Mercurial > lxmppd-hg-xmllex / file comparison
comparison: util/sasl.lua
util/sasl.lua
- changeset 472
- ee45599c0b5d
- parent 449
- c0a4a1e63d70
- child 475
- fe861de7a4fc
equal
deleted
inserted
replaced
| 451:e9f269e5204e | 472:ee45599c0b5d |
|---|---|
| 9 local string = string | 9 local string = string |
| 10 local math = require "math" | 10 local math = require "math" |
| 11 local type = type | 11 local type = type |
| 12 local error = error | 12 local error = error |
| 13 local print = print | 13 local print = print |
| 14 local idna_ascii = require "util.encodings".stringprep.saslprep.to_ascii | |
| 14 | 15 |
| 15 module "sasl" | 16 module "sasl" |
| 16 | 17 |
| 17 local function new_plain(realm, password_handler) | 18 local function new_plain(realm, password_handler) |
| 18 local object = { mechanism = "PLAIN", realm = realm, password_handler = password_handler} | 19 local object = { mechanism = "PLAIN", realm = realm, password_handler = password_handler} |
| 128 local password_encoding, Y = self.password_handler(response["username"], response["realm"], "DIGEST-MD5") | 129 local password_encoding, Y = self.password_handler(response["username"], response["realm"], "DIGEST-MD5") |
| 129 if Y == nil then return "failure", "not-authorized" | 130 if Y == nil then return "failure", "not-authorized" |
| 130 elseif Y == false then return "failure", "account-disabled" end | 131 elseif Y == false then return "failure", "account-disabled" end |
| 131 | 132 |
| 132 local A1 = Y..":"..response["nonce"]..":"..response["cnonce"]--:authzid | 133 local A1 = Y..":"..response["nonce"]..":"..response["cnonce"]--:authzid |
| 133 local A2 = "AUTHENTICATE:"..protocol.."/"..domain | 134 local A2 = "AUTHENTICATE:"..protocol.."/"..idna_ascii(domain) |
| 134 | 135 |
| 135 local HA1 = md5(A1, true) | 136 local HA1 = md5(A1, true) |
| 136 local HA2 = md5(A2, true) | 137 local HA2 = md5(A2, true) |
| 137 | 138 |
| 138 local KD = HA1..":"..response["nonce"]..":"..response["nc"]..":"..response["cnonce"]..":"..response["qop"]..":"..HA2 | 139 local KD = HA1..":"..response["nonce"]..":"..response["nc"]..":"..response["cnonce"]..":"..response["qop"]..":"..HA2 |
| 139 local response_value = md5(KD, true) | 140 local response_value = md5(KD, true) |
| 140 | 141 |
| 141 if response_value == response["response"] then | 142 if response_value == response["response"] then |
| 142 -- calculate rspauth | 143 -- calculate rspauth |
| 143 A2 = ":"..protocol.."/"..domain | 144 A2 = ":"..protocol.."/"..idna_ascii(domain) |
| 144 | 145 |
| 145 HA1 = md5(A1, true) | 146 HA1 = md5(A1, true) |
| 146 HA2 = md5(A2, true) | 147 HA2 = md5(A2, true) |
| 147 | 148 |
| 148 KD = HA1..":"..response["nonce"]..":"..response["nc"]..":"..response["cnonce"]..":"..response["qop"]..":"..HA2 | 149 KD = HA1..":"..response["nonce"]..":"..response["nc"]..":"..response["cnonce"]..":"..response["qop"]..":"..HA2 |
