mirrors/prosody
1
0
Fork 0
mirror of https://github.com/bjc/prosody.git synced 2025-04-04 21:57:45 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

mod_saslauth: Don't print raw SASL data to avoid logging passwords unnecessarily

Browse source
This commit is contained in:
Matthew Wild 2010-02-13 19:35:12 +00:00
parent dfab166079
commit 88c9871069
1 changed files with 3 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

6
plugins/mod_saslauth.lua
View file

@ -69,13 +69,13 @@ local anonymous_authentication_profile = {
local function build_reply(status, ret, err_msg)
local reply = st.stanza(status, {xmlns = xmlns_sasl});
if status == "challenge" then
log("debug", "%s", ret or "");
--log("debug", "CHALLENGE: %s", ret or "");
reply:text(base64.encode(ret or ""));
elseif status == "failure" then
reply:tag(ret):up();
if err_msg then reply:tag("text"):text(err_msg); end
elseif status == "success" then
log("debug", "%s", ret or "");
--log("debug", "SUCCESS: %s", ret or "");
reply:text(base64.encode(ret or ""));
else
module:log("error", "Unknown sasl status: %s", status);
@ -123,7 +123,7 @@ local function sasl_handler(session, stanza)
local text = stanza[1];
if text then
text = base64.decode(text);
log("debug", "%s", text:gsub("[%z\001-\008\011\012\014-\031]", " "));
--log("debug", "AUTH: %s", text:gsub("[%z\001-\008\011\012\014-\031]", " "));
if not text then
session.sasl_handler = nil;
session.send(build_reply("failure", "incorrect-encoding"));