util.sasl.plain,scram: Record username in sasl state earlier

2 files changed, 3 insertions, 2 deletions

diff --git a/util/sasl/plain.lua b/util/sasl/plain.lua
index 26e65335..cd59b1ac 100644
--- a/util/sasl/plain.lua
+++ b/util/sasl/plain.lua
@@ -63,6 +63,8 @@ local function plain(self, message)
 		end
 	end
 
+	self.username = authentication
+
 	local correct, state = false, false;
 	if self.profile.plain then
 		local correct_password;
@@ -72,7 +74,6 @@ local function plain(self, message)
 		correct, state = self.profile.plain_test(self, authentication, password, self.realm);
 	end
 
-	self.username = authentication
 	if state == false then
 		return "failure", "account-disabled";
 	elseif state == nil or not correct then
diff --git a/util/sasl/scram.lua b/util/sasl/scram.lua
index d2b2abde..4e20dbb9 100644
--- a/util/sasl/scram.lua
+++ b/util/sasl/scram.lua
@@ -146,6 +146,7 @@ local function scram_gen(hash_name, H_f, HMAC_f)
 				log("debug", "Username violates either SASLprep or contains forbidden character sequences.")
 				return "failure", "malformed-request", "Invalid username.";
 			end
+			self.username = username;
 
 			-- retreive credentials
 			local stored_key, server_key, salt, iteration_count;
@@ -225,7 +226,6 @@ local function scram_gen(hash_name, H_f, HMAC_f)
 
 			if StoredKey == H_f(ClientKey) then
 				local server_final_message = "v="..base64.encode(ServerSignature);
-				self["username"] = state.username;
 				return "success", server_final_message;
 			else
 				return "failure", "not-authorized", "The response provided by the client doesn't match the one we calculated.";