aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTobias Markmann <tm@ayena.de>2010-05-22 13:58:15 +0200
committerTobias Markmann <tm@ayena.de>2010-05-22 13:58:15 +0200
commitc21b8a16358c03e996e769e3dad38ea6146c5ffb (patch)
tree7c6d9a5ddbdcc62b70eb262407ff2cdd6c51c243
parent6dd7692baa677cedb25dee1456ed22063c83f26c (diff)
downloadprosody-c21b8a16358c03e996e769e3dad38ea6146c5ffb.tar.gz
prosody-c21b8a16358c03e996e769e3dad38ea6146c5ffb.zip
util.sasl.scram: Parsing client-first-message in a more strict way. (thanks Marc Santamaria)
-rw-r--r--util/sasl/scram.lua6
1 files changed, 2 insertions, 4 deletions
diff --git a/util/sasl/scram.lua b/util/sasl/scram.lua
index ffca171c..4c5df11a 100644
--- a/util/sasl/scram.lua
+++ b/util/sasl/scram.lua
@@ -100,12 +100,10 @@ local function scram_gen(hash_name, H_f, HMAC_f)
-- we are processing client_first_message
local client_first_message = message;
- -- TODO: more strict parsing of client_first_message
-- TODO: fail if authzid is provided, since we don't support them yet
self.state["client_first_message"] = client_first_message;
- self.state["name"] = client_first_message:match("n=(.+),r=")
- self.state["clientnonce"] = client_first_message:match("r=([^,]+)")
- self.state["gs2_cbind_flag"] = client_first_message:sub(1, 1)
+ self.state["gs2_cbind_flag"], self.state["authzid"], self.state["name"], self.state["clientnonce"] = client_first_message:match("^(%a),(.*),n=(.*),r=([^,]*).*");
+
-- we don't do any channel binding yet
if self.state.gs2_cbind_flag ~= "n" and self.state.gs2_cbind_flag ~= "y" then
return "failure", "malformed-request";