diff options
| author |  jesopo | 2018-09-17 11:31:40 +0100 |
|---|---|---|
| committer | jesopo | 2018-09-17 11:31:40 +0100 |
| commit | fad61c2664b78013232adbe1282adb58b3b029eb (patch) | |
| tree | f19e0ae98212053da507730b6c085f7dc3bd7b60 /modules | |
| parent | Fix highlight checking in commands.py (diff) | |
| signature | ||
Support EXTERNAL sasl authentication
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/sasl.py | 26 |
1 files changed, 19 insertions, 7 deletions
diff --git a/modules/sasl.py b/modules/sasl.py index dee74133..bdc4eb1d 100644 --- a/modules/sasl.py +++ b/modules/sasl.py @@ -13,8 +13,10 @@ class Module(object): "validate": self._validate}) def _validate(self, s): + mechanism = s if " " in s: - return s.split(" ", 1) + mechanism, arguments = s.split(" ", 1) + return {"mechanism": mechanism, "args": arguments} def on_cap(self, event): has_sasl = "sasl" in event["capabilities"] @@ -29,18 +31,28 @@ class Module(object): def on_cap_ack(self, event): if "sasl" in event["capabilities"]: - event["server"].send_authenticate("PLAIN") + sasl = event["server"].get_setting("sasl") + event["server"].send_authenticate(sasl["mechanism"].upper()) event["server"].wait_for_capability("sasl") def on_authenticate(self, event): if event["message"] != "+": event["server"].send_authenticate("*") else: - sasl_nick, sasl_pass = event["server"].get_setting("sasl") - auth_text = "%s\0%s\0%s" % ( - sasl_nick, sasl_nick, sasl_pass) - auth_text = base64.b64encode(auth_text.encode("utf8")) - auth_text = auth_text.decode("utf8") + sasl = event["server"].get_setting("sasl") + mechanism = sasl["mechanism"].upper() + + if mechanism == "PLAIN": + sasl_nick, sasl_pass = sasl["args"].split(":", 1) + auth_text = "%s\0%s\0%s" % (sasl_nick, sasl_nick, sasl_pass) + elif mechanism == "EXTERNAL": + auth_text = "+" + else: + raise ValueError("unknown sasl mechanism '%s'" % mechanism) + + if not auth_text == "+": + auth_text = base64.b64encode(auth_text.encode("utf8")) + auth_text = auth_text.decode("utf8") event["server"].send_authenticate(auth_text) def sasl_success(self, event): |