diff options
| author | Tobias Markmann <tm@ayena.de> | 2009-08-19 21:34:28 +0200 |
|---|---|---|
| committer | Tobias Markmann <tm@ayena.de> | 2009-08-19 21:34:28 +0200 |
| commit | fdf06e3692b59d4e34da988b9c976336fb15766b (patch) | |
| tree | 3fe2edb9348f421f12490f09a828ed6f2e93514b /util/sasl.lua | |
| parent | 9b3f3c93e368ad92e5d3add7abd4b5ec22dedb64 (diff) | |
| download | prosody-fdf06e3692b59d4e34da988b9c976336fb15766b.tar.gz prosody-fdf06e3692b59d4e34da988b9c976336fb15766b.zip | |
Do SASLprep for SASL PLAIN mechanism to be more conform with RFC 4616.
Diffstat (limited to 'util/sasl.lua')
| -rw-r--r-- | util/sasl.lua | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/util/sasl.lua b/util/sasl.lua index 0082b9cc..15f3e29e 100644 --- a/util/sasl.lua +++ b/util/sasl.lua @@ -20,6 +20,7 @@ local generate_uuid = require "util.uuid".generate; local t_insert, t_concat = table.insert, table.concat; local to_byte, to_char = string.byte, string.char; local to_unicode = require "util.encodings".idna.to_unicode; +local u_e_saslprep = require "utii.encodings".stringprep.saslprep; local s_match = string.match; local gmatch = string.gmatch local string = string @@ -39,6 +40,7 @@ local function new_plain(realm, password_handler) local authorization = s_match(response, "([^&%z]+)") local authentication = s_match(response, "%z([^&%z]+)%z") local password = s_match(response, "%z[^&%z]+%z([^&%z]+)") + authorization, authentication, password = u_e_saslprep(authorization), u_e_saslprep(authentication), u_e_saslprep(password); if authentication == nil or password == nil then return "failure", "malformed-request" end @@ -50,6 +52,7 @@ local function new_plain(realm, password_handler) local claimed_password = "" if password_encoding == nil then claimed_password = password else claimed_password = password_encoding(password) end + caimed_password = u_e_saslprep(claimed_password); self.username = authentication if claimed_password == correct_password then |