diff options
author | Tobias Markmann <tm@ayena.de> | 2009-11-17 11:31:59 +0100 |
---|---|---|
committer | Tobias Markmann <tm@ayena.de> | 2009-11-17 11:31:59 +0100 |
commit | 12c7adc2e7a748941853a43102ec73e07d51850b (patch) | |
tree | 061e7d47bdc88ab43db12b3dfb7f8fcf2756e596 /util | |
parent | 1fa16fc88c2492df997fa5471eb282e977602c25 (diff) | |
download | prosody-12c7adc2e7a748941853a43102ec73e07d51850b.tar.gz prosody-12c7adc2e7a748941853a43102ec73e07d51850b.zip |
Add check for forbidden char sequences in validate_username().
Diffstat (limited to 'util')
-rw-r--r-- | util/sasl/scram.lua | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/util/sasl/scram.lua b/util/sasl/scram.lua index 9362cca7..c3bc9600 100644 --- a/util/sasl/scram.lua +++ b/util/sasl/scram.lua @@ -60,7 +60,8 @@ end local function validate_username(username) -- check for forbidden char sequences - + for eq in s:gmatch("=(.?.?)") do + if eq ~= "2D" and eq ~= "3D" then return false end end return true; -- replace =2D with , and =3D with = -- apply SASLprep |