Mercurial > lxmppd-hg-xmllex / changeset

changeset

Merge trunk/Tobias->trunk

Mon, 24 May 2010 19:39:07 +0100

author
Matthew Wild <mwild1@gmail.com>
date
Mon, 24 May 2010 19:39:07 +0100
changeset 3121
27f895bac9c0
parent 3119
c1ac08fa2533 (current diff)
parent 3120
6f1b7260925c (diff)
child 3124
21e60658767d

Merge trunk/Tobias->trunk

util/sasl/scram.lua file | annotate | diff | comparison | revisions 
--- a/util/sasl/digest-md5.lua	Mon May 24 16:52:12 2010 +0100
+++ b/util/sasl/digest-md5.lua	Mon May 24 19:39:07 2010 +0100
@@ -32,13 +32,13 @@
 --[[
 Supported Authentication Backends
 
-digest-md5:
+digest_md5:
 	function(username, domain, realm, encoding) -- domain and realm are usually the same; for some broken
 												-- implementations it's not
 		return digesthash, state;
 	end
 
-digest-md5-test:
+digest_md5_test:
 	function(username, domain, realm, encoding, digesthash)
 		return true or false, state;
 	end
--- a/util/sasl/scram.lua	Mon May 24 16:52:12 2010 +0100
+++ b/util/sasl/scram.lua	Mon May 24 19:39:07 2010 +0100
@@ -32,7 +32,8 @@
 --[[
 Supported Authentication Backends
 
-scram-{MECH}:
+scram_{MECH}:
+	-- MECH being a standard hash name (like those at IANA's hash registry) with '-' replaced with '_'
 	function(username, realm)
 		return salted_password, iteration_count, salt, state;
 	end
@@ -92,6 +93,12 @@
 	return username;
 end
 
+local function hashprep( hashname ) 
+	local hash = hashname:lower()
+	hash = hash:gsub("-", "_")
+	return hash
+end
+
 function saltedPasswordSHA1(password, salt, iteration_count)
 	local salted_password
 	if type(password) ~= "string" or type(salt) ~= "string" or type(iteration_count) ~= "number" then
@@ -156,7 +163,7 @@
 					log("error", "Generating salted password failed. Reason: %s", self.state.salted_password);
 					return "failure", "temporary-auth-failure";
 				end
-			elseif self.profile["scram_"..hash_name] then
+			elseif self.profile["scram_"..hashprep(hash_name)] then
 				local salted_password, iteration_count, salt, state = self.profile["scram-"..hash_name](self.state.name, self.realm);
 				if state == nil then return "failure", "not-authorized"
 				elseif state == false then return "failure", "account-disabled" end
@@ -206,7 +213,7 @@
 
 function init(registerMechanism)
 	local function registerSCRAMMechanism(hash_name, hash, hmac_hash)
-		registerMechanism("SCRAM-"..hash_name, {"plain", "scram_"..(hash_name:lower())}, scram_gen(hash_name:lower(), hash, hmac_hash));
+		registerMechanism("SCRAM-"..hash_name, {"plain", "scram_"..(hashprep(hash_name))}, scram_gen(hash_name:lower(), hash, hmac_hash));
 	end
 
 	registerSCRAMMechanism("SHA-1", sha1, hmac_sha1);

Mercurial Repository: lxmppd-hg-xmllex

mercurial