210 HA2 = md5(A2, true); |
210 HA2 = md5(A2, true); |
211 |
211 |
212 KD = HA1..":"..response["nonce"]..":"..response["nc"]..":"..response["cnonce"]..":"..response["qop"]..":"..HA2 |
212 KD = HA1..":"..response["nonce"]..":"..response["nc"]..":"..response["cnonce"]..":"..response["qop"]..":"..HA2 |
213 local rspauth = md5(KD, true); |
213 local rspauth = md5(KD, true); |
214 self.authenticated = true; |
214 self.authenticated = true; |
215 return "success", serialize({rspauth = rspauth}); |
215 --TODO: considering sending the rspauth in a success node for saving one roundtrip; allowed according to http://tools.ietf.org/html/draft-saintandre-rfc3920bis-09#section-7.3.6 |
|
216 return "challenge", serialize({rspauth = rspauth}); |
216 else |
217 else |
217 return "failure", "not-authorized", "The response provided by the client doesn't match the one we calculated." |
218 return "failure", "not-authorized", "The response provided by the client doesn't match the one we calculated." |
218 end |
219 end |
219 elseif self.step == 3 then |
220 elseif self.step == 3 then |
220 if self.authenticated ~= nil then return "success" |
221 if self.authenticated ~= nil then return "success" |