prosody
50f1c09541cd
util/sasl.lua
Software / code / prosody
Comparison
util/sasl.lua @ 402:50f1c09541cd
Checking some variables for nil so no errors occur that'll break the server.
| author | Tobias Markmann <tm@ayena.de> |
|---|---|
| date | Sun, 23 Nov 2008 20:43:42 +0100 |
| parent | 401:96e2019d112d |
| child | 404:4801dbeccc2a |
comparison
equal
deleted
inserted
replaced
| 401:96e2019d112d | 402:50f1c09541cd |
|---|---|
| 22 local response = message | 22 local response = message |
| 23 local authorization = s_match(response, "([^&%z]+)") | 23 local authorization = s_match(response, "([^&%z]+)") |
| 24 local authentication = s_match(response, "%z([^&%z]+)%z") | 24 local authentication = s_match(response, "%z([^&%z]+)%z") |
| 25 local password = s_match(response, "%z[^&%z]+%z([^&%z]+)") | 25 local password = s_match(response, "%z[^&%z]+%z([^&%z]+)") |
| 26 | 26 |
| 27 if authentication == nil or password == nil then return "failure", "malformed-request" end | |
| 28 | |
| 27 local password_encoding, correct_password = self.password_handler(authentication, self.realm, "PLAIN") | 29 local password_encoding, correct_password = self.password_handler(authentication, self.realm, "PLAIN") |
| 30 | |
| 31 if correct_password == nil then return "failure", "malformed-request" end | |
| 28 | 32 |
| 29 local claimed_password = "" | 33 local claimed_password = "" |
| 30 if password_encoding == nil then claimed_password = password | 34 if password_encoding == nil then claimed_password = password |
| 31 else claimed_password = password_encoding(password) end | 35 else claimed_password = password_encoding(password) end |
| 32 | 36 |
| 111 | 115 |
| 112 local domain = "" | 116 local domain = "" |
| 113 local protocol = "" | 117 local protocol = "" |
| 114 if response["digest-uri"] then | 118 if response["digest-uri"] then |
| 115 protocol, domain = response["digest-uri"]:match("(%w+)/(.*)$") | 119 protocol, domain = response["digest-uri"]:match("(%w+)/(.*)$") |
| 120 if protocol == nil or domain == nil then return "failure", "malformed-request" end | |
| 116 else | 121 else |
| 117 return "failure", "malformed-request", "Missing entry for digest-uri in SASL message." | 122 return "failure", "malformed-request", "Missing entry for digest-uri in SASL message." |
| 118 end | 123 end |
| 119 | 124 |
| 120 --TODO maybe realm support | 125 --TODO maybe realm support |
| 121 self.username = response["username"] | 126 self.username = response["username"] |
| 122 local password_encoding, Y = self.password_handler(response["username"], response["realm"], "DIGEST-MD5") | 127 local password_encoding, Y = self.password_handler(response["username"], response["realm"], "DIGEST-MD5") |
| 128 if Y == nil then return "failure", "malformed-request" end | |
| 129 | |
| 123 local A1 = Y..":"..response["nonce"]..":"..response["cnonce"]--:authzid | 130 local A1 = Y..":"..response["nonce"]..":"..response["cnonce"]--:authzid |
| 124 local A2 = "AUTHENTICATE:"..protocol.."/"..domain | 131 local A2 = "AUTHENTICATE:"..protocol.."/"..domain |
| 125 | 132 |
| 126 local HA1 = md5.sumhexa(A1) | 133 local HA1 = md5.sumhexa(A1) |
| 127 local HA2 = md5.sumhexa(A2) | 134 local HA2 = md5.sumhexa(A2) |
