--- a/plugins/mod_saslauth.lua Thu Mar 18 01:27:31 2010 +0000
+++ b/plugins/mod_saslauth.lua Thu Mar 18 01:31:37 2010 +0000
@@ -161,10 +161,11 @@
if secure_auth_only and not origin.secure then
return;
end
+ local realm = module:get_option("sasl_realm") or origin.host;
if module:get_option("anonymous_login") then
- origin.sasl_handler = new_sasl(origin.host, anonymous_authentication_profile);
+ origin.sasl_handler = new_sasl(realm, anonymous_authentication_profile);
else
- origin.sasl_handler = new_sasl(origin.host, default_authentication_profile);
+ origin.sasl_handler = new_sasl(realm, default_authentication_profile);
if not (module:get_option("allow_unencrypted_plain_auth")) and not origin.secure then
origin.sasl_handler:forbidden({"PLAIN"});
end
--- a/util/sasl_cyrus.lua Thu Mar 18 01:27:31 2010 +0000
+++ b/util/sasl_cyrus.lua Thu Mar 18 01:31:37 2010 +0000
@@ -53,6 +53,16 @@
sasl_i.realm = realm;
sasl_i.service_name = service_name;
sasl_i.cyrus = cyrussasl.server_new(service_name, nil, realm, nil, nil)
+
+ if cyrussasl.set_canon_cb then
+ local c14n_cb = function (user)
+ local node = s_match(user, "^([^@]+)");
+ log("debug", "Canonicalizing username %s to %s", user, node)
+ return node
+ end
+ cyrussasl.set_canon_cb(sasl_i.cyrus, c14n_cb);
+ end
+
if sasl_i.cyrus == 0 then
log("error", "got NULL return value from server_new")
return nil;