Mercurial > lxmppd-hg-xmllex / changeset

--- a/util/sasl/scram.lua	Sat May 22 13:59:58 2010 +0200
+++ b/util/sasl/scram.lua	Sat May 22 14:47:21 2010 +0200
@@ -153,10 +153,7 @@
 			-- we are processing client_final_message
 			local client_final_message = message;
 			
-			-- TODO: more strict parsing of client_final_message
-			self.state["proof"] = client_final_message:match("p=(.+)");
-			self.state["nonce"] = client_final_message:match("r=(.+),p=");
-			self.state["channelbinding"] = client_final_message:match("c=(.+),r=");
+			self.state["channelbinding"], self.state["nonce"], self.state["proof"] = client_final_message:match("^c=(.*),r=(.*),.*p=(.*)");
 	
 			if not self.state.proof or not self.state.nonce or not self.state.channelbinding then
 				return "failure", "malformed-request", "Missing an attribute(p, r or c) in SASL message.";