prosody
61f748d363e1
util/sasl/scram.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

Comparison

util/sasl/scram.lua @ 5870:61f748d363e1

util.sasl.scram: Cache profile name instead of concatenating when used
author Kim Alvefur <zash@zash.se>
date Sun, 13 Oct 2013 01:36:28 +0200
parent 5869:35780ef2d689
child 5871:e80916ce8d32
comparison
equal deleted inserted replaced
5869:35780ef2d689 5870:61f748d363e1
99 local server_key = hmac_sha1(salted_password, "Server Key"); 99 local server_key = hmac_sha1(salted_password, "Server Key");
100 return true, stored_key, server_key 100 return true, stored_key, server_key
101 end 101 end
102 102
103 local function scram_gen(hash_name, H_f, HMAC_f) 103 local function scram_gen(hash_name, H_f, HMAC_f)
104 local profile_name = "scram_" .. hashprep(hash_name);
104 local function scram_hash(self, message) 105 local function scram_hash(self, message)
105 local support_channel_binding = false; 106 local support_channel_binding = false;
106 if self.profile.cb then support_channel_binding = true; end 107 if self.profile.cb then support_channel_binding = true; end
107 108
108 if type(message) ~= "string" or #message == 0 then return "failure", "malformed-request" end 109 if type(message) ~= "string" or #message == 0 then return "failure", "malformed-request" end
166 succ, stored_key, server_key = getAuthenticationDatabaseSHA1(password, salt, iteration_count); 167 succ, stored_key, server_key = getAuthenticationDatabaseSHA1(password, salt, iteration_count);
167 if not succ then 168 if not succ then
168 log("error", "Generating authentication database failed. Reason: %s", stored_key); 169 log("error", "Generating authentication database failed. Reason: %s", stored_key);
169 return "failure", "temporary-auth-failure"; 170 return "failure", "temporary-auth-failure";
170 end 171 end
171 elseif self.profile["scram_"..hashprep(hash_name)] then 172 elseif self.profile[profile_name] then
172 local state; 173 local state;
173 stored_key, server_key, iteration_count, salt, state = self.profile["scram_"..hashprep(hash_name)](self, name, self.realm); 174 stored_key, server_key, iteration_count, salt, state = self.profile[profile_name](self, name, self.realm);
174 if state == nil then return "failure", "not-authorized" 175 if state == nil then return "failure", "not-authorized"
175 elseif state == false then return "failure", "account-disabled" end 176 elseif state == false then return "failure", "account-disabled" end
176 end 177 end
177 178
178 local nonce = clientnonce .. generate_uuid(); 179 local nonce = clientnonce .. generate_uuid();