -r c1a85068ca36 util/sasl/scram.lua --- a/util/sasl/scram.lua Sat Nov 28 17:40:37 2009 +0000 +++ b/util/sasl/scram.lua Sat Nov 28 17:40:49 2009 +0000 @@ -54,7 +54,7 @@ local Ust = hmac(str, salt.."\0\0\0\1"); local res = Ust; for n=1,i-1 do - Und = hmac(str, Ust) + local Und = hmac(str, Ust) res = binaryXOR(res, Und) Ust = Und end @@ -118,7 +118,7 @@ local password; if self.profile.plain then - password, state = self.profile.plain(self.state.name, self.realm) + local password, state = self.profile.plain(self.state.name, self.realm) if state == nil then return "failure", "not-authorized" elseif state == false then return "failure", "account-disabled" end password = saslprep(password);