1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
|
local posix = require "posix.grp";
local pam = require "pam";
local new_sasl = require "util.sasl".new;
function is_real_user(username)
for i,v in ipairs(posix.getgrnam("xmpp").gr_mem) do
if username == v then
return true;
end
end
return false;
end
function user_exists(username)
return is_real_user(username);
end
function test_password(username, password)
local f = io.open("/tmp/auth_debug", "a");
f:write("Testing password\n");
f:close();
local h, err = pam.start("xmpp", username, {
function (t)
local f = io.open("/tmp/auth_debug", "a");
local responses = {}
for i,m in ipairs(t) do
if m[1] == pam.PROMPT_ECHO_OFF then
f:write("sending password\n");
responses[i] = {password, 0};
elseif m[1] == pam.PROMPT_ECHO_ON then
f:write("sending username\n");
responses[i] = {username, 0};
else
f:write("sending empty response\n");
responses[i] = {"", 0};
end
end
f:close()
return responses
end
});
if h and h:authenticate() and h:endx(pam.PAM_SUCCESS) then
return true, true;
end
return nil, true;
end
function get_sasl_handler()
return new_sasl(module.host, {
plain_test = function(sasl, ...)
return test_password(...)
end
});
end
module:provides"auth";
|
