15 local saslprep = require "util.encodings".stringprep.saslprep; |
15 local saslprep = require "util.encodings".stringprep.saslprep; |
16 local log = require "util.logger".init("sasl"); |
16 local log = require "util.logger".init("sasl"); |
17 |
17 |
18 module "plain" |
18 module "plain" |
19 |
19 |
20 --========================= |
20 -- ================================ |
21 --SASL PLAIN according to RFC 4616 |
21 -- SASL PLAIN according to RFC 4616 |
22 local function plain(self, message) |
22 local function plain(self, message) |
23 local response = message |
23 if not message then |
24 |
|
25 local authorization, authentication, password; |
|
26 if response then |
|
27 authorization = s_match(response, "([^%z]+)") |
|
28 authentication = s_match(response, "%z([^%z]+)%z") |
|
29 password = s_match(response, "%z[^%z]+%z([^%z]+)") |
|
30 end |
|
31 |
|
32 if authentication == nil or password == nil then |
|
33 return "failure", "malformed-request"; |
24 return "failure", "malformed-request"; |
34 end |
25 end |
35 |
26 |
|
27 local authorization, authentication, password = s_match(message, "^([^%z]+)%z([^%z]+)%z([^%z]+)"); |
|
28 |
|
29 if not authorization then |
|
30 return "failure", "malformed-request"; |
|
31 end |
|
32 |
36 -- SASLprep password and authentication |
33 -- SASLprep password and authentication |
37 authentication = saslprep(authentication); |
34 authentication = saslprep(authentication); |
38 password = saslprep(password); |
35 password = saslprep(password); |
39 |
36 |
40 if (not password) or (password == "") or (not authentication) or (authentication == "") then |
37 if (not password) or (password == "") or (not authentication) or (authentication == "") then |
41 log("debug", "Username or password violates SASLprep."); |
38 log("debug", "Username or password violates SASLprep."); |
42 return "failure", "malformed-request", "Invalid username or password."; |
39 return "failure", "malformed-request", "Invalid username or password."; |
43 end |
40 end |
44 |
41 |