Mercurial > prosody-modules
changeset 5925:32d1abb89dfe
mod_rest: Reject password that fails saslprep earlier (thanks tgy)
Prevents an error later if/when passing the password through saslprep a
second time in the authentication module, since the prep functions now
reject nil
The error reporting could be improved but that would involve adding a
way to pass errors back out of the check_credentials() function.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Thu, 04 Jul 2024 16:06:32 +0200 |
| parents | 2b80188448d1 |
| children | 9bcc26406b47 |
| files | mod_rest/mod_rest.lua |
| diffstat | 1 files changed, 1 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/mod_rest/mod_rest.lua Wed Jun 19 16:54:52 2024 +0100 +++ b/mod_rest/mod_rest.lua Thu Jul 04 16:06:32 2024 +0200 @@ -46,7 +46,7 @@ local username, password = string.match(creds, "^([^:]+):(.*)$"); if not username then return false; end username, password = encodings.stringprep.nodeprep(username), encodings.stringprep.saslprep(password); - if not username then return false; end + if not username or not password then return false; end if not um.test_password(username, module.host, password) then return false; end