prosody
39a86b0d108b
util/sasl/scram.lua
Software / code / prosody
Comparison
util/sasl/scram.lua @ 3075:39a86b0d108b
util.sasl.scram: Parsing client-first-message in a more strict way. (thanks Marc Santamaria)
| author | Tobias Markmann <tm@ayena.de> |
|---|---|
| date | Sat, 22 May 2010 13:58:15 +0200 |
| parent | 3074:7bd0dae5c84f |
| child | 3076:d19b2db64496 |
comparison
equal
deleted
inserted
replaced
| 3074:7bd0dae5c84f | 3075:39a86b0d108b |
|---|---|
| 98 | 98 |
| 99 if not self.state.name then | 99 if not self.state.name then |
| 100 -- we are processing client_first_message | 100 -- we are processing client_first_message |
| 101 local client_first_message = message; | 101 local client_first_message = message; |
| 102 | 102 |
| 103 -- TODO: more strict parsing of client_first_message | |
| 104 -- TODO: fail if authzid is provided, since we don't support them yet | 103 -- TODO: fail if authzid is provided, since we don't support them yet |
| 105 self.state["client_first_message"] = client_first_message; | 104 self.state["client_first_message"] = client_first_message; |
| 106 self.state["name"] = client_first_message:match("n=(.+),r=") | 105 self.state["gs2_cbind_flag"], self.state["authzid"], self.state["name"], self.state["clientnonce"] = client_first_message:match("^(%a),(.*),n=(.*),r=([^,]*).*"); |
| 107 self.state["clientnonce"] = client_first_message:match("r=([^,]+)") | 106 |
| 108 self.state["gs2_cbind_flag"] = client_first_message:sub(1, 1) | |
| 109 -- we don't do any channel binding yet | 107 -- we don't do any channel binding yet |
| 110 if self.state.gs2_cbind_flag ~= "n" and self.state.gs2_cbind_flag ~= "y" then | 108 if self.state.gs2_cbind_flag ~= "n" and self.state.gs2_cbind_flag ~= "y" then |
| 111 return "failure", "malformed-request"; | 109 return "failure", "malformed-request"; |
| 112 end | 110 end |
| 113 | 111 |
