67 |
67 |
68 return module:fire_event("sasl2/"..session.base_type.."/"..status, { |
68 return module:fire_event("sasl2/"..session.base_type.."/"..status, { |
69 session = session, |
69 session = session, |
70 message = ret; |
70 message = ret; |
71 error = err; |
71 error = err; |
|
72 error_text = err_msg; |
72 }); |
73 }); |
73 end |
74 end |
74 |
75 |
75 module:hook("sasl2/c2s/failure", function (event) |
76 module:hook("sasl2/c2s/failure", function (event) |
|
77 local session, condition, text = event.session, event.message, event.error_text; |
|
78 local failure = st.stanza("failure", { xmlns = xmlns_sasl2 }) |
|
79 :tag(condition):up(); |
|
80 if text then |
|
81 failure:text_tag("text", text); |
|
82 end |
|
83 session.send(failure); |
|
84 return true; |
|
85 end); |
|
86 |
|
87 module:hook("sasl2/c2s/error", function (event) |
76 local session = event.session |
88 local session = event.session |
77 session.send(st.stanza("failure", { xmlns = xmlns_sasl2 }) |
89 session.send(st.stanza("failure", { xmlns = xmlns_sasl2 }) |
78 :tag(event.error.condition)); |
90 :tag(event.error and event.error.condition)); |
79 return true; |
91 return true; |
80 end); |
92 end); |
81 |
93 |
82 module:hook("sasl2/c2s/challenge", function (event) |
94 module:hook("sasl2/c2s/challenge", function (event) |
83 local session = event.session; |
95 local session = event.session; |
118 |
130 |
119 local function process_cdata(session, cdata) |
131 local function process_cdata(session, cdata) |
120 if cdata then |
132 if cdata then |
121 cdata = base64.decode(cdata); |
133 cdata = base64.decode(cdata); |
122 if not cdata then |
134 if not cdata then |
123 return handle_status(session, "failure"); |
135 return handle_status(session, "failure", "incorrect-encoding"); |
124 end |
136 end |
125 end |
137 end |
126 return handle_status(session, session.sasl_handler:process(cdata)); |
138 return handle_status(session, session.sasl_handler:process(cdata)); |
127 end |
139 end |
128 |
140 |
132 sasl_handler = usermanager_get_sasl_handler(host, session); |
144 sasl_handler = usermanager_get_sasl_handler(host, session); |
133 session.sasl_handler = sasl_handler; |
145 session.sasl_handler = sasl_handler; |
134 end |
146 end |
135 local mechanism = assert(auth.attr.mechanism); |
147 local mechanism = assert(auth.attr.mechanism); |
136 if not sasl_handler:select(mechanism) then |
148 if not sasl_handler:select(mechanism) then |
137 return handle_status(session, "failure"); |
149 return handle_status(session, "failure", "invalid-mechanism"); |
138 end |
150 end |
139 local initial = auth:get_child_text("initial-response"); |
151 local initial = auth:get_child_text("initial-response"); |
140 return process_cdata(session, initial); |
152 return process_cdata(session, initial); |
141 end); |
153 end); |
142 |
154 |
143 module:hook_tag(xmlns_sasl2, "response", function (session, response) |
155 module:hook_tag(xmlns_sasl2, "response", function (session, response) |
144 local sasl_handler = session.sasl_handler; |
156 local sasl_handler = session.sasl_handler; |
145 if not sasl_handler or not sasl_handler.selected then |
157 if not sasl_handler or not sasl_handler.selected then |
146 return handle_status(session, "failure"); |
158 return handle_status(session, "failure", "invalid-mechanism"); |
147 end |
159 end |
148 return process_cdata(session, response:get_text()); |
160 return process_cdata(session, response:get_text()); |
149 end); |
161 end); |