diff plugins/mod_admin_shell.lua @ 14120:0e9e3efa381f 13.0

mod_admin_shell: Fail user creation/modification if new password fails saslprep This saves us from setting an invalid password and preventing the new account from authenticating.
author Matthew Wild <mwild1@gmail.com>
date Thu, 02 Apr 2026 20:53:04 +0100
parents b9688ac25255
children 7008869fcce2 d666e7cd8609
line wrap: on
line diff
--- a/plugins/mod_admin_shell.lua	Thu Apr 02 20:49:37 2026 +0100
+++ b/plugins/mod_admin_shell.lua	Thu Apr 02 20:53:04 2026 +0100
@@ -20,6 +20,7 @@
 local schema = require "prosody.util.jsonschema";
 local st = require "prosody.util.stanza";
 local parse_args = require "prosody.util.argparse".parse;
+local saslprep = require "prosody.util.encodings".stringprep.saslprep;
 
 local _G = _G;
 
@@ -1869,8 +1870,16 @@
 		role = module:get_option_string("default_provisioned_role", "prosody:member");
 	end
 
-	return promise.resolve(password or self.session.request_input("password")):next(function (password_)
-		local ok, err = um.create_user_with_role(username, password_, host, role);
+	return promise.resolve(password or self.session.request_input("password")):next(function (raw_password)
+		local prepped_password = saslprep(raw_password);
+		if not prepped_password or prepped_password == "" then
+			return promise.reject("Unacceptable password");
+		end
+
+		self.session.print(("PW: %q"):format(raw_password));
+		self.session.print(("PW2: %q"):format(prepped_password));
+
+		local ok, err = um.create_user_with_role(username, prepped_password, host, role);
 		if not ok then
 			return promise.reject("Could not create user: "..err);
 		end
@@ -1935,8 +1944,16 @@
 		return nil, "No such user";
 	end
 
-	return promise.resolve(password or self.session.request_input("password")):next(function (password_)
-		local ok, err = um.set_password(username, password_, host, nil);
+	return promise.resolve(password or self.session.request_input("password")):next(function (raw_password)
+		local prepped_password = saslprep(raw_password);
+		if not prepped_password or prepped_password == "" then
+			return promise.reject("Unacceptable password");
+		end
+
+		self.session.print(("PW: %q"):format(raw_password));
+		self.session.print(("PW2: %q"):format(prepped_password));
+
+		local ok, err = um.set_password(username, prepped_password, host, nil);
 		if ok then
 			return "User password changed";
 		else