In WSSE authentication, correctly decode the nonce submitted by the client.

Ignore-this: 49dc2804a0cc8a3c1eef66315d4e7cab darcs-hash:9cdef053979e0cc217d74468341520a4ef3c537d
author: Matthias Benkard <code@mail.matthias.benkard.de> 2009-10-08 23:11:39 +0200
committer: Matthias Benkard <code@mail.matthias.benkard.de> 2009-10-08 23:11:39 +0200
commit: c154406f2afc17217b5f459a8f245aa5e5e06aad (patch)
tree: 095485c5aa54f461346cf34dc70773ba2cab6bc0
parent: c16bbea59154727b3391792313075d75a85eabb4 (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/utils.lisp b/utils.lisp
index 47cfc5a..4bae17e 100644
--- a/utils.lisp
+++ b/utils.lisp
@@ -393,7 +393,9 @@ ELEMENT-TYPE as the stream's."
            (time (and (stringp timestamp)
                       (cybertiggyr-time:parse-time timestamp
                                                    (list (cybertiggyr-time::make-fmt-recognizer "%Y-%m-%dT%H:%M:%SZ")))))
-           (nonce (cdr (assoc "nonce" params :test 'equalp)))
+           (encoded-nonce (cdr (assoc "nonce" params :test 'equalp)))
+           (nonce (and encoded-nonce
+                       (cl-base64:base64-string-to-string encoded-nonce)))
            (user (cdr (assoc "username" params :test 'equalp)))
            (their-digest (cdr (assoc "passworddigest" params :test 'equalp)))
            (our-digest (and (stringp nonce)
author	Matthias Benkard <code@mail.matthias.benkard.de>	2009-10-08 23:11:39 +0200
committer	Matthias Benkard <code@mail.matthias.benkard.de>	2009-10-08 23:11:39 +0200
commit	c154406f2afc17217b5f459a8f245aa5e5e06aad (patch)
tree	095485c5aa54f461346cf34dc70773ba2cab6bc0
parent	c16bbea59154727b3391792313075d75a85eabb4 (diff)