aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGravatar jesopo2019-02-06 11:07:50 +0000
committerGravatar jesopo2019-02-06 11:07:50 +0000
commita7554b835e7f54897b8903fbf04fe4873f30862a (patch)
treea52d1ee24f083660db97aba7686e30a07befe34b
parentType annotate scram.py and don't pass base64 data to scram.py functions (diff)
signature
"+" as part of a SASL handshake is irc-specific so remove it from scram.py
Diffstat
-rw-r--r--modules/sasl/__init__.py6
-rw-r--r--modules/sasl/scram.py6
2 files changed, 7 insertions, 5 deletions
diff --git a/modules/sasl/__init__.py b/modules/sasl/__init__.py
index d7a768ae..2861d482 100644
--- a/modules/sasl/__init__.py
+++ b/modules/sasl/__init__.py
@@ -78,10 +78,12 @@ class Module(ModuleManager.BaseModule):
if current_scram.state == scram.SCRAMState.ClientFirst:
auth_text = current_scram.server_first(data)
elif current_scram.state == scram.SCRAMState.ClientFinal:
- auth_text = current_scram.server_final(data)
+ verified = current_scram.server_final(data)
del event["server"]._scram
- if current_scram.state == scram.SCRAMState.VerifyFailed:
+ if verified:
+ auth_text = "+"
+ else:
event["server"].disconnect()
raise ValueError("Server SCRAM verification failed")
diff --git a/modules/sasl/scram.py b/modules/sasl/scram.py
index 2ac402e1..bb7f70a6 100644
--- a/modules/sasl/scram.py
+++ b/modules/sasl/scram.py
@@ -73,7 +73,7 @@ class SCRAM(object):
return auth_noproof + (b",p=%s" % client_proof)
- def server_final(self, data: bytes) -> bytes:
+ def server_final(self, data: bytes) -> bool:
# server-final-message
pieces = self._get_pieces(data)
verifier = pieces[b"v"]
@@ -83,7 +83,7 @@ class SCRAM(object):
if server_signature != base64.b64decode(verifier):
self.state = SCRAMState.VerifyFailed
- return None
+ return False
else:
self.state = SCRAMState.Success
- return "+"
+ return True
generated by cgit v1.3.1-10-gc9f91 (git 2.54.0) at 2026-06-11 20:08:13 +0000