mirror
/
oragono
mirror of https://github.com/oragono/oragono
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 70 Wiki Activity
Browse Source

allow null bytes in bearer tokens 

(Haven't decided what to do at the spec level yet)
tags/v2.14.0-rc1
Shivaram Lingamneni 1 month ago
parent
ed683bff79
commit
794b4a2483
1 changed files with 1 additions and 1 deletions
Unified View Show Diff Stats
  1. 1
    1
      irc/handlers.go

+ 1
- 1
irc/handlers.go View File

311 
 	defer session.sasl.Clear()
 311 
 	defer session.sasl.Clear()
312
312
313 
 	// <authzid> \x00 <type> \x00 <token>
 313 
 	// <authzid> \x00 <type> \x00 <token>
314 
-	splitValue := bytes.Split(value, []byte{'\000'})
314 
+	splitValue := bytes.SplitN(value, []byte{'\000'}, 3)
315 
 	if len(splitValue) != 3 {
 315 
 	if len(splitValue) != 3 {
316 
 		rb.Add(nil, server.name, ERR_SASLFAIL, client.Nick(), client.t("SASL authentication failed: Invalid auth blob"))
 316 
 		rb.Add(nil, server.name, ERR_SASLFAIL, client.Nick(), client.t("SASL authentication failed: Invalid auth blob"))
317 
 		return false
 317 
 		return false

Write Preview
Loading…
Cancel
Save