Mercurial Mercurial > prosody > prosody-modules / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_sasl2_fast: Improve handling when SASL profile unexpectedly lacks CB
authorMatthew Wild <mwild1@gmail.com>
Tue, 16 Apr 2024 10:42:25 +0100
changeset 5886 563c2c70cb9f
parent 5885 66e7d46b1d4b
child 5887 6c11e1b4066d
mod_sasl2_fast: Improve handling when SASL profile unexpectedly lacks CB This fixes a traceback reported by riau, but likely does not solve the underlying cause, whatever that is.
mod_sasl2_fast/mod_sasl2_fast.lua file | annotate | diff | comparison | revisions 
--- a/mod_sasl2_fast/mod_sasl2_fast.lua	Tue Apr 09 14:44:52 2024 -0500
+++ b/mod_sasl2_fast/mod_sasl2_fast.lua	Tue Apr 16 10:42:25 2024 +0100
@@ -196,6 +196,13 @@
 		if not authc_username then
 			return "failure", "malformed-request";
 		end
+		if not sasl_handler.profile.cb then
+			module:log("warn", "Attempt to use channel binding %s with SASL profile that does not support any channel binding (FAST: %s)", cb_name, sasl_handler.fast);
+			return "failure", "malformed-request";
+		elseif not sasl_handler.profile.cb[cb_name] then
+			module:log("warn", "SASL profile does not support %s channel binding (FAST: %s)", cb_name, sasl_handler.fast);
+			return "failure", "malformed-request";
+		end
 		local cb_data = cb_name and sasl_handler.profile.cb[cb_name](sasl_handler) or "";
 		local ok, authz_username, response, rotation_needed = backend(
 			mechanism_name,
prosody-modules