mongodb/mongo-python-driver
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Raise if nonce or server signature don't match.

Browse Source
This commit is contained in:
Bernie Hackett 2014-12-02 12:08:18 -08:00
parent 86e85ce715
commit 1398a4b782
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
pymongo/auth.py
View File

@ -189,7 +189,8 @@ def _scram_sha1_conversation(
iterations = int(parsed[b('i')])
salt = parsed[b('s')]
rnonce = parsed[b('r')]
assert rnonce.startswith(nonce)
if not rnonce.startswith(nonce):
raise OperationFailure("Server returned an invalid nonce.")
without_proof = b("c=biws,r=") + rnonce
salted_pass = _hi(_password_digest(username, password).encode("utf-8"),
@ -212,7 +213,8 @@ def _scram_sha1_conversation(
res, _ = cmd_func(sock_info, source, cmd)
parsed = _parse_scram_response(res['payload'])
assert parsed[b('v')] == server_sig
if parsed[b('v')] != server_sig:
raise OperationFailure("Server returned an invalid signature.")
# Depending on how it's configured, Cyrus SASL (which the server uses)
# requires a third empty challenge.