annotate mod_auth_dovecot/auth_dovecot/sasl_dovecot.lib.lua @ 2528:44a71584521d

mod_firewall: Add SEARCH, PATTERN definitions and SCAN condition to check tokenized stanza:find() against a list
author Matthew Wild <mwild1@gmail.com>
date Mon, 20 Feb 2017 09:31:30 +0000
parents a573d64968e9
children e9ca7fd4ad06
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
474
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
1 -- Dovecot authentication backend for Prosody
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
2 --
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
3 -- Copyright (C) 2008-2009 Tobias Markmann
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
4 -- Copyright (C) 2010 Javier Torres
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
5 -- Copyright (C) 2010-2011 Matthew Wild
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
6 -- Copyright (C) 2010-2011 Waqas Hussain
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
7 -- Copyright (C) 2011 Kim Alvefur
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
8 --
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
9 -- Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
10 --
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
11 -- * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
12 -- * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
13 -- * Neither the name of Tobias Markmann nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
14 --
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
15 -- THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
16
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
17 -- This code is based on util.sasl_cyrus and the old mod_auth_dovecot
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
18
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
19 local log = require "util.logger".init("sasl_dovecot");
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
20
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
21 local setmetatable = setmetatable;
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
22
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
23 local s_match, s_gmatch = string.match, string.gmatch
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
24 local t_concat = table.concat;
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
25 local m_random = math.random;
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
26 local tostring, tonumber = tostring, tonumber;
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
27
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
28 local socket = require "socket"
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
29 pcall(require, "socket.unix");
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
30 local base64 = require "util.encodings".base64;
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
31 local b64, unb64 = base64.encode, base64.decode;
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
32 local jid_escape = require "util.jid".escape;
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
33 local prepped_split = require "util.jid".prepped_split;
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
34 local nodeprep = require "util.encodings".stringprep.nodeprep;
1372
a573d64968e9 mod_auth_dovecot: Add a dependency to util.pposix to send the _real_ pid
benjamin.podszun@gmail.com
parents: 1343
diff changeset
35 local pposix = require "util.pposix";
474
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
36
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
37 --module "sasl_dovecot"
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
38 local _M = {};
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
39
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
40 local request_id = 0;
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
41 local method = {};
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
42 method.__index = method;
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
43 local conn, supported_mechs, pid;
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
44
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
45 local function connect(socket_info)
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
46 --log("debug", "connect(%q)", socket_path);
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
47 if conn then conn:close(); pid = nil; end
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
48
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
49 local socket_type = (type(socket_info) == "string") and "UNIX" or "TCP";
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
50
700
0c130c45b7c1 mod_auth_dovecot: Old forgotten changes. Testing appreciated.
Kim Alvefur <zash@zash.se>
parents: 474
diff changeset
51 local ok, err, socket_path;
474
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
52 if socket_type == "TCP" then
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
53 local socket_host, socket_port = unpack(socket_info);
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
54 conn = socket.tcp();
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
55 ok, err = conn:connect(socket_host, socket_port);
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
56 socket_path = ("%s:%d"):format(socket_host, socket_port);
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
57 elseif socket.unix then
700
0c130c45b7c1 mod_auth_dovecot: Old forgotten changes. Testing appreciated.
Kim Alvefur <zash@zash.se>
parents: 474
diff changeset
58 socket_path = socket_info;
474
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
59 conn = socket.unix();
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
60 ok, err = conn:connect(socket_path);
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
61 else
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
62 err = "luasocket was not compiled with UNIX sockets support";
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
63 end
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
64
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
65 if not ok then
1325
b21236b6b8d8 Backed out changeset 853a382c9bd6
Kim Alvefur <zash@zash.se>
parents: 1324
diff changeset
66 return false, "error connecting to dovecot "..tostring(socket_type).." socket at '"
b21236b6b8d8 Backed out changeset 853a382c9bd6
Kim Alvefur <zash@zash.se>
parents: 1324
diff changeset
67 ..tostring(socket_path or socket_info).."'. error was '"..tostring(err).."'";
474
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
68 end
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
69
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
70 -- Send our handshake
1372
a573d64968e9 mod_auth_dovecot: Add a dependency to util.pposix to send the _real_ pid
benjamin.podszun@gmail.com
parents: 1343
diff changeset
71 pid = pposix.getpid();
474
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
72 log("debug", "sending handshake to dovecot. version 1.1, cpid '%d'", pid);
838
c9e2beec4ef6 mod_auth_dovecot: Improved error reporting.
Waqas Hussain <waqas20@gmail.com>
parents: 708
diff changeset
73 local success,err = conn:send("VERSION\t1\t1\n");
c9e2beec4ef6 mod_auth_dovecot: Improved error reporting.
Waqas Hussain <waqas20@gmail.com>
parents: 708
diff changeset
74 if not success then
c9e2beec4ef6 mod_auth_dovecot: Improved error reporting.
Waqas Hussain <waqas20@gmail.com>
parents: 708
diff changeset
75 return false, "Unable to send version data to socket: "..tostring(err);
474
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
76 end
838
c9e2beec4ef6 mod_auth_dovecot: Improved error reporting.
Waqas Hussain <waqas20@gmail.com>
parents: 708
diff changeset
77 local success,err = conn:send("CPID\t" .. pid .. "\n");
c9e2beec4ef6 mod_auth_dovecot: Improved error reporting.
Waqas Hussain <waqas20@gmail.com>
parents: 708
diff changeset
78 if not success then
c9e2beec4ef6 mod_auth_dovecot: Improved error reporting.
Waqas Hussain <waqas20@gmail.com>
parents: 708
diff changeset
79 return false, "Unable to send PID to socket: "..tostring(err);
474
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
80 end
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
81
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
82 -- Parse Dovecot's handshake
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
83 local done = false;
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
84 supported_mechs = {};
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
85 while (not done) do
838
c9e2beec4ef6 mod_auth_dovecot: Improved error reporting.
Waqas Hussain <waqas20@gmail.com>
parents: 708
diff changeset
86 local line, err = conn:receive();
474
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
87 if not line then
838
c9e2beec4ef6 mod_auth_dovecot: Improved error reporting.
Waqas Hussain <waqas20@gmail.com>
parents: 708
diff changeset
88 return false, "No data read from socket: "..tostring(err);
474
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
89 end
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
90
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
91 --log("debug", "dovecot handshake: '%s'", line);
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
92 local parts = line:gmatch("[^\t]+");
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
93 local first = parts();
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
94 if first == "VERSION" then
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
95 -- Version should be 1.1
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
96 local major_version = parts();
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
97
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
98 if major_version ~= "1" then
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
99 conn:close();
838
c9e2beec4ef6 mod_auth_dovecot: Improved error reporting.
Waqas Hussain <waqas20@gmail.com>
parents: 708
diff changeset
100 return false, "dovecot server version is not 1.x. it is "..tostring(major_version)..".x";
474
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
101 end
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
102 elseif first == "MECH" then
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
103 local mech = parts();
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
104 supported_mechs[mech] = true;
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
105 elseif first == "DONE" then
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
106 done = true;
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
107 end
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
108 end
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
109 return conn, supported_mechs;
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
110 end
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
111
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
112 -- create a new SASL object which can be used to authenticate clients
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
113 function _M.new(realm, service_name, socket_info, config)
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
114 --log("debug", "new(%q, %q, %q)", realm or "", service_name or "", socket_info or "");
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
115 local sasl_i = { realm = realm, service_name = service_name, socket_info = socket_info, config = config or {} };
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
116
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
117 request_id = request_id + 1;
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
118 sasl_i.request_id = request_id;
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
119 local conn, mechs = conn, supported_mechs;
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
120 if not conn then
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
121 conn, mechs = connect(socket_info);
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
122 if not conn then
838
c9e2beec4ef6 mod_auth_dovecot: Improved error reporting.
Waqas Hussain <waqas20@gmail.com>
parents: 708
diff changeset
123 return nil, "Dovecot connection failure: "..tostring(mechs);
474
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
124 end
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
125 end
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
126 sasl_i.conn, sasl_i.mechs = conn, mechs;
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
127 return setmetatable(sasl_i, method);
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
128 end
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
129
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
130 -- [[
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
131 function method:send(...)
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
132 local msg = t_concat({...}, "\t");
700
0c130c45b7c1 mod_auth_dovecot: Old forgotten changes. Testing appreciated.
Kim Alvefur <zash@zash.se>
parents: 474
diff changeset
133 if msg:sub(-1) ~= "\n" then
0c130c45b7c1 mod_auth_dovecot: Old forgotten changes. Testing appreciated.
Kim Alvefur <zash@zash.se>
parents: 474
diff changeset
134 msg = msg .. "\n"
0c130c45b7c1 mod_auth_dovecot: Old forgotten changes. Testing appreciated.
Kim Alvefur <zash@zash.se>
parents: 474
diff changeset
135 end
0c130c45b7c1 mod_auth_dovecot: Old forgotten changes. Testing appreciated.
Kim Alvefur <zash@zash.se>
parents: 474
diff changeset
136 module:log("debug", "sending %q", msg:sub(1,-2));
0c130c45b7c1 mod_auth_dovecot: Old forgotten changes. Testing appreciated.
Kim Alvefur <zash@zash.se>
parents: 474
diff changeset
137 local ok, err = self.conn:send(msg);
474
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
138 if not ok then
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
139 log("error", "Could not write to socket: %s", err);
708
d9a4e2f11b07 mod_auth_dovecot: If the connection fails, nuke it so the next attempt causes a reconnect.
Kim Alvefur <zash@zash.se>
parents: 700
diff changeset
140 if err == "closed" then
d9a4e2f11b07 mod_auth_dovecot: If the connection fails, nuke it so the next attempt causes a reconnect.
Kim Alvefur <zash@zash.se>
parents: 700
diff changeset
141 conn = nil;
d9a4e2f11b07 mod_auth_dovecot: If the connection fails, nuke it so the next attempt causes a reconnect.
Kim Alvefur <zash@zash.se>
parents: 700
diff changeset
142 end
474
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
143 return nil, err;
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
144 end
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
145 return true;
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
146 end
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
147
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
148 function method:recv()
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
149 --log("debug", "Sent %d bytes to socket", ok);
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
150 local line, err = self.conn:receive();
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
151 if not line then
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
152 log("error", "Could not read from socket: %s", err);
708
d9a4e2f11b07 mod_auth_dovecot: If the connection fails, nuke it so the next attempt causes a reconnect.
Kim Alvefur <zash@zash.se>
parents: 700
diff changeset
153 if err == "closed" then
d9a4e2f11b07 mod_auth_dovecot: If the connection fails, nuke it so the next attempt causes a reconnect.
Kim Alvefur <zash@zash.se>
parents: 700
diff changeset
154 conn = nil;
d9a4e2f11b07 mod_auth_dovecot: If the connection fails, nuke it so the next attempt causes a reconnect.
Kim Alvefur <zash@zash.se>
parents: 700
diff changeset
155 end
474
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
156 return nil, err;
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
157 end
700
0c130c45b7c1 mod_auth_dovecot: Old forgotten changes. Testing appreciated.
Kim Alvefur <zash@zash.se>
parents: 474
diff changeset
158 module:log("debug", "received %q", line);
474
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
159 return line;
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
160 end
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
161 -- ]]
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
162
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
163 function method:plain_test(username, password, realm)
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
164 if self:select("PLAIN") then
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
165 return self:process(("\0%s\0%s"):format(username, password));
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
166 end
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
167 end
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
168
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
169 -- get a fresh clone with the same realm and service name
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
170 function method:clean_clone()
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
171 --log("debug", "method:clean_clone()");
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
172 return _M.new(self.realm, self.service_name, self.socket_info, self.config)
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
173 end
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
174
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
175 -- get a list of possible SASL mechanims to use
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
176 function method:mechanisms()
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
177 --log("debug", "method:mechanisms()");
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
178 return self.mechs;
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
179 end
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
180
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
181 -- select a mechanism to use
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
182 function method:select(mechanism)
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
183 --log("debug", "method:select(%q)", mechanism);
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
184 if not self.selected and self.mechs[mechanism] then
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
185 self.selected = mechanism;
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
186 return true;
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
187 end
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
188 end
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
189
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
190 -- feed new messages to process into the library
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
191 function method:process(message)
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
192 --log("debug", "method:process"..(message and "(%q)" or "()"), message);
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
193 --if not message then
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
194 --return "challenge";
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
195 --return "failure", "malformed-request";
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
196 --end
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
197 local request_id = self.request_id;
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
198 local authmsg;
700
0c130c45b7c1 mod_auth_dovecot: Old forgotten changes. Testing appreciated.
Kim Alvefur <zash@zash.se>
parents: 474
diff changeset
199 local ok, err;
474
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
200 if not self.started then
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
201 self.started = true;
700
0c130c45b7c1 mod_auth_dovecot: Old forgotten changes. Testing appreciated.
Kim Alvefur <zash@zash.se>
parents: 474
diff changeset
202 ok, err = self:send(
474
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
203 "AUTH",
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
204 request_id,
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
205 self.selected,
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
206 "service="..self.service_name,
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
207 "resp="..(message and b64(message) or "=")
700
0c130c45b7c1 mod_auth_dovecot: Old forgotten changes. Testing appreciated.
Kim Alvefur <zash@zash.se>
parents: 474
diff changeset
208 );
474
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
209 else
700
0c130c45b7c1 mod_auth_dovecot: Old forgotten changes. Testing appreciated.
Kim Alvefur <zash@zash.se>
parents: 474
diff changeset
210 ok, err = self:send(
474
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
211 "CONT",
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
212 request_id,
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
213 (message and b64(message) or "=")
700
0c130c45b7c1 mod_auth_dovecot: Old forgotten changes. Testing appreciated.
Kim Alvefur <zash@zash.se>
parents: 474
diff changeset
214 );
474
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
215 end
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
216 --log("debug", "Sending %d bytes: %q", #authmsg, authmsg);
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
217 if not ok then
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
218 log("error", "Could not write to socket: %s", err);
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
219 return "failure", "internal-server-error", err
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
220 end
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
221 --log("debug", "Sent %d bytes to socket", ok);
700
0c130c45b7c1 mod_auth_dovecot: Old forgotten changes. Testing appreciated.
Kim Alvefur <zash@zash.se>
parents: 474
diff changeset
222 local line, err = self:recv();
474
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
223 if not line then
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
224 log("error", "Could not read from socket: %s", err);
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
225 return "failure", "internal-server-error", err
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
226 end
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
227 --log("debug", "Received %d bytes from socket: %s", #line, line);
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
228
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
229 local parts = line:gmatch("[^\t]+");
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
230 local resp = parts();
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
231 local id = tonumber(parts());
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
232
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
233 if id ~= request_id then
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
234 return "failure", "internal-server-error", "Unexpected request id"
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
235 end
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
236
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
237 local data = {};
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
238 for param in parts do
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
239 data[#data+1]=param;
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
240 local k,v = param:match("^([^=]*)=?(.*)$");
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
241 if k and #k>0 then
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
242 data[k]=v or true;
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
243 end
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
244 end
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
245
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
246 if data.user then
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
247 local handle_domain = self.config.handle_domain;
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
248 local validate_domain = self.config.validate_domain;
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
249 if handle_domain == "split" then
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
250 local domain;
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
251 self.username, domain = prepped_split(data.user);
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
252 if validate_domain and domain ~= self.realm then
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
253 return "failure", "not-authorized", "Domain mismatch";
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
254 end
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
255 elseif handle_domain == "escape" then
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
256 self.username = nodeprep(jid_escape(data.user));
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
257 else
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
258 self.username = nodeprep(data.user);
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
259 end
1343
7dbde05b48a9 all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents: 1325
diff changeset
260 if not self.username then
474
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
261 return "failure", "not-authorized", "Username failed NODEprep"
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
262 end
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
263 end
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
264
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
265 if resp == "FAIL" then
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
266 if data.temp then
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
267 return "failure", "temporary-auth-failure", data.reason;
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
268 elseif data.authz then
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
269 return "failure", "invalid-authzid", data.reason;
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
270 else
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
271 return "failure", "not-authorized", data.reason;
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
272 end
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
273 elseif resp == "CONT" then
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
274 return "challenge", unb64(data[1]);
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
275 elseif resp == "OK" then
1343
7dbde05b48a9 all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents: 1325
diff changeset
276 return "success", data.resp and unb64(data.resp) or nil;
474
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
277 end
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
278 end
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
279
942738953ff3 mod_auth_dovecot: Replace with SASL proxying version.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
280 return _M;