From 547b733736f76dac6fce0757ec73742377f5f99b Mon Sep 17 00:00:00 2001 From: Tobias Markmann Date: Thu, 19 Nov 2009 17:08:58 +0100 Subject: Fail if username or password don't pass SASLprep. --- util/sasl/plain.lua | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'util/sasl') diff --git a/util/sasl/plain.lua b/util/sasl/plain.lua index d9fdb9a2..5c7ff68a 100644 --- a/util/sasl/plain.lua +++ b/util/sasl/plain.lua @@ -34,7 +34,8 @@ local function plain(self, message) password = saslprep(password); if (not password) or (password == "") or (not authentication) or (authentication == "") then - log("debug", "Username or password violates either SASLprep."); + log("debug", "Username or password violates SASLprep."); + return "failure", "malformed-request"; end local correct, state = false, false; -- cgit v1.2.3