summaryrefslogtreecommitdiff
path: root/mod_auth_custom/mod_auth_custom.lua
blob: 8f3ae765558e9a78fb6648c17c75e26f020b1671 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
local posix = require "posix.grp";  
local pam = require "pam";  
local new_sasl = require "util.sasl".new;

function is_real_user(username)
        for i,v in ipairs(posix.getgrnam("xmpp").gr_mem) do
          if username == v then
            return true;
          end
        end
        return false;
end
  
function user_exists(username)
        return is_real_user(username);
end  
  
function test_password(username, password)
        print("Testing password");
        local h, err = pam.start("xmpp", username, {
                function (t)
                        local responses = {}
                        for i,m in ipairs(t) do
                                if m[1] == pam.PAM_PROMPT_ECHO_OFF then
                                  print("sending password");
                                  responses[i] = {password, 0};
                                elseif m[1] == pam.PAM_PROMPT_ECHO_ON then
                                  print("sending username");
                                  responses[i] = {username, 0};
                                else
                                  print("sending empty response");
                                  responses[i] = {"", 0};
                                end
                        end
                        return responses
                end
        });
        if h and h:authenticate() and h:endx(pam.PAM_SUCCESS) then
                return true, true;
        end
        return nil, true;
end  
  
function get_sasl_handler()
        return new_sasl(module.host, {
                plain_test = function(sasl, ...)
                        return test_password(...)
                end
        });
end

module:provides"auth";