Mercurial > lxmppd-hg-xmllex / changeset
changeset
util.sasl.scram: Fix in nonce check of client-final-message.
Sat, 22 May 2010 13:59:58 +0200
- author
- Tobias Markmann <tm@ayena.de>
- date
- Sat, 22 May 2010 13:59:58 +0200
- changeset 3101
- 9e4439378cf8
- parent 3100
- 6731dff05c99
- child 3102
- 5cd408e36359
util.sasl.scram: Fix in nonce check of client-final-message.
| util/sasl/scram.lua | file | annotate | diff | comparison | revisions |
--- a/util/sasl/scram.lua Sat May 22 13:58:15 2010 +0200 +++ b/util/sasl/scram.lua Sat May 22 13:59:58 2010 +0200 @@ -162,8 +162,8 @@ return "failure", "malformed-request", "Missing an attribute(p, r or c) in SASL message."; end - if self.state.nonce ~= self.state.servernonce then - return "failure", "malformed-request", "Wrong nonce in client-second-message."; + if self.state.nonce ~= self.state.clientnonce..self.state.servernonce then + return "failure", "malformed-request", "Wrong nonce in client-final-message."; end local SaltedPassword = self.state.salted_password;
