mirror of
https://github.com/ergochat/ergo.git
synced 2024-12-22 18:52:41 +01:00
allow null bytes in bearer tokens
(Haven't decided what to do at the spec level yet)
This commit is contained in:
parent
ed683bff79
commit
794b4a2483
@ -311,7 +311,7 @@ func authIRCv3BearerHandler(server *Server, client *Client, session *Session, va
|
||||
defer session.sasl.Clear()
|
||||
|
||||
// <authzid> \x00 <type> \x00 <token>
|
||||
splitValue := bytes.Split(value, []byte{'\000'})
|
||||
splitValue := bytes.SplitN(value, []byte{'\000'}, 3)
|
||||
if len(splitValue) != 3 {
|
||||
rb.Add(nil, server.name, ERR_SASLFAIL, client.Nick(), client.t("SASL authentication failed: Invalid auth blob"))
|
||||
return false
|
||||
|
Loading…
Reference in New Issue
Block a user