aboutsummaryrefslogtreecommitdiffstats
path: root/util/sasl
diff options
context:
space:
mode:
authorKim Alvefur <zash@zash.se>2023-03-02 14:37:46 +0100
committerKim Alvefur <zash@zash.se>2023-03-02 14:37:46 +0100
commitaabfdaf01ac96c6bfa759dfc22d507b3174068c8 (patch)
tree7650cda6df6184ff4947f84b2ff03d1150c907a2 /util/sasl
parent9e02d322d8f8bfe4b7cdae3c2da33827d7defa60 (diff)
downloadprosody-aabfdaf01ac96c6bfa759dfc22d507b3174068c8.tar.gz
prosody-aabfdaf01ac96c6bfa759dfc22d507b3174068c8.zip
util.sasl.oauthbearer: Fix traceback on authz in unexpected format
E.g. if you were to just pass "username" without @hostname, the split will return nil, "username" and the nil gets passed to saslprep() and it does not like that.
Diffstat (limited to 'util/sasl')
-rw-r--r--util/sasl/oauthbearer.lua4
1 files changed, 4 insertions, 0 deletions
diff --git a/util/sasl/oauthbearer.lua b/util/sasl/oauthbearer.lua
index ea8da198..54c63575 100644
--- a/util/sasl/oauthbearer.lua
+++ b/util/sasl/oauthbearer.lua
@@ -34,6 +34,10 @@ local function oauthbearer(self, message)
local username = jid.prepped_split(gs2_authzid);
+ if not username or username == "" then
+ return "failure", "malformed-request", "Expected authorization identity in the username@hostname format";
+ end
+
-- SASLprep username
username = saslprep(username);