summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTobias Markmann <tm@ayena.de>2014-02-15 10:29:22 (GMT)
committerSwift Review <review@swift.im>2014-03-24 20:13:00 (GMT)
commit723176efd7532edbce9a27a3433bb63186568327 (patch)
tree43fa0e1bedf2dae80e9c2f0c9fdb53cea3109d18
parent0bb2f5b6e811842c52500eef6685cc64367bd611 (diff)
downloadswift-723176efd7532edbce9a27a3433bb63186568327.zip
swift-723176efd7532edbce9a27a3433bb63186568327.tar.bz2
Fix SCRAM-SHA-1-PLUS channel binding negotiation code. (Thanks Kim Alvefur)
For details see section 6. Channel Binding, point 2 in RFC 5802. Change-Id: If64ebb373ed7d63c8668b03b90b1f5e87be1ab19 License: This patch is BSD-licensed, see Documentation/Licenses/BSD-simplified.txt for details.
-rw-r--r--Swiften/Client/ClientSession.cpp6
1 files changed, 3 insertions, 3 deletions
diff --git a/Swiften/Client/ClientSession.cpp b/Swiften/Client/ClientSession.cpp
index f03cbaa..b29f63d 100644
--- a/Swiften/Client/ClientSession.cpp
+++ b/Swiften/Client/ClientSession.cpp
@@ -223,14 +223,14 @@ void ClientSession::handleElement(boost::shared_ptr<Element> element) {
else if (streamFeatures->hasAuthenticationMechanism("SCRAM-SHA-1") || streamFeatures->hasAuthenticationMechanism("SCRAM-SHA-1-PLUS")) {
std::ostringstream s;
ByteArray finishMessage;
- bool plus = stream->isTLSEncrypted() && streamFeatures->hasAuthenticationMechanism("SCRAM-SHA-1-PLUS");
- if (plus) {
+ bool plus = streamFeatures->hasAuthenticationMechanism("SCRAM-SHA-1-PLUS");
+ if (stream->isTLSEncrypted()) {
finishMessage = stream->getTLSFinishMessage();
plus &= !finishMessage.empty();
}
s << boost::uuids::random_generator()();
SCRAMSHA1ClientAuthenticator* scramAuthenticator = new SCRAMSHA1ClientAuthenticator(s.str(), plus, idnConverter, crypto);
- if (plus) {
+ if (!finishMessage.empty()) {
scramAuthenticator->setTLSChannelBindingData(finishMessage);
}
authenticator = scramAuthenticator;