diff options
author | Kim Alvefur <zash@zash.se> | 2023-03-02 14:37:46 +0100 |
---|---|---|
committer | Kim Alvefur <zash@zash.se> | 2023-03-02 14:37:46 +0100 |
commit | aabfdaf01ac96c6bfa759dfc22d507b3174068c8 (patch) | |
tree | 7650cda6df6184ff4947f84b2ff03d1150c907a2 /util/sasl | |
parent | 9e02d322d8f8bfe4b7cdae3c2da33827d7defa60 (diff) | |
download | prosody-aabfdaf01ac96c6bfa759dfc22d507b3174068c8.tar.gz prosody-aabfdaf01ac96c6bfa759dfc22d507b3174068c8.zip |
util.sasl.oauthbearer: Fix traceback on authz in unexpected format
E.g. if you were to just pass "username" without @hostname, the split
will return nil, "username" and the nil gets passed to saslprep() and it
does not like that.
Diffstat (limited to 'util/sasl')
-rw-r--r-- | util/sasl/oauthbearer.lua | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/util/sasl/oauthbearer.lua b/util/sasl/oauthbearer.lua index ea8da198..54c63575 100644 --- a/util/sasl/oauthbearer.lua +++ b/util/sasl/oauthbearer.lua @@ -34,6 +34,10 @@ local function oauthbearer(self, message) local username = jid.prepped_split(gs2_authzid); + if not username or username == "" then + return "failure", "malformed-request", "Expected authorization identity in the username@hostname format"; + end + -- SASLprep username username = saslprep(username); |