Mercurial > prosody-modules
comparison mod_auth_dovecot/auth_dovecot/mod_auth_dovecot.lua @ 474:942738953ff3
mod_auth_dovecot: Replace with SASL proxying version.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Thu, 10 Nov 2011 11:24:31 +0100 |
| parents | |
| children | 0c130c45b7c1 |
comparison
equal
deleted
inserted
replaced
| 473:99b246b37809 | 474:942738953ff3 |
|---|---|
| 1 -- Dovecot authentication backend for Prosody | |
| 2 -- | |
| 3 -- Copyright (C) 2010-2011 Waqas Hussain | |
| 4 -- Copyright (C) 2011 Kim Alvefur | |
| 5 -- | |
| 6 | |
| 7 local name = "Dovecot SASL"; | |
| 8 local log = require "util.logger".init("auth_dovecot"); | |
| 9 | |
| 10 local socket_path = module:get_option_string("dovecot_auth_socket", "/var/run/dovecot/auth-login"); | |
| 11 local socket_host = module:get_option_string("dovecot_auth_host", "127.0.0.1"); | |
| 12 local socket_port = module:get_option_string("dovecot_auth_port"); | |
| 13 | |
| 14 local service_realm = module:get_option("realm"); | |
| 15 local service_name = module:get_option("service_name"); | |
| 16 local append_host = module:get_option_boolean("auth_append_host"); | |
| 17 local validate_domain = module:get_option_boolean("validate_append_host"); | |
| 18 local handle_appended = module:get_option_string("handle_appended"); | |
| 19 local util_sasl_new = require "util.sasl".new; | |
| 20 | |
| 21 local new_dovecot_sasl = module:require "sasl_dovecot".new; | |
| 22 | |
| 23 local new_sasl = function(realm) | |
| 24 return new_dovecot_sasl( | |
| 25 service_realm or realm, | |
| 26 service_name or "xmpp", | |
| 27 | |
| 28 socket_port and { socket_path, socket_port } or socket_path, | |
| 29 | |
| 30 { --config | |
| 31 handle_domain = handle_appended or | |
| 32 (append_host and "split" or "escape"), | |
| 33 validate_domain = validate_domain, | |
| 34 } | |
| 35 ); | |
| 36 end | |
| 37 | |
| 38 do | |
| 39 local s = new_sasl(module.host) | |
| 40 assert(s, "Could not create a new SASL object"); | |
| 41 assert(s.mechanisms, "SASL object has no mechanims method"); | |
| 42 local m, _m = {}, s:mechanisms(); | |
| 43 assert(not append_host or _m.PLAIN, "auth_append_host requires PLAIN, but it is unavailable"); | |
| 44 for k in pairs(_m) do | |
| 45 table.insert(m, k); | |
| 46 end | |
| 47 log("debug", "Mechanims found: %s", table.concat(m, ", ")); | |
| 48 end | |
| 49 | |
| 50 provider = { | |
| 51 name = module.name:gsub("^auth_",""); | |
| 52 }; | |
| 53 | |
| 54 function provider.test_password(username, password) | |
| 55 return new_sasl(module.host):plain_test(username, password); | |
| 56 end | |
| 57 | |
| 58 if append_host then | |
| 59 new_sasl = function(realm) | |
| 60 return util_sasl_new(realm, { | |
| 61 plain_test = function(sasl, username, password, realm) | |
| 62 local prepped_username = nodeprep(username); | |
| 63 if not prepped_username then | |
| 64 log("debug", "NODEprep failed on username: %s", username); | |
| 65 return "", nil; | |
| 66 end | |
| 67 prepped_username = prepped_username .. "@" .. module.host; | |
| 68 return provider.test_password(prepped_username, password), true; | |
| 69 end, | |
| 70 }); | |
| 71 end | |
| 72 end | |
| 73 | |
| 74 function provider.get_password(username) | |
| 75 return nil, "Passwords unavailable for "..name; | |
| 76 end | |
| 77 | |
| 78 function provider.set_password(username, password) | |
| 79 return nil, "Passwords unavailable for "..name; | |
| 80 end | |
| 81 | |
| 82 function provider.user_exists(username) | |
| 83 local user_test = new_sasl(module.host); | |
| 84 user_test:select("PLAIN"); | |
| 85 user_test:process(("\0%s\0"):format(username)); | |
| 86 return user_test.username == username; | |
| 87 end | |
| 88 | |
| 89 function provider.create_user(username, password) | |
| 90 return nil, "Account creation/modification not available with "..name; | |
| 91 end | |
| 92 | |
| 93 function provider.get_sasl_handler() | |
| 94 return new_sasl(module.host); | |
| 95 end | |
| 96 | |
| 97 module:add_item("auth-provider", provider); | |
| 98 |