changeset 14121:7008869fcce2

Merge 13.0->trunk
author Matthew Wild <mwild1@gmail.com>
date Thu, 02 Apr 2026 20:54:46 +0100
parents 221f3378e7f4 (current diff) 0e9e3efa381f (diff)
children c1469296190d
files plugins/mod_admin_shell.lua util/human/io.lua
diffstat 2 files changed, 22 insertions(+), 5 deletions(-) [+]
line wrap: on
line diff
--- a/plugins/mod_admin_shell.lua	Tue Mar 31 14:18:06 2026 +0100
+++ b/plugins/mod_admin_shell.lua	Thu Apr 02 20:54:46 2026 +0100
@@ -21,6 +21,7 @@
 local st = require "prosody.util.stanza";
 local parse_args = require "prosody.util.argparse".parse;
 local dt = require "prosody.util.datetime";
+local saslprep = require "prosody.util.encodings".stringprep.saslprep;
 
 local _G = _G;
 
@@ -1913,8 +1914,16 @@
 		role = module:get_option_string("default_provisioned_role", "prosody:member");
 	end
 
-	return promise.resolve(password or self.session.request_input("password")):next(function (password_)
-		local ok, err = um.create_user_with_role(username, password_, host, role);
+	return promise.resolve(password or self.session.request_input("password")):next(function (raw_password)
+		local prepped_password = saslprep(raw_password);
+		if not prepped_password or prepped_password == "" then
+			return promise.reject("Unacceptable password");
+		end
+
+		self.session.print(("PW: %q"):format(raw_password));
+		self.session.print(("PW2: %q"):format(prepped_password));
+
+		local ok, err = um.create_user_with_role(username, prepped_password, host, role);
 		if not ok then
 			return promise.reject("Could not create user: "..err);
 		end
@@ -1979,8 +1988,16 @@
 		return nil, "No such user";
 	end
 
-	return promise.resolve(password or self.session.request_input("password")):next(function (password_)
-		local ok, err = um.set_password(username, password_, host, nil);
+	return promise.resolve(password or self.session.request_input("password")):next(function (raw_password)
+		local prepped_password = saslprep(raw_password);
+		if not prepped_password or prepped_password == "" then
+			return promise.reject("Unacceptable password");
+		end
+
+		self.session.print(("PW: %q"):format(raw_password));
+		self.session.print(("PW2: %q"):format(prepped_password));
+
+		local ok, err = um.set_password(username, prepped_password, host, nil);
 		if ok then
 			return "User password changed";
 		else
--- a/util/human/io.lua	Tue Mar 31 14:18:06 2026 +0100
+++ b/util/human/io.lua	Thu Apr 02 20:54:46 2026 +0100
@@ -43,7 +43,7 @@
 	end
 	io.write("\n");
 	if ok then
-		return pass;
+		return (pass:gsub("\n$", ""));
 	end
 end