if authentication == nil or password == nil then return "failure", "malformed-request" end
- local password_encoding, correct_password = self.password_handler(authentication, self.realm, "PLAIN")
+ local password_encoding, correct_password = self.password_handler(authentication, self.realm, self.realm, "PLAIN")
if correct_password == nil then return "failure", "not-authorized"
elseif correct_password == false then return "failure", "account-disabled" end
local object = { mechanism = "DIGEST-MD5", realm = realm, password_handler = password_handler};
- --TODO: something better than math.random would be nice, maybe OpenSSL's random number generator
object.nonce = generate_uuid();
object.step = 0;
object.nonce_count = {};
if not response["qop"] then response["qop"] = "auth" end
if response["realm"] == nil or response["realm"] == "" then
- response["realm"] = self.realm;
+ response["realm"] = "";
elseif response["realm"] ~= self.realm then
return "failure", "not-authorized", "Incorrect realm value";
end
--TODO maybe realm support
self.username = response["username"];
- local password_encoding, Y = self.password_handler(response["username"], response["realm"], "DIGEST-MD5", decoder)
+ local password_encoding, Y = self.password_handler(response["username"], domain, response["realm"], "DIGEST-MD5", decoder);
if Y == nil then return "failure", "not-authorized"
elseif Y == false then return "failure", "account-disabled" end
local A1 = "";
if response.authzid then
if response.authzid == self.username.."@"..self.realm then
+ -- COMPAT
log("warn", "Client is violating XMPP RFC. See section 6.1 of RFC 3920.");
A1 = Y..":"..response["nonce"]..":"..response["cnonce"]..":"..response.authzid;
else
function object.feed(self, message)
return "success"
end
- --TODO: From XEP-0175 "It is RECOMMENDED for the node identifier to be a UUID as specified in RFC 4122 [5]." So util.uuid() should (or have an option to) behave as specified in RFC 4122.
object["username"] = generate_uuid()
return object
end