From 1f64550d6c9be4511288bb72d2ebc88223918dd6 Mon Sep 17 00:00:00 2001
From: Tobias Markmann <tm@ayena.de>
Date: Sat, 22 May 2010 13:59:58 +0200
Subject: util.sasl.scram: Fix in nonce check of client-final-message.

---
 util/sasl/scram.lua | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'util')

diff --git a/util/sasl/scram.lua b/util/sasl/scram.lua
index 4c5df11a..7b9123ee 100644
--- a/util/sasl/scram.lua
+++ b/util/sasl/scram.lua
@@ -162,8 +162,8 @@ local function scram_gen(hash_name, H_f, HMAC_f)
 				return "failure", "malformed-request", "Missing an attribute(p, r or c) in SASL message.";
 			end
 
-			if self.state.nonce ~= self.state.servernonce then
-				return "failure", "malformed-request", "Wrong nonce in client-second-message.";
+			if self.state.nonce ~= self.state.clientnonce..self.state.servernonce then
+				return "failure", "malformed-request", "Wrong nonce in client-final-message.";
 			end
 			
 			local SaltedPassword = self.state.salted_password;
-- 
cgit v1.2.3