projects
/
prosody.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
9d3e0fe
)
Add check for forbidden char sequences in validate_username().
author
Tobias Markmann
<tm@ayena.de>
Tue, 17 Nov 2009 10:31:59 +0000
(11:31 +0100)
committer
Tobias Markmann
<tm@ayena.de>
Tue, 17 Nov 2009 10:31:59 +0000
(11:31 +0100)
util/sasl/scram.lua
patch
|
blob
|
history
diff --git
a/util/sasl/scram.lua
b/util/sasl/scram.lua
index 9362cca7956f7a36eadf8bf34e3a0c3b54b324de..c3bc9600d465dddd6084e99d972c2898f726e8a4 100644
(file)
--- a/
util/sasl/scram.lua
+++ b/
util/sasl/scram.lua
@@
-60,7
+60,8
@@
end
local function validate_username(username)
-- check for forbidden char sequences
-
+ for eq in s:gmatch("=(.?.?)") do
+ if eq ~= "2D" and eq ~= "3D" then return false end end return true;
-- replace =2D with , and =3D with =
-- apply SASLprep