Software /
code /
prosody
Diff
util/sasl.lua @ 277:00c2fc751f50
Fixing some parsing and some other stuff.
author | Tobias Markmann <tm@ayena.de> |
---|---|
date | Sun, 09 Nov 2008 22:45:17 +0100 |
parent | 276:30893439d5d1 |
child | 278:770a78cd38d7 |
line wrap: on
line diff
--- a/util/sasl.lua Sun Nov 09 21:16:57 2008 +0100 +++ b/util/sasl.lua Sun Nov 09 22:45:17 2008 +0100 @@ -7,6 +7,7 @@ local st = require "util.stanza"; local generate_uuid = require "util.uuid".generate; local s_match = string.match; +local gmatch = string.gmatch local math = require "math" local type = type local error = error @@ -82,7 +83,7 @@ local function parse(data) message = {} - for k, v in string.gmatch(data, [[([%w%-])="?[%w%-]"?,?]]) do + for k, v in gmatch(data, [[([%w%-]+)="?([%w%-%/%.]+)"?,?]]) do message[k] = v end return message @@ -102,14 +103,11 @@ algorithm = "md5-sess"} )); object.onWrite(st.stanza("challenge", {xmlns = "urn:ietf:params:xml:ns:xmpp-sasl"}):text(challenge)) object.feed = function(self, stanza) - print(tostring(stanza)) if stanza.name ~= "response" and stanza.name ~= "auth" then self.onFail("invalid-stanza-tag") end if stanza.attr.xmlns ~= "urn:ietf:params:xml:ns:xmpp-sasl" then self.onFail("invalid-stanza-namespace") end if stanza.name == "auth" then return end self.step = self.step + 1 if (self.step == 2) then - - log("debug", tostring(stanza[1])) local response = parse(base64.decode(stanza[1])) -- check for replay attack if response["nonce-count"] then @@ -133,12 +131,11 @@ if not response["qop"] then response["qop"] = "auth" end local hostname = "" + local protocol = "" if response["digest-uri"] then - local uri = response["digest-uri"]:gmatch("^(%w)/(%w)") - local protocol = uri[1] - log(protocol) - local hostname = uri[2] - log(hostname) + protocol, hostname = response["digest-uri"]:match("(%w+)/(.*)$") + else + error("No digest-uri") end -- compare response_value with own calculation @@ -146,7 +143,7 @@ -- ":", nonce-value, ":", cnonce-value) local A2 - local response_value = HEX(KD(HEX(H(A1)), response["nonce"]..":"..response["nonce-count"]..":"..response["cnonce-value"]..":"..response["qop"]..":"..HEX(H(A2)))) + --local response_value = HEX(KD(HEX(H(A1)), response["nonce"]..":"..response["nonce-count"]..":"..response["cnonce-value"]..":"..response["qop"]..":"..HEX(H(A2)))) if response["qop"] == "auth" then @@ -154,7 +151,7 @@ end - local response_value = HEX(KD(HEX(H(A1)), response["nonce"]..":"..response["nonce-count"]..":"..response["cnonce-value"]..":"..response["qop"]..":"..HEX(H(A2)))) + --local response_value = HEX(KD(HEX(H(A1)), response["nonce"]..":"..response["nonce-count"]..":"..response["cnonce-value"]..":"..response["qop"]..":"..HEX(H(A2)))) end --[[