On Mon, Jan 12, 2004 at 10:07:18AM +0300, Alexey Nezhdanov wrote: > Hello. Recently tryed to use SASL against ejabberd. > Found several differences: > 1) challenge responces. > jabberd2 response: > realm="jabber.penza-gsm.ru",nonce="baca3d3c76bab6edb7d7f2736733cf63300f9595",qop=auth,charset=utf-8,algorithm=md5-sess > ejabbed response: > nonce="1303694217",qop="auth",charset=utf-8,algorithm=md5-sess > > The main problem is that double quotes appears in one case and disappears in > the another. The worst problem that I can't find out which case is proper.
Yes, RFC 2831 is ambiguous on this. I will try to find out what is right. It could be that the double-quotes are optional. > RFC2831 extract: > [EMAIL PROTECTED]:/mnt/hda2/var/lib/cvs/jabberpy2/ietf-docs$ grep qop rfc2831.txt,v > qop-options = "qop" "=" <"> qop-list <"> > qop-list = 1#qop-value > qop-value = "auth" | "auth-int" | "auth-conf" | > qop = "qop" "=" qop-value > On the other hand here is example challenge from the same RFC: > S: realm="elwood.innosoft.com",nonce="OA6MG9tEQGm2hh",qop="auth", > response=d388dad90d4bbd760a152321f2143af7,qop=auth > > Also as you can see - there are no "realm" field in ejabbed challenge. Do not > know if it is error or not. The realm is optional per RFC 2831. Peter -- Peter Saint-Andre Jabber Software Foundation http://www.jabber.org/people/stpeter.php _______________________________________________ jdev mailing list [EMAIL PROTECTED] http://mailman.jabber.org/listinfo/jdev
