From a7554b835e7f54897b8903fbf04fe4873f30862a Mon Sep 17 00:00:00 2001 From: jesopo Date: Wed, 6 Feb 2019 11:07:50 +0000 Subject: "+" as part of a SASL handshake is irc-specific so remove it from scram.py --- modules/sasl/__init__.py | 6 ++++-- modules/sasl/scram.py | 6 +++--- 2 files changed, 7 insertions(+), 5 deletions(-) (limited to 'modules') diff --git a/modules/sasl/__init__.py b/modules/sasl/__init__.py index d7a768ae..2861d482 100644 --- a/modules/sasl/__init__.py +++ b/modules/sasl/__init__.py @@ -78,10 +78,12 @@ class Module(ModuleManager.BaseModule): if current_scram.state == scram.SCRAMState.ClientFirst: auth_text = current_scram.server_first(data) elif current_scram.state == scram.SCRAMState.ClientFinal: - auth_text = current_scram.server_final(data) + verified = current_scram.server_final(data) del event["server"]._scram - if current_scram.state == scram.SCRAMState.VerifyFailed: + if verified: + auth_text = "+" + else: event["server"].disconnect() raise ValueError("Server SCRAM verification failed") diff --git a/modules/sasl/scram.py b/modules/sasl/scram.py index 2ac402e1..bb7f70a6 100644 --- a/modules/sasl/scram.py +++ b/modules/sasl/scram.py @@ -73,7 +73,7 @@ class SCRAM(object): return auth_noproof + (b",p=%s" % client_proof) - def server_final(self, data: bytes) -> bytes: + def server_final(self, data: bytes) -> bool: # server-final-message pieces = self._get_pieces(data) verifier = pieces[b"v"] @@ -83,7 +83,7 @@ class SCRAM(object): if server_signature != base64.b64decode(verifier): self.state = SCRAMState.VerifyFailed - return None + return False else: self.state = SCRAMState.Success - return "+" + return True -- cgit v1.3.1-10-gc9f91