Mercurial > prosody-modules
annotate mod_sasl2/mod_sasl2.lua @ 4537:53ee391ca689
mod_smacks: Fix traceback due to session being destroyed in send()
Sending something can cause the OS to notice that the connection is dead
and then the connection can be dead at this point. More likely if
opportunistic_writes is enabled.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Thu, 01 Apr 2021 11:35:26 +0200 |
| parents | 5ae2e865eea0 |
| children | 9d57aa79c5d9 |
| rev | line source |
|---|---|
|
3905
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
1 -- Prosody IM |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
2 -- Copyright (C) 2019 Kim Alvefur |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
3 -- |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
4 -- This project is MIT/X11 licensed. Please see the |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
5 -- COPYING file in the source package for more information. |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
6 -- |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
7 -- XEP-0388: Extensible SASL Profile |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
8 -- |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
9 |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
10 local st = require "util.stanza"; |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
11 local errors = require "util.error"; |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
12 local base64 = require "util.encodings".base64; |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
13 local jid_join = require "util.jid".join; |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
14 |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
15 local usermanager_get_sasl_handler = require "core.usermanager".get_sasl_handler; |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
16 local sm_make_authenticated = require "core.sessionmanager".make_authenticated; |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
17 |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
18 local xmlns_sasl2 = "urn:xmpp:sasl:1"; |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
19 |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
20 local allow_unencrypted_plain_auth = module:get_option_boolean("allow_unencrypted_plain_auth", false) |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
21 local insecure_mechanisms = module:get_option_set("insecure_sasl_mechanisms", allow_unencrypted_plain_auth and {} or {"PLAIN", "LOGIN"}); |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
22 local disabled_mechanisms = module:get_option_set("disable_sasl_mechanisms", { "DIGEST-MD5" }); |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
23 |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
24 local host = module.host; |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
25 |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
26 local function tls_unique(self) |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
27 return self.userdata["tls-unique"]:getpeerfinished(); |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
28 end |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
29 |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
30 module:hook("stream-features", function(event) |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
31 local origin, features = event.origin, event.features; |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
32 local log = origin.log or module._log; |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
33 |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
34 if origin.type ~= "c2s_unauthed" then |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
35 log("debug", "Already authenticated"); |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
36 return |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
37 end |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
38 |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
39 local sasl_handler = usermanager_get_sasl_handler(host, origin) |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
40 origin.sasl_handler = sasl_handler; |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
41 |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
42 if sasl_handler.add_cb_handler then |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
43 local socket = origin.conn:socket(); |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
44 if socket.getpeerfinished then |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
45 sasl_handler:add_cb_handler("tls-unique", tls_unique); |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
46 end |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
47 sasl_handler["userdata"] = { |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
48 ["tls-unique"] = socket; |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
49 }; |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
50 end |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
51 |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
52 local mechanisms = st.stanza("mechanisms", { xmlns = xmlns_sasl2 }); |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
53 |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
54 local available_mechanisms = sasl_handler:mechanisms() |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
55 for mechanism in pairs(available_mechanisms) do |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
56 if disabled_mechanisms:contains(mechanism) then |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
57 log("debug", "Not offering disabled mechanism %s", mechanism); |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
58 elseif not origin.secure and insecure_mechanisms:contains(mechanism) then |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
59 log("debug", "Not offering mechanism %s on insecure connection", mechanism); |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
60 else |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
61 log("debug", "Offering mechanism %s", mechanism); |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
62 mechanisms:text_tag("mechanism", mechanism); |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
63 end |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
64 end |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
65 |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
66 features:add_direct_child(mechanisms); |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
67 end, 1); |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
68 |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
69 local function handle_status(session, status, ret, err_msg) |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
70 local err = nil; |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
71 if status == "error" then |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
72 ret, err = nil, ret; |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
73 if not errors.is_err(err) then |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
74 err = errors.new({ condition = err, text = err_msg }, { session = session }); |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
75 end |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
76 end |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
77 |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
78 module:fire_event("sasl2/"..session.base_type.."/"..status, { |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
79 session = session, |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
80 message = ret; |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
81 error = err; |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
82 }); |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
83 end |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
84 |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
85 module:hook("sasl2/c2s/failure", function (event) |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
86 local session = event.session |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
87 session.send(st.stanza("failure", { xmlns = xmlns_sasl2 }) |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
88 :tag(event.error.condition)); |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
89 return true; |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
90 end); |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
91 |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
92 module:hook("sasl2/c2s/challenge", function (event) |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
93 local session = event.session; |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
94 session.send(st.stanza("challenge", { xmlns = xmlns_sasl2 }) |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
95 :text_tag(event.message)); |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
96 end); |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
97 |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
98 module:hook("sasl2/c2s/success", function (event) |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
99 local session = event.session |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
100 local ok, err = sm_make_authenticated(session, session.sasl_handler.username); |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
101 if not ok then |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
102 handle_status(session, "failure", err); |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
103 return true; |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
104 end |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
105 event.success = st.stanza("success", { xmlns = xmlns_sasl2 }); |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
106 end, 1000); |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
107 |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
108 module:hook("sasl2/c2s/success", function (event) |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
109 local session = event.session |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
110 event.success:text_tag("authorization-identifier", jid_join(session.username, session.host, session.resource)); |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
111 session.send(event.success); |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
112 local features = st.stanza("stream:features"); |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
113 module:fire_event("stream-features", { origin = session, features = features }); |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
114 session.send(features); |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
115 end, -1000); |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
116 |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
117 local function process_cdata(session, cdata) |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
118 if cdata then |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
119 cdata = base64.decode(cdata); |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
120 if not cdata then |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
121 return handle_status(session, "failure"); |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
122 end |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
123 end |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
124 return handle_status(session, session.sasl_handler:process(cdata)); |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
125 end |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
126 |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
127 module:hook_tag(xmlns_sasl2, "authenticate", function (session, auth) |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
128 local sasl_handler = session.sasl_handler; |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
129 if not sasl_handler then |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
130 sasl_handler = usermanager_get_sasl_handler(host, session); |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
131 session.sasl_handler = sasl_handler; |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
132 end |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
133 local mechanism = assert(auth.attr.mechanism); |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
134 if not sasl_handler:select(mechanism) then |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
135 return handle_status(session, "failure"); |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
136 end |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
137 local initial = auth:get_child_text("initial-response"); |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
138 return process_cdata(session, initial); |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
139 end); |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
140 |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
141 module:hook_tag(xmlns_sasl2, "response", function (session, response) |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
142 local sasl_handler = session.sasl_handler; |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
143 if not sasl_handler or not sasl_handler.selected then |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
144 return handle_status(session, "failure"); |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
145 end |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
146 return process_cdata(session, response:get_text()); |
|
5ae2e865eea0
mod_sasl2: Experimental implementation of XEP-0388
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
147 end); |