--- a/mod_auth_ldap/mod_auth_ldap.lua Thu Dec 23 21:16:31 2010 +0100
+++ b/mod_auth_ldap/mod_auth_ldap.lua Thu Dec 23 20:48:24 2010 +0000
@@ -1,57 +1,57 @@
-
-local new_sasl = require "util.sasl".new;
-local nodeprep = require "util.encodings".stringprep.nodeprep;
-local log = require "util.logger".init("auth_ldap");
-
-local ldap_server = module:get_option("ldap_server") or "localhost";
-local ldap_rootdn = module:get_option("ldap_rootdn") or "";
-local ldap_password = module:get_option("ldap_password") or "";
-local ldap_tls = module:get_option("ldap_tls");
-local ldap_base = assert(module:get_option("ldap_base"), "ldap_base is a required option for ldap");
-
-local lualdap = require "lualdap";
-local ld = assert(lualdap.open_simple(ldap_server, ldap_rootdn, ldap_password, ldap_tls));
-module.unload = function() ld:close(); end
-
-function do_query(query)
- for dn, attribs in ld:search(query) do
- return true; -- found a result
- end
-end
-
-local provider = { name = "ldap" };
-
-local function ldap_filter_escape(s) return (s:gsub("[\\*\\(\\)\\\\%z]", function(c) return ("\\%02x"):format(c:byte()) end)); end
-function provider.test_password(username, password)
- return do_query({
- base = ldap_base;
- filter = "(&(uid="..ldap_filter_escape(username)..")(userPassword="..ldap_filter_escape(password)..")(accountStatus=active))";
- });
-end
-function provider.user_exists(username)
- return do_query({
- base = ldap_base;
- filter = "(uid="..ldap_filter_escape(username)..")";
- });
-end
-
-function provider.get_password(username) return nil, "Passwords unavailable for LDAP."; end
-function provider.set_password(username, password) return nil, "Passwords unavailable for LDAP."; end
-function provider.create_user(username, password) return nil, "Account creation/modification not available with LDAP."; end
-
-function provider.get_sasl_handler()
- local realm = module:get_option("sasl_realm") or module.host;
- local testpass_authentication_profile = {
- plain_test = function(username, password, realm)
- local prepped_username = nodeprep(username);
- if not prepped_username then
- log("debug", "NODEprep failed on username: %s", username);
- return "", nil;
- end
- return provider.test_password(prepped_username, password), true;
- end
- };
- return new_sasl(realm, testpass_authentication_profile);
-end
-
-module:add_item("auth-provider", provider);
+
+local new_sasl = require "util.sasl".new;
+local nodeprep = require "util.encodings".stringprep.nodeprep;
+local log = require "util.logger".init("auth_ldap");
+
+local ldap_server = module:get_option("ldap_server") or "localhost";
+local ldap_rootdn = module:get_option("ldap_rootdn") or "";
+local ldap_password = module:get_option("ldap_password") or "";
+local ldap_tls = module:get_option("ldap_tls");
+local ldap_base = assert(module:get_option("ldap_base"), "ldap_base is a required option for ldap");
+
+local lualdap = require "lualdap";
+local ld = assert(lualdap.open_simple(ldap_server, ldap_rootdn, ldap_password, ldap_tls));
+module.unload = function() ld:close(); end
+
+function do_query(query)
+ for dn, attribs in ld:search(query) do
+ return true; -- found a result
+ end
+end
+
+local provider = { name = "ldap" };
+
+local function ldap_filter_escape(s) return (s:gsub("[\\*\\(\\)\\\\%z]", function(c) return ("\\%02x"):format(c:byte()) end)); end
+function provider.test_password(username, password)
+ return do_query({
+ base = ldap_base;
+ filter = "(&(uid="..ldap_filter_escape(username)..")(userPassword="..ldap_filter_escape(password)..")(accountStatus=active))";
+ });
+end
+function provider.user_exists(username)
+ return do_query({
+ base = ldap_base;
+ filter = "(uid="..ldap_filter_escape(username)..")";
+ });
+end
+
+function provider.get_password(username) return nil, "Passwords unavailable for LDAP."; end
+function provider.set_password(username, password) return nil, "Passwords unavailable for LDAP."; end
+function provider.create_user(username, password) return nil, "Account creation/modification not available with LDAP."; end
+
+function provider.get_sasl_handler()
+ local realm = module:get_option("sasl_realm") or module.host;
+ local testpass_authentication_profile = {
+ plain_test = function(username, password, realm)
+ local prepped_username = nodeprep(username);
+ if not prepped_username then
+ log("debug", "NODEprep failed on username: %s", username);
+ return "", nil;
+ end
+ return provider.test_password(prepped_username, password), true;
+ end
+ };
+ return new_sasl(realm, testpass_authentication_profile);
+end
+
+module:add_item("auth-provider", provider);