Software /
code /
prosody
Comparison
util/sasl.lua @ 602:a977227aa9e6
Return error when the given realm value does not match the sent realm value. Prevents impersonation of an account on one virtual host, but a user with the same username on another host.
author | Waqas Hussain <waqas20@gmail.com> |
---|---|
date | Mon, 08 Dec 2008 03:23:37 +0500 |
parent | 599:30655c5cc531 |
child | 603:423fd24fff54 |
comparison
equal
deleted
inserted
replaced
601:6cb908ef01c8 | 602:a977227aa9e6 |
---|---|
174 end | 174 end |
175 | 175 |
176 if not response["cnonce"] then return "failure", "malformed-request", "Missing entry for cnonce in SASL message." end | 176 if not response["cnonce"] then return "failure", "malformed-request", "Missing entry for cnonce in SASL message." end |
177 if not response["qop"] then response["qop"] = "auth" end | 177 if not response["qop"] then response["qop"] = "auth" end |
178 | 178 |
179 if response["realm"] == nil then response["realm"] = "" end | 179 if response["realm"] == nil then |
180 response["realm"] = "" | |
181 elseif response["realm"] ~= self.realm then | |
182 return "failure", "not-authorized", "Incorrect realm value"; | |
183 end | |
180 local decoder; | 184 local decoder; |
181 | 185 |
182 if response["charset"] == nil then | 186 if response["charset"] == nil then |
183 decoder = utf8tolatin1ifpossible; | 187 decoder = utf8tolatin1ifpossible; |
184 elseif response["charset"] ~= "utf-8" then | 188 elseif response["charset"] ~= "utf-8" then |