From 723176efd7532edbce9a27a3433bb63186568327 Mon Sep 17 00:00:00 2001
From: Tobias Markmann <tm@ayena.de>
Date: Sat, 15 Feb 2014 11:29:22 +0100
Subject: Fix SCRAM-SHA-1-PLUS channel binding negotiation code. (Thanks Kim
 Alvefur)

For details see section 6. Channel Binding, point 2 in RFC 5802.

Change-Id: If64ebb373ed7d63c8668b03b90b1f5e87be1ab19
License: This patch is BSD-licensed, see Documentation/Licenses/BSD-simplified.txt for details.

diff --git a/Swiften/Client/ClientSession.cpp b/Swiften/Client/ClientSession.cpp
index f03cbaa..b29f63d 100644
--- a/Swiften/Client/ClientSession.cpp
+++ b/Swiften/Client/ClientSession.cpp
@@ -223,14 +223,14 @@ void ClientSession::handleElement(boost::shared_ptr<Element> element) {
 			else if (streamFeatures->hasAuthenticationMechanism("SCRAM-SHA-1") || streamFeatures->hasAuthenticationMechanism("SCRAM-SHA-1-PLUS")) {
 				std::ostringstream s;
 				ByteArray finishMessage;
-				bool plus = stream->isTLSEncrypted() && streamFeatures->hasAuthenticationMechanism("SCRAM-SHA-1-PLUS");
-				if (plus) {
+				bool plus = streamFeatures->hasAuthenticationMechanism("SCRAM-SHA-1-PLUS");
+				if (stream->isTLSEncrypted()) {
 					finishMessage = stream->getTLSFinishMessage();
 					plus &= !finishMessage.empty();
 				}
 				s << boost::uuids::random_generator()();
 				SCRAMSHA1ClientAuthenticator* scramAuthenticator = new SCRAMSHA1ClientAuthenticator(s.str(), plus, idnConverter, crypto);
-				if (plus) {
+				if (!finishMessage.empty()) {
 					scramAuthenticator->setTLSChannelBindingData(finishMessage);
 				}
 				authenticator = scramAuthenticator;
-- 
cgit v0.10.2-6-g49f6