--- a/mod_sasl2/mod_sasl2.lua Sun Aug 28 17:30:52 2022 +0100
+++ b/mod_sasl2/mod_sasl2.lua Mon Aug 29 16:35:19 2022 +0100
@@ -69,13 +69,25 @@
session = session,
message = ret;
error = err;
+ error_text = err_msg;
});
end
module:hook("sasl2/c2s/failure", function (event)
+ local session, condition, text = event.session, event.message, event.error_text;
+ local failure = st.stanza("failure", { xmlns = xmlns_sasl2 })
+ :tag(condition):up();
+ if text then
+ failure:text_tag("text", text);
+ end
+ session.send(failure);
+ return true;
+end);
+
+module:hook("sasl2/c2s/error", function (event)
local session = event.session
session.send(st.stanza("failure", { xmlns = xmlns_sasl2 })
- :tag(event.error.condition));
+ :tag(event.error and event.error.condition));
return true;
end);
@@ -120,7 +132,7 @@
if cdata then
cdata = base64.decode(cdata);
if not cdata then
- return handle_status(session, "failure");
+ return handle_status(session, "failure", "incorrect-encoding");
end
end
return handle_status(session, session.sasl_handler:process(cdata));
@@ -134,7 +146,7 @@
end
local mechanism = assert(auth.attr.mechanism);
if not sasl_handler:select(mechanism) then
- return handle_status(session, "failure");
+ return handle_status(session, "failure", "invalid-mechanism");
end
local initial = auth:get_child_text("initial-response");
return process_cdata(session, initial);
@@ -143,7 +155,7 @@
module:hook_tag(xmlns_sasl2, "response", function (session, response)
local sasl_handler = session.sasl_handler;
if not sasl_handler or not sasl_handler.selected then
- return handle_status(session, "failure");
+ return handle_status(session, "failure", "invalid-mechanism");
end
return process_cdata(session, response:get_text());
end);