Changeset c788e15


Ignore:
Timestamp:
2015-10-08T08:38:47Z (9 years ago)
Author:
dequis <dx@…>
Branches:
master
Children:
e1bea35
Parents:
58b63de6
git-author:
dequis <dx@…> (05-10-15 04:20:07)
git-committer:
dequis <dx@…> (08-10-15 08:38:47)
Message:

The SASL PLAIN RFC says that the first part can be empty

So use the second part as the username, and only require it to be equal
to the first part if that one is present.

ABNF from the spec:

message = [authzid] UTF8NUL authcid UTF8NUL passwd

Note brackets.

Authzid (authorization identity) is meant for impersonation, which we
don't support. The actual login username is defined by authcid
(authentication identity)

Thanks grawity for pointing this out.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • irc_commands.c

    r58b63de6 rc788e15  
    8080
    8181        /* sanity checks */
    82         if (part != 3 || i != (len + 1) || strcmp(parts[0], parts[1]) != 0) {
     82        if (part != 3 || i != (len + 1) || (parts[0][0] && strcmp(parts[0], parts[1]) != 0)) {
    8383                g_free(decoded);
    8484                return FALSE;
    8585        } else {
    86                 *user = g_strdup(parts[0]);
     86                *user = g_strdup(parts[1]);
    8787                *pass = g_strdup(parts[2]);
    8888                g_free(decoded);
Note: See TracChangeset for help on using the changeset viewer.