From 5b3c2cf16701c9bfa60c3fc5b54388e68dc8265a Mon Sep 17 00:00:00 2001
From: Waqas Hussain <waqas20@gmail.com>
Date: Mon, 8 Dec 2008 03:23:37 +0500
Subject: Return error when the given realm value does not match the sent realm
 value. Prevents impersonation of an account on one virtual host, but a user
 with the same username on another host.

---
 util/sasl.lua | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'util')

diff --git a/util/sasl.lua b/util/sasl.lua
index 89980eb2..12e7df4f 100644
--- a/util/sasl.lua
+++ b/util/sasl.lua
@@ -176,7 +176,11 @@ local function new_digest_md5(realm, password_handler)
 			if not response["cnonce"] then return "failure", "malformed-request", "Missing entry for cnonce in SASL message." end
 			if not response["qop"] then response["qop"] = "auth" end
 			
-			if response["realm"] == nil then response["realm"] = "" end
+			if response["realm"] == nil then
+				response["realm"] = ""
+			elseif response["realm"] ~= self.realm then
+				return "failure", "not-authorized", "Incorrect realm value";
+			end
 			local decoder;
 			
 			if response["charset"] == nil then
-- 
cgit v1.2.3