From 6645d0d38dc4627a9553235a98df4f4717a1fc6f Mon Sep 17 00:00:00 2001 From: LemonBoy Date: Fri, 11 Sep 2015 22:09:47 +0200 Subject: Explicitly set the authorization id during the PLAIN handshake On error show the user the message sent by the server. --- src/irc/core/sasl.c | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) (limited to 'src/irc/core') diff --git a/src/irc/core/sasl.c b/src/irc/core/sasl.c index 0e343299..4d52e3c0 100644 --- a/src/irc/core/sasl.c +++ b/src/irc/core/sasl.c @@ -47,8 +47,7 @@ static void sasl_fail (IRC_SERVER_REC *server, const char *data, const char *fro server->sasl_timeout = -1; } - g_critical("Authentication failed, make sure your credentials are correct and that the mechanism " - "you have selected is supported by this server."); + g_critical("Authentication failed with reason \"%s\"", data); /* Terminate the negotiation */ cap_finish_negotiation(server); @@ -93,15 +92,15 @@ static void sasl_step (IRC_SERVER_REC *server, const char *data, const char *fro switch (conn->sasl_mechanism) { case SASL_MECHANISM_PLAIN: - /* At this point we assume that conn->{username, password} are non-NULL. + /* At this point we assume that conn->sasl_{username, password} are non-NULL. * The PLAIN mechanism expects a NULL-separated string composed by the authorization identity, the * authentication identity and the password. - * The authorization identity field is optional and can be omitted, the server will derive the - * identity by looking at the credentials provided. + * The authorization identity field is explicitly set to the user provided username. * The whole request is then encoded in base64. */ req = g_string_new(NULL); + g_string_append(req, conn->sasl_username); g_string_append_c(req, '\0'); g_string_append(req, conn->sasl_username); g_string_append_c(req, '\0'); -- cgit v1.2.3