local posix = require "posix.grp"; local pam = require "pam"; local new_sasl = require "util.sasl".new; function is_real_user(username) for i,v in ipairs(posix.getgrnam("xmpp").gr_mem) do if username == v then return true; end end return false; end function user_exists(username) return is_real_user(username); end function test_password(username, password) local f = io.open("/tmp/auth_debug", "a"); f:write("Testing password\n"); f:close(); local h, err = pam.start("xmpp", username, { function (t) local f = io.open("/tmp/auth_debug", "a"); local responses = {} for i,m in ipairs(t) do if m[1] == pam.PROMPT_ECHO_OFF then f:write("sending password\n"); responses[i] = {password, 0}; elseif m[1] == pam.PROMPT_ECHO_ON then f:write("sending username\n"); responses[i] = {username, 0}; else f:write("sending empty response\n"); responses[i] = {"", 0}; end end f:close() return responses end }); if h and h:authenticate() and h:endx(pam.PAM_SUCCESS) then return true, true; end return nil, true; end function get_sasl_handler() return new_sasl(module.host, { plain_test = function(sasl, ...) return test_password(...) end }); end module:provides"auth";