1 |
1 |
2 local md5 = require "md5" |
2 local md5 = require "util.hashes".md5; |
3 local log = require "util.logger".init("sasl"); |
3 local log = require "util.logger".init("sasl"); |
4 local tostring = tostring; |
4 local tostring = tostring; |
5 local st = require "util.stanza"; |
5 local st = require "util.stanza"; |
6 local generate_uuid = require "util.uuid".generate; |
6 local generate_uuid = require "util.uuid".generate; |
7 local s_match = string.match; |
7 local s_match = string.match; |
130 elseif Y == false then return "failure", "account-disabled" end |
130 elseif Y == false then return "failure", "account-disabled" end |
131 |
131 |
132 local A1 = Y..":"..response["nonce"]..":"..response["cnonce"]--:authzid |
132 local A1 = Y..":"..response["nonce"]..":"..response["cnonce"]--:authzid |
133 local A2 = "AUTHENTICATE:"..protocol.."/"..domain |
133 local A2 = "AUTHENTICATE:"..protocol.."/"..domain |
134 |
134 |
135 local HA1 = md5.sumhexa(A1) |
135 local HA1 = md5(A1, true) |
136 local HA2 = md5.sumhexa(A2) |
136 local HA2 = md5(A2, true) |
137 |
137 |
138 local KD = HA1..":"..response["nonce"]..":"..response["nc"]..":"..response["cnonce"]..":"..response["qop"]..":"..HA2 |
138 local KD = HA1..":"..response["nonce"]..":"..response["nc"]..":"..response["cnonce"]..":"..response["qop"]..":"..HA2 |
139 local response_value = md5.sumhexa(KD) |
139 local response_value = md5(KD, true) |
140 |
140 |
141 if response_value == response["response"] then |
141 if response_value == response["response"] then |
142 -- calculate rspauth |
142 -- calculate rspauth |
143 A2 = ":"..protocol.."/"..domain |
143 A2 = ":"..protocol.."/"..domain |
144 |
144 |
145 HA1 = md5.sumhexa(A1) |
145 HA1 = md5(A1, true) |
146 HA2 = md5.sumhexa(A2) |
146 HA2 = md5(A2, true) |
147 |
147 |
148 KD = HA1..":"..response["nonce"]..":"..response["nc"]..":"..response["cnonce"]..":"..response["qop"]..":"..HA2 |
148 KD = HA1..":"..response["nonce"]..":"..response["nc"]..":"..response["cnonce"]..":"..response["qop"]..":"..HA2 |
149 local rspauth = md5.sumhexa(KD) |
149 local rspauth = md5(KD, true) |
150 self.authenticated = true |
150 self.authenticated = true |
151 return "challenge", serialize({rspauth = rspauth}) |
151 return "challenge", serialize({rspauth = rspauth}) |
152 else |
152 else |
153 return "failure", "not-authorized", "The response provided by the client doesn't match the one we calculated." |
153 return "failure", "not-authorized", "The response provided by the client doesn't match the one we calculated." |
154 end |
154 end |