summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMatthias Benkard <code@mail.matthias.benkard.de>2009-10-08 23:11:39 +0200
committerMatthias Benkard <code@mail.matthias.benkard.de>2009-10-08 23:11:39 +0200
commitc154406f2afc17217b5f459a8f245aa5e5e06aad (patch)
tree095485c5aa54f461346cf34dc70773ba2cab6bc0
parentc16bbea59154727b3391792313075d75a85eabb4 (diff)
In WSSE authentication, correctly decode the nonce submitted by the client.
Ignore-this: 49dc2804a0cc8a3c1eef66315d4e7cab darcs-hash:9cdef053979e0cc217d74468341520a4ef3c537d
-rw-r--r--utils.lisp4
1 files changed, 3 insertions, 1 deletions
diff --git a/utils.lisp b/utils.lisp
index 47cfc5a..4bae17e 100644
--- a/utils.lisp
+++ b/utils.lisp
@@ -393,7 +393,9 @@ ELEMENT-TYPE as the stream's."
(time (and (stringp timestamp)
(cybertiggyr-time:parse-time timestamp
(list (cybertiggyr-time::make-fmt-recognizer "%Y-%m-%dT%H:%M:%SZ")))))
- (nonce (cdr (assoc "nonce" params :test 'equalp)))
+ (encoded-nonce (cdr (assoc "nonce" params :test 'equalp)))
+ (nonce (and encoded-nonce
+ (cl-base64:base64-string-to-string encoded-nonce)))
(user (cdr (assoc "username" params :test 'equalp)))
(their-digest (cdr (assoc "passworddigest" params :test 'equalp)))
(our-digest (and (stringp nonce)