aboutsummaryrefslogtreecommitdiffstats
path: root/util/sasl
diff options
context:
space:
mode:
authorTobias Markmann <tm@ayena.de>2009-11-17 11:31:59 +0100
committerTobias Markmann <tm@ayena.de>2009-11-17 11:31:59 +0100
commit12c7adc2e7a748941853a43102ec73e07d51850b (patch)
tree061e7d47bdc88ab43db12b3dfb7f8fcf2756e596 /util/sasl
parent1fa16fc88c2492df997fa5471eb282e977602c25 (diff)
downloadprosody-12c7adc2e7a748941853a43102ec73e07d51850b.tar.gz
prosody-12c7adc2e7a748941853a43102ec73e07d51850b.zip
Add check for forbidden char sequences in validate_username().
Diffstat (limited to 'util/sasl')
-rw-r--r--util/sasl/scram.lua3
1 files changed, 2 insertions, 1 deletions
diff --git a/util/sasl/scram.lua b/util/sasl/scram.lua
index 9362cca7..c3bc9600 100644
--- a/util/sasl/scram.lua
+++ b/util/sasl/scram.lua
@@ -60,7 +60,8 @@ end
local function validate_username(username)
-- check for forbidden char sequences
-
+ for eq in s:gmatch("=(.?.?)") do
+ if eq ~= "2D" and eq ~= "3D" then return false end end return true;
-- replace =2D with , and =3D with =
-- apply SASLprep