Software /
code /
prosody
Comparison
util/sasl/digest-md5.lua @ 2211:6094a4e2b6f3
Reduce needed roundtrips during DIGEST-MD5 login.
author | Tobias Markmann <tm@ayena.de> |
---|---|
date | Thu, 19 Nov 2009 17:20:38 +0100 |
parent | 2206:5f54100bb426 |
child | 2212:7cb6460b18d8 |
child | 2568:25e1a544a096 |
comparison
equal
deleted
inserted
replaced
2210:78c9b5255b27 | 2211:6094a4e2b6f3 |
---|---|
212 HA2 = md5(A2, true); | 212 HA2 = md5(A2, true); |
213 | 213 |
214 KD = HA1..":"..response["nonce"]..":"..response["nc"]..":"..response["cnonce"]..":"..response["qop"]..":"..HA2 | 214 KD = HA1..":"..response["nonce"]..":"..response["nc"]..":"..response["cnonce"]..":"..response["qop"]..":"..HA2 |
215 local rspauth = md5(KD, true); | 215 local rspauth = md5(KD, true); |
216 self.authenticated = true; | 216 self.authenticated = true; |
217 --TODO: considering sending the rspauth in a success node for saving one roundtrip; allowed according to http://tools.ietf.org/html/draft-saintandre-rfc3920bis-09#section-7.3.6 | 217 return "success", serialize({rspauth = rspauth}); |
218 return "challenge", serialize({rspauth = rspauth}); | |
219 else | 218 else |
220 return "failure", "not-authorized", "The response provided by the client doesn't match the one we calculated." | 219 return "failure", "not-authorized", "The response provided by the client doesn't match the one we calculated." |
221 end | 220 end |
222 elseif self.step == 3 then | 221 elseif self.step == 3 then |
223 if self.authenticated ~= nil then return "success" | 222 if self.authenticated ~= nil then return "success" |