Mercurial > prosody-modules
diff mod_sasl2_fast/mod_sasl2_fast.lua @ 5921:e67fc7b66c13
mod_sasl2_fast: Fix malformed-request when using HT-*-NONE (thanks lnj!)
This crept into the previous commit which tried to fail early when CB was
requested but unavailable - that commit did not actually check that CB *was*
requested.
author | Matthew Wild <mwild1@gmail.com> |
---|---|
date | Fri, 07 Jun 2024 16:26:54 +0100 |
parents | 563c2c70cb9f |
children | 87441b567277 |
line wrap: on
line diff
--- a/mod_sasl2_fast/mod_sasl2_fast.lua Fri Jun 07 16:14:58 2024 +0100 +++ b/mod_sasl2_fast/mod_sasl2_fast.lua Fri Jun 07 16:26:54 2024 +0100 @@ -196,14 +196,17 @@ if not authc_username then return "failure", "malformed-request"; end - if not sasl_handler.profile.cb then - module:log("warn", "Attempt to use channel binding %s with SASL profile that does not support any channel binding (FAST: %s)", cb_name, sasl_handler.fast); - return "failure", "malformed-request"; - elseif not sasl_handler.profile.cb[cb_name] then - module:log("warn", "SASL profile does not support %s channel binding (FAST: %s)", cb_name, sasl_handler.fast); - return "failure", "malformed-request"; + local cb_data; + if cb_name then + if not sasl_handler.profile.cb then + module:log("warn", "Attempt to use channel binding %s with SASL profile that does not support any channel binding (FAST: %s)", cb_name, sasl_handler.fast); + return "failure", "malformed-request"; + elseif not sasl_handler.profile.cb[cb_name] then + module:log("warn", "SASL profile does not support %s channel binding (FAST: %s)", cb_name, sasl_handler.fast); + return "failure", "malformed-request"; + end + cb_data = sasl_handler.profile.cb[cb_name](sasl_handler) or ""; end - local cb_data = cb_name and sasl_handler.profile.cb[cb_name](sasl_handler) or ""; local ok, authz_username, response, rotation_needed = backend( mechanism_name, authc_username,