Mercurial > prosody-modules

annotate mod_auth_dovecot/mod_auth_dovecot.lua @ 311:f663ea45436f

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_auth_dovecot: Only check Dovecot major version. Bump log level from 'warn' to 'error'. (thanks Adrien Clerc)
author Matthew Wild <mwild1@gmail.com>
date Sat, 08 Jan 2011 17:08:20 +0000
parents b3bcd1913c85
children 31deafcbf623
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
261
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1 -- Dovecot authentication backend for Prosody
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
2 --
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
3 -- Copyright (C) 2010 Javier Torres
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
4 -- Copyright (C) 2008-2010 Matthew Wild
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
5 -- Copyright (C) 2008-2010 Waqas Hussain
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
6 --
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
7
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
8 local socket_unix = require "socket.unix";
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
9 local datamanager = require "util.datamanager";
270
853ae6ae87bf mod_auth_dovecot: Use correct module name for logger
Javier Torres <javitonino@gmail.com>
parents: 269
diff changeset
10 local log = require "util.logger".init("auth_dovecot");
261
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
11 local new_sasl = require "util.sasl".new;
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
12 local nodeprep = require "util.encodings".stringprep.nodeprep;
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
13 local base64 = require "util.encodings".base64;
267
76f3310ec113 mod_auth_dovecot: Use PID in handshake
Javier Torres <javitonino@gmail.com>
parents: 261
diff changeset
14 local pposix = require "util.pposix";
261
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
15
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
16 local prosody = _G.prosody;
271
05ea4abb664d mod_auth_dovecot: Load dovecot socket path form config
Javier Torres <javitonino@gmail.com>
parents: 270
diff changeset
17 local socket_path = module:get_option_string("dovecot_auth_socket", "/var/run/dovecot/auth-login");
261
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
18
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
19 function new_default_provider(host)
310
b3bcd1913c85 mod_auth_dovecot: Switch to using upvalue 'conn' instead of provider.c throughout (thanks Adrien Clerc)
Matthew Wild <mwild1@gmail.com>
parents: 305
diff changeset
20 local provider = { name = "dovecot", request_id = 0 };
261
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
21 log("debug", "initializing dovecot authentication provider for host '%s'", host);
268
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
22
310
b3bcd1913c85 mod_auth_dovecot: Switch to using upvalue 'conn' instead of provider.c throughout (thanks Adrien Clerc)
Matthew Wild <mwild1@gmail.com>
parents: 305
diff changeset
23 local conn;
b3bcd1913c85 mod_auth_dovecot: Switch to using upvalue 'conn' instead of provider.c throughout (thanks Adrien Clerc)
Matthew Wild <mwild1@gmail.com>
parents: 305
diff changeset
24
269
74846ec9c29f mod_auth_dovecot: Close socket on error
Javier Torres <javitonino@gmail.com>
parents: 268
diff changeset
25 -- Closes the socket
74846ec9c29f mod_auth_dovecot: Close socket on error
Javier Torres <javitonino@gmail.com>
parents: 268
diff changeset
26 function provider.close(self)
310
b3bcd1913c85 mod_auth_dovecot: Switch to using upvalue 'conn' instead of provider.c throughout (thanks Adrien Clerc)
Matthew Wild <mwild1@gmail.com>
parents: 305
diff changeset
27 if conn then
b3bcd1913c85 mod_auth_dovecot: Switch to using upvalue 'conn' instead of provider.c throughout (thanks Adrien Clerc)
Matthew Wild <mwild1@gmail.com>
parents: 305
diff changeset
28 conn:close();
b3bcd1913c85 mod_auth_dovecot: Switch to using upvalue 'conn' instead of provider.c throughout (thanks Adrien Clerc)
Matthew Wild <mwild1@gmail.com>
parents: 305
diff changeset
29 conn = nil;
269
74846ec9c29f mod_auth_dovecot: Close socket on error
Javier Torres <javitonino@gmail.com>
parents: 268
diff changeset
30 end
74846ec9c29f mod_auth_dovecot: Close socket on error
Javier Torres <javitonino@gmail.com>
parents: 268
diff changeset
31 end
74846ec9c29f mod_auth_dovecot: Close socket on error
Javier Torres <javitonino@gmail.com>
parents: 268
diff changeset
32
268
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
33 -- The following connects to a new socket and send the handshake
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
34 function provider.connect(self)
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
35 -- Destroy old socket
269
74846ec9c29f mod_auth_dovecot: Close socket on error
Javier Torres <javitonino@gmail.com>
parents: 268
diff changeset
36 provider:close();
261
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
37
310
b3bcd1913c85 mod_auth_dovecot: Switch to using upvalue 'conn' instead of provider.c throughout (thanks Adrien Clerc)
Matthew Wild <mwild1@gmail.com>
parents: 305
diff changeset
38 conn = socket.unix();
261
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
39
268
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
40 -- Create a connection to dovecot socket
273
8d283ae7f29d mod_auth_dovecot: More debug messages
Javier Torres <javitonino@gmail.com>
parents: 272
diff changeset
41 log("debug", "connecting to dovecot socket at '%s'", socket_path);
310
b3bcd1913c85 mod_auth_dovecot: Switch to using upvalue 'conn' instead of provider.c throughout (thanks Adrien Clerc)
Matthew Wild <mwild1@gmail.com>
parents: 305
diff changeset
42 local r, e = conn:connect(socket_path);
268
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
43 if (not r) then
271
05ea4abb664d mod_auth_dovecot: Load dovecot socket path form config
Javier Torres <javitonino@gmail.com>
parents: 270
diff changeset
44 log("warn", "error connecting to dovecot socket at '%s'. error was '%s'. check permissions", socket_path, e);
269
74846ec9c29f mod_auth_dovecot: Close socket on error
Javier Torres <javitonino@gmail.com>
parents: 268
diff changeset
45 provider:close();
268
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
46 return false;
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
47 end
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
48
261
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
49 -- Send our handshake
268
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
50 local pid = pposix.getpid();
273
8d283ae7f29d mod_auth_dovecot: More debug messages
Javier Torres <javitonino@gmail.com>
parents: 272
diff changeset
51 log("debug", "sending handshake to dovecot. version 1.1, cpid '%d'", pid);
268
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
52 if not provider:send("VERSION\t1\t1\n") then
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
53 return false
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
54 end
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
55 if (not provider:send("CPID\t" .. pid .. "\n")) then
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
56 return false
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
57 end
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
58
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
59 -- Parse Dovecot's handshake
261
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
60 local done = false;
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
61 while (not done) do
268
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
62 local l = provider:receive();
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
63 if (not l) then
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
64 return false;
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
65 end
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
66
273
8d283ae7f29d mod_auth_dovecot: More debug messages
Javier Torres <javitonino@gmail.com>
parents: 272
diff changeset
67 log("debug", "dovecot handshake: '%s'", l);
261
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
68 parts = string.gmatch(l, "[^\t]+");
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
69 first = parts();
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
70 if (first == "VERSION") then
268
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
71 -- Version should be 1.1
311
f663ea45436f mod_auth_dovecot: Only check Dovecot major version. Bump log level from 'warn' to 'error'. (thanks Adrien Clerc)
Matthew Wild <mwild1@gmail.com>
parents: 310
diff changeset
72 local major_version = parts();
268
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
73
311
f663ea45436f mod_auth_dovecot: Only check Dovecot major version. Bump log level from 'warn' to 'error'. (thanks Adrien Clerc)
Matthew Wild <mwild1@gmail.com>
parents: 310
diff changeset
74 if major_version ~= "1" then
f663ea45436f mod_auth_dovecot: Only check Dovecot major version. Bump log level from 'warn' to 'error'. (thanks Adrien Clerc)
Matthew Wild <mwild1@gmail.com>
parents: 310
diff changeset
75 log("error", "dovecot server version is not 1.x. it is %s.x", major_version);
269
74846ec9c29f mod_auth_dovecot: Close socket on error
Javier Torres <javitonino@gmail.com>
parents: 268
diff changeset
76 provider:close();
268
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
77 return false;
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
78 end
261
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
79 elseif (first == "MECH") then
268
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
80 -- Mechanisms should include PLAIN
261
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
81 local ok = false;
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
82 for p in parts do
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
83 if p == "PLAIN" then
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
84 ok = true;
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
85 end
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
86 end
268
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
87 if (not ok) then
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
88 log("warn", "server doesn't support PLAIN mechanism. It supports '%s'", l);
269
74846ec9c29f mod_auth_dovecot: Close socket on error
Javier Torres <javitonino@gmail.com>
parents: 268
diff changeset
89 provider:close();
268
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
90 return false;
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
91 end
261
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
92 elseif (first == "DONE") then
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
93 done = true;
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
94 end
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
95 end
268
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
96 return true;
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
97 end
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
98
269
74846ec9c29f mod_auth_dovecot: Close socket on error
Javier Torres <javitonino@gmail.com>
parents: 268
diff changeset
99 -- Wrapper for send(). Handles errors
268
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
100 function provider.send(self, data)
310
b3bcd1913c85 mod_auth_dovecot: Switch to using upvalue 'conn' instead of provider.c throughout (thanks Adrien Clerc)
Matthew Wild <mwild1@gmail.com>
parents: 305
diff changeset
101 local r, e = conn:send(data);
268
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
102 if (not r) then
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
103 log("warn", "error sending '%s' to dovecot. error was '%s'", data, e);
269
74846ec9c29f mod_auth_dovecot: Close socket on error
Javier Torres <javitonino@gmail.com>
parents: 268
diff changeset
104 provider:close();
268
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
105 return false;
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
106 end
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
107 return true;
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
108 end
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
109
269
74846ec9c29f mod_auth_dovecot: Close socket on error
Javier Torres <javitonino@gmail.com>
parents: 268
diff changeset
110 -- Wrapper for receive(). Handles errors
268
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
111 function provider.receive(self)
310
b3bcd1913c85 mod_auth_dovecot: Switch to using upvalue 'conn' instead of provider.c throughout (thanks Adrien Clerc)
Matthew Wild <mwild1@gmail.com>
parents: 305
diff changeset
112 local r, e = conn:receive();
268
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
113 if (not r) then
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
114 log("warn", "error receiving data from dovecot. error was '%s'", socket, e);
269
74846ec9c29f mod_auth_dovecot: Close socket on error
Javier Torres <javitonino@gmail.com>
parents: 268
diff changeset
115 provider:close();
268
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
116 return false;
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
117 end
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
118 return r;
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
119 end
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
120
274
cda4855863af mod_auth_dovecot: Implement user_exists
Javier Torres <javitonino@gmail.com>
parents: 273
diff changeset
121 function provider.send_auth_request(self, username, password)
310
b3bcd1913c85 mod_auth_dovecot: Switch to using upvalue 'conn' instead of provider.c throughout (thanks Adrien Clerc)
Matthew Wild <mwild1@gmail.com>
parents: 305
diff changeset
122 if not conn then
b3bcd1913c85 mod_auth_dovecot: Switch to using upvalue 'conn' instead of provider.c throughout (thanks Adrien Clerc)
Matthew Wild <mwild1@gmail.com>
parents: 305
diff changeset
123 if not provider:connect() then
269
74846ec9c29f mod_auth_dovecot: Close socket on error
Javier Torres <javitonino@gmail.com>
parents: 268
diff changeset
124 return nil, "Auth failed. Dovecot communications error";
74846ec9c29f mod_auth_dovecot: Close socket on error
Javier Torres <javitonino@gmail.com>
parents: 268
diff changeset
125 end
268
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
126 end
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
127
261
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
128 -- Send auth data
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
129 username = username .. "@" .. module.host; -- FIXME: this is actually a hack for my server
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
130 local b64 = base64.encode(username .. "\0" .. username .. "\0" .. password);
273
8d283ae7f29d mod_auth_dovecot: More debug messages
Javier Torres <javitonino@gmail.com>
parents: 272
diff changeset
131 provider.request_id = provider.request_id + 1 % 4294967296
8d283ae7f29d mod_auth_dovecot: More debug messages
Javier Torres <javitonino@gmail.com>
parents: 272
diff changeset
132
8d283ae7f29d mod_auth_dovecot: More debug messages
Javier Torres <javitonino@gmail.com>
parents: 272
diff changeset
133 local msg = "AUTH\t" .. provider.request_id .. "\tPLAIN\tservice=XMPP\tresp=" .. b64;
8d283ae7f29d mod_auth_dovecot: More debug messages
Javier Torres <javitonino@gmail.com>
parents: 272
diff changeset
134 log("debug", "sending auth request for '%s' with password '%s': '%s'", username, password, msg);
8d283ae7f29d mod_auth_dovecot: More debug messages
Javier Torres <javitonino@gmail.com>
parents: 272
diff changeset
135 if (not provider:send(msg .. "\n")) then
268
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
136 return nil, "Auth failed. Dovecot communications error";
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
137 end
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
138
272
6b35c23664db mod_auth_dovecot: Use sequential (instead of fixed) id for messages
Javier Torres <javitonino@gmail.com>
parents: 271
diff changeset
139
268
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
140 -- Get response
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
141 local l = provider:receive();
273
8d283ae7f29d mod_auth_dovecot: More debug messages
Javier Torres <javitonino@gmail.com>
parents: 272
diff changeset
142 log("debug", "got auth response: '%s'", l);
268
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
143 if (not l) then
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
144 return nil, "Auth failed. Dovecot communications error";
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
145 end
261
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
146 local parts = string.gmatch(l, "[^\t]+");
268
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
147
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
148 -- Check response
273
8d283ae7f29d mod_auth_dovecot: More debug messages
Javier Torres <javitonino@gmail.com>
parents: 272
diff changeset
149 local status = parts();
8d283ae7f29d mod_auth_dovecot: More debug messages
Javier Torres <javitonino@gmail.com>
parents: 272
diff changeset
150 local resp_id = tonumber(parts());
274
cda4855863af mod_auth_dovecot: Implement user_exists
Javier Torres <javitonino@gmail.com>
parents: 273
diff changeset
151
273
8d283ae7f29d mod_auth_dovecot: More debug messages
Javier Torres <javitonino@gmail.com>
parents: 272
diff changeset
152 if (resp_id ~= provider.request_id) then
8d283ae7f29d mod_auth_dovecot: More debug messages
Javier Torres <javitonino@gmail.com>
parents: 272
diff changeset
153 log("warn", "dovecot response_id(%s) doesn't match request_id(%s)", resp_id, provider.request_id);
8d283ae7f29d mod_auth_dovecot: More debug messages
Javier Torres <javitonino@gmail.com>
parents: 272
diff changeset
154 provider:close();
8d283ae7f29d mod_auth_dovecot: More debug messages
Javier Torres <javitonino@gmail.com>
parents: 272
diff changeset
155 return nil, "Auth failed. Dovecot communications error";
8d283ae7f29d mod_auth_dovecot: More debug messages
Javier Torres <javitonino@gmail.com>
parents: 272
diff changeset
156 end
8d283ae7f29d mod_auth_dovecot: More debug messages
Javier Torres <javitonino@gmail.com>
parents: 272
diff changeset
157
274
cda4855863af mod_auth_dovecot: Implement user_exists
Javier Torres <javitonino@gmail.com>
parents: 273
diff changeset
158 return status, parts;
cda4855863af mod_auth_dovecot: Implement user_exists
Javier Torres <javitonino@gmail.com>
parents: 273
diff changeset
159 end
cda4855863af mod_auth_dovecot: Implement user_exists
Javier Torres <javitonino@gmail.com>
parents: 273
diff changeset
160
cda4855863af mod_auth_dovecot: Implement user_exists
Javier Torres <javitonino@gmail.com>
parents: 273
diff changeset
161 function provider.test_password(username, password)
cda4855863af mod_auth_dovecot: Implement user_exists
Javier Torres <javitonino@gmail.com>
parents: 273
diff changeset
162 log("debug", "test password '%s' for user %s at host %s", password, username, module.host);
cda4855863af mod_auth_dovecot: Implement user_exists
Javier Torres <javitonino@gmail.com>
parents: 273
diff changeset
163
cda4855863af mod_auth_dovecot: Implement user_exists
Javier Torres <javitonino@gmail.com>
parents: 273
diff changeset
164 local status, extra = provider:send_auth_request(username, password);
cda4855863af mod_auth_dovecot: Implement user_exists
Javier Torres <javitonino@gmail.com>
parents: 273
diff changeset
165
273
8d283ae7f29d mod_auth_dovecot: More debug messages
Javier Torres <javitonino@gmail.com>
parents: 272
diff changeset
166 if (status == "OK") then
8d283ae7f29d mod_auth_dovecot: More debug messages
Javier Torres <javitonino@gmail.com>
parents: 272
diff changeset
167 log("info", "login ok for '%s'", username);
261
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
168 return true;
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
169 else
273
8d283ae7f29d mod_auth_dovecot: More debug messages
Javier Torres <javitonino@gmail.com>
parents: 272
diff changeset
170 log("info", "login failed for '%s'", username);
261
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
171 return nil, "Auth failed. Invalid username or password.";
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
172 end
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
173 end
269
74846ec9c29f mod_auth_dovecot: Close socket on error
Javier Torres <javitonino@gmail.com>
parents: 268
diff changeset
174
261
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
175 function provider.get_password(username)
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
176 return nil, "Cannot get_password in dovecot backend.";
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
177 end
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
178
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
179 function provider.set_password(username, password)
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
180 return nil, "Cannot set_password in dovecot backend.";
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
181 end
269
74846ec9c29f mod_auth_dovecot: Close socket on error
Javier Torres <javitonino@gmail.com>
parents: 268
diff changeset
182
261
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
183 function provider.user_exists(username)
274
cda4855863af mod_auth_dovecot: Implement user_exists
Javier Torres <javitonino@gmail.com>
parents: 273
diff changeset
184 log("debug", "user_exists for user %s at host %s", username, module.host);
cda4855863af mod_auth_dovecot: Implement user_exists
Javier Torres <javitonino@gmail.com>
parents: 273
diff changeset
185
cda4855863af mod_auth_dovecot: Implement user_exists
Javier Torres <javitonino@gmail.com>
parents: 273
diff changeset
186 -- Send a request. If the response (FAIL) contains an extra
cda4855863af mod_auth_dovecot: Implement user_exists
Javier Torres <javitonino@gmail.com>
parents: 273
diff changeset
187 -- parameter like user=<username> then it exists.
cda4855863af mod_auth_dovecot: Implement user_exists
Javier Torres <javitonino@gmail.com>
parents: 273
diff changeset
188 local status, extra = provider:send_auth_request(username, "");
cda4855863af mod_auth_dovecot: Implement user_exists
Javier Torres <javitonino@gmail.com>
parents: 273
diff changeset
189
cda4855863af mod_auth_dovecot: Implement user_exists
Javier Torres <javitonino@gmail.com>
parents: 273
diff changeset
190 local param = extra();
cda4855863af mod_auth_dovecot: Implement user_exists
Javier Torres <javitonino@gmail.com>
parents: 273
diff changeset
191 while (param) do
cda4855863af mod_auth_dovecot: Implement user_exists
Javier Torres <javitonino@gmail.com>
parents: 273
diff changeset
192 parts = string.gmatch(param, "[^=]+");
cda4855863af mod_auth_dovecot: Implement user_exists
Javier Torres <javitonino@gmail.com>
parents: 273
diff changeset
193 name = parts();
cda4855863af mod_auth_dovecot: Implement user_exists
Javier Torres <javitonino@gmail.com>
parents: 273
diff changeset
194 value = parts();
cda4855863af mod_auth_dovecot: Implement user_exists
Javier Torres <javitonino@gmail.com>
parents: 273
diff changeset
195 if (name == "user") then
cda4855863af mod_auth_dovecot: Implement user_exists
Javier Torres <javitonino@gmail.com>
parents: 273
diff changeset
196 log("info", "user '%s' exists", username);
cda4855863af mod_auth_dovecot: Implement user_exists
Javier Torres <javitonino@gmail.com>
parents: 273
diff changeset
197 return true;
cda4855863af mod_auth_dovecot: Implement user_exists
Javier Torres <javitonino@gmail.com>
parents: 273
diff changeset
198 end
cda4855863af mod_auth_dovecot: Implement user_exists
Javier Torres <javitonino@gmail.com>
parents: 273
diff changeset
199
cda4855863af mod_auth_dovecot: Implement user_exists
Javier Torres <javitonino@gmail.com>
parents: 273
diff changeset
200 param = extra();
cda4855863af mod_auth_dovecot: Implement user_exists
Javier Torres <javitonino@gmail.com>
parents: 273
diff changeset
201 end
cda4855863af mod_auth_dovecot: Implement user_exists
Javier Torres <javitonino@gmail.com>
parents: 273
diff changeset
202
cda4855863af mod_auth_dovecot: Implement user_exists
Javier Torres <javitonino@gmail.com>
parents: 273
diff changeset
203 log("info", "user '%s' does not exists (or dovecot didn't send user=<username> parameter)", username);
cda4855863af mod_auth_dovecot: Implement user_exists
Javier Torres <javitonino@gmail.com>
parents: 273
diff changeset
204 return false;
261
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
205 end
269
74846ec9c29f mod_auth_dovecot: Close socket on error
Javier Torres <javitonino@gmail.com>
parents: 268
diff changeset
206
261
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
207 function provider.create_user(username, password)
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
208 return nil, "Cannot create_user in dovecot backend.";
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
209 end
269
74846ec9c29f mod_auth_dovecot: Close socket on error
Javier Torres <javitonino@gmail.com>
parents: 268
diff changeset
210
261
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
211 function provider.get_sasl_handler()
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
212 local realm = module:get_option("sasl_realm") or module.host;
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
213 local getpass_authentication_profile = {
305
4c3abf1a9b5a mod_auth_*, mod_saslauth_muc: Update SASL callbacks to take SASL handler as first argument.
Waqas Hussain <waqas20@gmail.com>
parents: 274
diff changeset
214 plain_test = function(sasl, username, password, realm)
268
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
215 local prepped_username = nodeprep(username);
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
216 if not prepped_username then
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
217 log("debug", "NODEprep failed on username: %s", username);
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
218 return "", nil;
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
219 end
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
220 return usermanager.test_password(prepped_username, realm, password), true;
cfcd4efb0fa4 mod_auth_dovecot: Remove asserts (use logger) and refactor socket code
Javier Torres <javitonino@gmail.com>
parents: 267
diff changeset
221 end
269
74846ec9c29f mod_auth_dovecot: Close socket on error
Javier Torres <javitonino@gmail.com>
parents: 268
diff changeset
222 };
74846ec9c29f mod_auth_dovecot: Close socket on error
Javier Torres <javitonino@gmail.com>
parents: 268
diff changeset
223 return new_sasl(realm, getpass_authentication_profile);
74846ec9c29f mod_auth_dovecot: Close socket on error
Javier Torres <javitonino@gmail.com>
parents: 268
diff changeset
224 end
74846ec9c29f mod_auth_dovecot: Close socket on error
Javier Torres <javitonino@gmail.com>
parents: 268
diff changeset
225
74846ec9c29f mod_auth_dovecot: Close socket on error
Javier Torres <javitonino@gmail.com>
parents: 268
diff changeset
226 return provider;
261
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
227 end
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
228
0f46fb2dbc79 mod_auth_dovecot: Initial commit of Dovecot authentication backend by Javier Torres
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
229 module:add_item("auth-provider", new_default_provider(module.host));