Hi Andrey,

On 25 August 2016 at 18:19, Andrey Prokopenko
<andreyprokopenk...@gmail.com> wrote:
> Hi fellow chatters.
> Just discovered a rather nasty bug in mod_saslauth module, effectively
> preventing Smack (or any other XMPP lib) to connect to the prosody.
> In particular, function build_reply within SASL authentication module
> mod_saslauth.lua adds "=" sign to empty response. Thus reply cannot be
> decoded back from Base64 and processed with Smack library (or any other XMPP
> library in fact )and fails with "invalid base" exception.

This is from RFC 6120, section 6.4.2:

and 6.4.6: http://xmpp.org/rfcs/rfc6120.html#sasl-process-neg-success

In short, the '=' is used to differentiate "no data" and "empty data"
within the SASL element. On receiving '=', you need to skip base64
decoding and just treat it as an empty string.


You received this message because you are subscribed to the Google Groups 
"prosody-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to prosody-dev+unsubscr...@googlegroups.com.
To post to this group, send email to prosody-dev@googlegroups.com.
Visit this group at https://groups.google.com/group/prosody-dev.
For more options, visit https://groups.google.com/d/optout.

Reply via email to