Software /
code /
prosody
Comparison
util/sasl/scram.lua @ 3101:9e4439378cf8
util.sasl.scram: Fix in nonce check of client-final-message.
author | Tobias Markmann <tm@ayena.de> |
---|---|
date | Sat, 22 May 2010 13:59:58 +0200 |
parent | 3100:6731dff05c99 |
child | 3102:5cd408e36359 |
comparison
equal
deleted
inserted
replaced
3100:6731dff05c99 | 3101:9e4439378cf8 |
---|---|
160 | 160 |
161 if not self.state.proof or not self.state.nonce or not self.state.channelbinding then | 161 if not self.state.proof or not self.state.nonce or not self.state.channelbinding then |
162 return "failure", "malformed-request", "Missing an attribute(p, r or c) in SASL message."; | 162 return "failure", "malformed-request", "Missing an attribute(p, r or c) in SASL message."; |
163 end | 163 end |
164 | 164 |
165 if self.state.nonce ~= self.state.servernonce then | 165 if self.state.nonce ~= self.state.clientnonce..self.state.servernonce then |
166 return "failure", "malformed-request", "Wrong nonce in client-second-message."; | 166 return "failure", "malformed-request", "Wrong nonce in client-final-message."; |
167 end | 167 end |
168 | 168 |
169 local SaltedPassword = self.state.salted_password; | 169 local SaltedPassword = self.state.salted_password; |
170 local ClientKey = HMAC_f(SaltedPassword, "Client Key") | 170 local ClientKey = HMAC_f(SaltedPassword, "Client Key") |
171 local ServerKey = HMAC_f(SaltedPassword, "Server Key") | 171 local ServerKey = HMAC_f(SaltedPassword, "Server Key") |