"+" as part of a SASL handshake is irc-specific so remove it from scram.py

2019-02-06 11:07:50 +00:00 · 2019-02-06 11:07:50 +00:00 · a7554b835e
commit a7554b835e
parent 6b4bb7cdba
2 changed files with 7 additions and 5 deletions
--- a/modules/sasl/init.py
+++ b/modules/sasl/init.py
@ -78,10 +78,12 @@ class Module(ModuleManager.BaseModule):
                if current_scram.state == scram.SCRAMState.ClientFirst:
                    auth_text = current_scram.server_first(data)
                elif current_scram.state == scram.SCRAMState.ClientFinal:
-                    auth_text = current_scram.server_final(data)
+                    verified = current_scram.server_final(data)
                    del event["server"]._scram

-                    if current_scram.state == scram.SCRAMState.VerifyFailed:
+                    if verified:
+                        auth_text = "+"
+                    else:
                        event["server"].disconnect()
                        raise ValueError("Server SCRAM verification failed")

--- a/modules/sasl/scram.py
+++ b/modules/sasl/scram.py
@ -73,7 +73,7 @@ class SCRAM(object):

        return auth_noproof + (b",p=%s" % client_proof)

-    def server_final(self, data: bytes) -> bytes:
+    def server_final(self, data: bytes) -> bool:
        # server-final-message
        pieces = self._get_pieces(data)
        verifier = pieces[b"v"]
@ -83,7 +83,7 @@ class SCRAM(object):

        if server_signature != base64.b64decode(verifier):
            self.state = SCRAMState.VerifyFailed
-            return None
+            return False
        else:
            self.state = SCRAMState.Success
-            return "+"
+            return True