Mercurial > lxmppd-hg-xmllex / changeset

changeset

util.sasl.scram: Fix in nonce check of client-final-message.

Sat, 22 May 2010 13:59:58 +0200

author
Tobias Markmann <tm@ayena.de>
date
Sat, 22 May 2010 13:59:58 +0200
changeset 3076
d19b2db64496
parent 3075
39a86b0d108b
child 3077
3ee311f21d54

util.sasl.scram: Fix in nonce check of client-final-message.

util/sasl/scram.lua file | annotate | diff | comparison | revisions 
--- a/util/sasl/scram.lua	Sat May 22 13:58:15 2010 +0200
+++ b/util/sasl/scram.lua	Sat May 22 13:59:58 2010 +0200
@@ -162,8 +162,8 @@
 				return "failure", "malformed-request", "Missing an attribute(p, r or c) in SASL message.";
 			end
 
-			if self.state.nonce ~= self.state.servernonce then
-				return "failure", "malformed-request", "Wrong nonce in client-second-message.";
+			if self.state.nonce ~= self.state.clientnonce..self.state.servernonce then
+				return "failure", "malformed-request", "Wrong nonce in client-final-message.";
 			end
 			
 			local SaltedPassword = self.state.salted_password;

Mercurial Repository: lxmppd-hg-xmllex

mercurial