212 HA2 = md5(A2, true); |
212 HA2 = md5(A2, true); |
213 |
213 |
214 KD = HA1..":"..response["nonce"]..":"..response["nc"]..":"..response["cnonce"]..":"..response["qop"]..":"..HA2 |
214 KD = HA1..":"..response["nonce"]..":"..response["nc"]..":"..response["cnonce"]..":"..response["qop"]..":"..HA2 |
215 local rspauth = md5(KD, true); |
215 local rspauth = md5(KD, true); |
216 self.authenticated = true; |
216 self.authenticated = true; |
217 return "success", serialize({rspauth = rspauth}); |
217 --TODO: considering sending the rspauth in a success node for saving one roundtrip; allowed according to http://tools.ietf.org/html/draft-saintandre-rfc3920bis-09#section-7.3.6 |
|
218 return "challenge", serialize({rspauth = rspauth}); |
218 else |
219 else |
219 return "failure", "not-authorized", "The response provided by the client doesn't match the one we calculated." |
220 return "failure", "not-authorized", "The response provided by the client doesn't match the one we calculated." |
220 end |
221 end |
221 elseif self.step == 3 then |
222 elseif self.step == 3 then |
222 if self.authenticated ~= nil then return "success" |
223 if self.authenticated ~= nil then return "success" |