diff options
author | Simon MacMullen <simon@rabbitmq.com> | 2010-12-02 14:15:49 +0000 |
---|---|---|
committer | Simon MacMullen <simon@rabbitmq.com> | 2010-12-02 14:15:49 +0000 |
commit | ebdd6ea17b769b99b1d6d2a9eea0f71f7e9d6e51 (patch) | |
tree | 4eedda2730b1be5311f09f87672a25422f5111a6 | |
parent | 73203e46c5e194b9c60dc3f47dfc9a3c36cd7dd4 (diff) | |
download | rabbitmq-server-ebdd6ea17b769b99b1d6d2a9eea0f71f7e9d6e51.tar.gz |
More robust SASL PLAIN parsing - cope with any number of \0's being present without falling over.
-rw-r--r-- | src/rabbit_access_control.erl | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/src/rabbit_access_control.erl b/src/rabbit_access_control.erl index bc588013..cefe345c 100644 --- a/src/rabbit_access_control.erl +++ b/src/rabbit_access_control.erl @@ -103,9 +103,16 @@ %% SASL PLAIN, as used by the Qpid Java client and our clients. Also, %% apparently, by OpenAMQ. check_login(<<"PLAIN">>, Response) -> - [User, Pass] = [list_to_binary(T) || - T <- string:tokens(binary_to_list(Response), [0])], - user_pass_login(User, Pass); + case re:run(Response, "\\0([^\\0]*)", [{capture, all_but_first, binary}, + global]) of + {match, [[User],[Pass]]} -> + user_pass_login(User, Pass); + _ -> + rabbit_misc:protocol_error( + access_refused, "login refused, response '~p' invalid", + [Response]) + end; + %% AMQPLAIN, as used by Qpid Python test suite. The 0-8 spec actually %% defines this as PLAIN, but in 0-9 that definition is gone, instead %% referring generically to "SASL security mechanism", i.e. the above. |