GitHub/ergo
3
0
Fork 0
mirror of https://github.com/ergochat/ergo.git synced 2024-11-22 11:59:40 +01:00
Code Issues Projects Releases Wiki Activity

allow null bytes in bearer tokens

Browse Source 
(Haven't decided what to do at the spec level yet)
This commit is contained in:
Shivaram Lingamneni 2024-05-29 01:54:12 -04:00
parent ed683bff79
commit 794b4a2483
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
irc/handlers.go
View File

@ -311,7 +311,7 @@ func authIRCv3BearerHandler(server *Server, client *Client, session *Session, va
defer session.sasl.Clear() defer session.sasl.Clear()
// <authzid> \x00 <type> \x00 <token> // <authzid> \x00 <type> \x00 <token>
splitValue := bytes.Split(value, []byte{'\000'}) splitValue := bytes.SplitN(value, []byte{'\000'}, 3)
if len(splitValue) != 3 { if len(splitValue) != 3 {
rb.Add(nil, server.name, ERR_SASLFAIL, client.Nick(), client.t("SASL authentication failed: Invalid auth blob")) rb.Add(nil, server.name, ERR_SASLFAIL, client.Nick(), client.t("SASL authentication failed: Invalid auth blob"))
return false return false