Mercurial Mercurial > prosody > prosody-modules / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_sasl2_fast: Fix traceback when no cb_data is available (thanks riau)
authorMatthew Wild <mwild1@gmail.com>
Wed, 19 Jun 2024 13:53:12 +0100
changeset 5927 87441b567277
parent 5926 f408b8e603af
child 5928 2b80188448d1
mod_sasl2_fast: Fix traceback when no cb_data is available (thanks riau) We already verify (earlier in the process) that cb_data is present if we are using a mechanism that requires it.
mod_sasl2_fast/mod_sasl2_fast.lua file | annotate | diff | comparison | revisions 
--- a/mod_sasl2_fast/mod_sasl2_fast.lua	Sat Jun 08 03:28:25 2024 -0500
+++ b/mod_sasl2_fast/mod_sasl2_fast.lua	Wed Jun 19 13:53:12 2024 +0100
@@ -49,7 +49,7 @@
 			log("debug", "Looking for %s token %s/%s", mechanism, username, key);
 			token = token_store:get(username, key);
 			if token and token.mechanism == mechanism then
-				local expected_hash = hmac_f(token.secret, "Initiator"..cb_data);
+				local expected_hash = hmac_f(token.secret, "Initiator"..(cb_data or ""));
 				if hash.equals(expected_hash, token_hash) then
 					local current_time = now();
 					if token.expires_at < current_time then
@@ -77,7 +77,7 @@
 						log("debug", "FAST token due for rotation (age: %d)", current_time - token.issued_at);
 						rotation_needed = true;
 					end
-					return true, username, hmac_f(token.secret, "Responder"..cb_data), rotation_needed;
+					return true, username, hmac_f(token.secret, "Responder"..(cb_data or "")), rotation_needed;
 				end
 			end
 			if not tried_current_token then
prosody-modules