diff options
author | Marco Barisione <marco@barisione.org> | 2011-08-17 13:25:03 +0100 |
---|---|---|
committer | Marco Barisione <marco@barisione.org> | 2011-08-17 15:45:38 +0100 |
commit | 891dfc761b465f5c195917b60d9fbcede54ee6d8 (patch) | |
tree | 941d1a4e61951b1db85913ab7557e29b535e976e | |
parent | c6850584919e4f2f1ab2644c67e6a2ee024d61a9 (diff) |
sasl-digest-md5: the response needs both the realm and server
Some of the fields in the response wocky sends to the server require
the realm (like the "realm" field) while others require the server name
(like the "digest-uri" field). Usually this bug is not noticeable as the
realm and the server name are the same.
Reviewed-by: Vivek Dasmohapatra <vivek@collabora.co.uk>
-rw-r--r-- | wocky/wocky-sasl-digest-md5.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/wocky/wocky-sasl-digest-md5.c b/wocky/wocky-sasl-digest-md5.c index 75d2437..b98257e 100644 --- a/wocky/wocky-sasl-digest-md5.c +++ b/wocky/wocky-sasl-digest-md5.c @@ -339,7 +339,7 @@ md5_prepare_response (WockySaslDigestMd5Private *priv, GHashTable *challenge, /* FIXME properly escape values */ g_string_append_printf (response, "username=\"%s\"", priv->username); g_string_append_printf (response, ",realm=\"%s\"", realm); - g_string_append_printf (response, ",digest-uri=\"xmpp/%s\"", realm); + g_string_append_printf (response, ",digest-uri=\"xmpp/%s\"", priv->server); g_string_append_printf (response, ",nonce=\"%s\",nc=00000001", nonce); g_string_append_printf (response, ",cnonce=\"%s\"", cnonce); /* FIXME should check if auth is in the cop challenge val */ @@ -357,7 +357,7 @@ md5_prepare_response (WockySaslDigestMd5Private *priv, GHashTable *challenge, g_free (digest_md5); - a2 = g_strdup_printf ("AUTHENTICATE:xmpp/%s", realm); + a2 = g_strdup_printf ("AUTHENTICATE:xmpp/%s", priv->server); a2h = md5_hex_hash (a2, -1); kd = g_strdup_printf ("%s:%s:00000001:%s:auth:%s", a1h, nonce, cnonce, a2h); @@ -370,7 +370,7 @@ md5_prepare_response (WockySaslDigestMd5Private *priv, GHashTable *challenge, g_free (a2h); /* Calculate the response we expect from the server */ - a2 = g_strdup_printf (":xmpp/%s", realm); + a2 = g_strdup_printf (":xmpp/%s", priv->server); a2h = md5_hex_hash (a2, -1); kd = g_strdup_printf ("%s:%s:00000001:%s:auth:%s", a1h, nonce, cnonce, a2h); |