local posix = require "posix.grp"; local pam = require "pam"; local new_sasl = require "util.sasl".new; function is_real_user(username) for i,v in ipairs(posix.getgrnam("xmpp").gr_mem) do if username == v then return true; end end return false; end function user_exists(username) return is_real_user(username); end function test_password(username, password) local h, err = pam.start("xmpp", username, { function (t) local responses = {} for i,m in ipairs(t) do if m[1] == pam.PAM_PROMPT_ECHO_OFF then responses[i] = {password, 0}; elseif m[1] == pam.PAM_PROMPT_ECHO_ON then responses[i] = {username, 0}; end end return responses end }); if h and h:authenticate() and h:endx(pam.PAM_SUCCESS) then return true, true; end return nil, true; end function get_sasl_handler() return new_sasl(module.host, { plain_test = function(sasl, ...) return test_password(...) end }); end module:provides"auth";