equal
deleted
inserted
replaced
14 local set = require "util.set"; |
14 local set = require "util.set"; |
15 |
15 |
16 local usermanager_get_sasl_handler = require "core.usermanager".get_sasl_handler; |
16 local usermanager_get_sasl_handler = require "core.usermanager".get_sasl_handler; |
17 local sm_make_authenticated = require "core.sessionmanager".make_authenticated; |
17 local sm_make_authenticated = require "core.sessionmanager".make_authenticated; |
18 |
18 |
19 local xmlns_sasl2 = "urn:xmpp:sasl:1"; |
19 local xmlns_sasl2 = "urn:xmpp:sasl:2"; |
20 |
20 |
21 local allow_unencrypted_plain_auth = module:get_option_boolean("allow_unencrypted_plain_auth", false) |
21 local allow_unencrypted_plain_auth = module:get_option_boolean("allow_unencrypted_plain_auth", false) |
22 local insecure_mechanisms = module:get_option_set("insecure_sasl_mechanisms", allow_unencrypted_plain_auth and {} or {"PLAIN", "LOGIN"}); |
22 local insecure_mechanisms = module:get_option_set("insecure_sasl_mechanisms", allow_unencrypted_plain_auth and {} or {"PLAIN", "LOGIN"}); |
23 local disabled_mechanisms = module:get_option_set("disable_sasl_mechanisms", { "DIGEST-MD5" }); |
23 local disabled_mechanisms = module:get_option_set("disable_sasl_mechanisms", { "DIGEST-MD5" }); |
24 |
24 |
76 else |
76 else |
77 log("debug", "Channel binding not supported by SASL handler"); |
77 log("debug", "Channel binding not supported by SASL handler"); |
78 end |
78 end |
79 end |
79 end |
80 |
80 |
81 local mechanisms = st.stanza("mechanisms", { xmlns = xmlns_sasl2 }); |
81 local mechanisms = st.stanza("authentication", { xmlns = xmlns_sasl2 }); |
82 |
82 |
83 local available_mechanisms = sasl_handler:mechanisms() |
83 local available_mechanisms = sasl_handler:mechanisms() |
84 for mechanism in pairs(available_mechanisms) do |
84 for mechanism in pairs(available_mechanisms) do |
85 if disabled_mechanisms:contains(mechanism) then |
85 if disabled_mechanisms:contains(mechanism) then |
86 log("debug", "Not offering disabled mechanism %s", mechanism); |
86 log("debug", "Not offering disabled mechanism %s", mechanism); |