From fdf06e3692b59d4e34da988b9c976336fb15766b Mon Sep 17 00:00:00 2001
From: Tobias Markmann <tm@ayena.de>
Date: Wed, 19 Aug 2009 21:34:28 +0200
Subject: Do SASLprep for SASL PLAIN mechanism to be more conform with RFC
 4616.

---
 util/sasl.lua | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'util')

diff --git a/util/sasl.lua b/util/sasl.lua
index 0082b9cc..15f3e29e 100644
--- a/util/sasl.lua
+++ b/util/sasl.lua
@@ -20,6 +20,7 @@ local generate_uuid = require "util.uuid".generate;
 local t_insert, t_concat = table.insert, table.concat;
 local to_byte, to_char = string.byte, string.char;
 local to_unicode = require "util.encodings".idna.to_unicode;
+local u_e_saslprep = require "utii.encodings".stringprep.saslprep;
 local s_match = string.match;
 local gmatch = string.gmatch
 local string = string
@@ -39,6 +40,7 @@ local function new_plain(realm, password_handler)
 		local authorization = s_match(response, "([^&%z]+)")
 		local authentication = s_match(response, "%z([^&%z]+)%z")
 		local password = s_match(response, "%z[^&%z]+%z([^&%z]+)")
+		authorization, authentication, password = u_e_saslprep(authorization), u_e_saslprep(authentication), u_e_saslprep(password);
 		
 		if authentication == nil or password == nil then return "failure", "malformed-request" end
 		
@@ -50,6 +52,7 @@ local function new_plain(realm, password_handler)
 		local claimed_password = ""
 		if password_encoding == nil then claimed_password = password
 		else claimed_password = password_encoding(password) end
+		caimed_password = u_e_saslprep(claimed_password);
 		
 		self.username = authentication
 		if claimed_password == correct_password then
-- 
cgit v1.2.3