diff options
| author | Tobias Markmann <tm@ayena.de> | 2010-05-22 13:58:15 +0200 |
|---|---|---|
| committer | Tobias Markmann <tm@ayena.de> | 2010-05-22 13:58:15 +0200 |
| commit | a69a0446406c8b2b76aefce317e1c1820e55e4f8 (patch) | |
| tree | 956b0313372ad0ccd77314d68bb1b83a5bee8ae9 /util/sasl/scram.lua | |
| parent | b7a87c093211d21bb626c13505d8c6b5575e4bd2 (diff) | |
| download | prosody-a69a0446406c8b2b76aefce317e1c1820e55e4f8.tar.gz prosody-a69a0446406c8b2b76aefce317e1c1820e55e4f8.zip | |
util.sasl.scram: Parsing client-first-message in a more strict way. (thanks Marc Santamaria)
Diffstat (limited to 'util/sasl/scram.lua')
| -rw-r--r-- | util/sasl/scram.lua | 6 |
1 files changed, 2 insertions, 4 deletions
diff --git a/util/sasl/scram.lua b/util/sasl/scram.lua index ffca171c..4c5df11a 100644 --- a/util/sasl/scram.lua +++ b/util/sasl/scram.lua @@ -100,12 +100,10 @@ local function scram_gen(hash_name, H_f, HMAC_f) -- we are processing client_first_message local client_first_message = message; - -- TODO: more strict parsing of client_first_message -- TODO: fail if authzid is provided, since we don't support them yet self.state["client_first_message"] = client_first_message; - self.state["name"] = client_first_message:match("n=(.+),r=") - self.state["clientnonce"] = client_first_message:match("r=([^,]+)") - self.state["gs2_cbind_flag"] = client_first_message:sub(1, 1) + self.state["gs2_cbind_flag"], self.state["authzid"], self.state["name"], self.state["clientnonce"] = client_first_message:match("^(%a),(.*),n=(.*),r=([^,]*).*"); + -- we don't do any channel binding yet if self.state.gs2_cbind_flag ~= "n" and self.state.gs2_cbind_flag ~= "y" then return "failure", "malformed-request"; |