From 9d57e1a63b74dd3951b2987900f6f046fa0aa458 Mon Sep 17 00:00:00 2001 From: lumi Date: Tue, 7 Mar 2017 18:38:21 +0100 Subject: [PATCH] improvements in channel binding --- src/client.rs | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/src/client.rs b/src/client.rs index 009d2b79..06f4133a 100644 --- a/src/client.rs +++ b/src/client.rs @@ -158,18 +158,22 @@ impl Client { let ms = &features.sasl_mechanisms.ok_or(Error::SaslError(Some("no SASL mechanisms".to_owned())))?; fn wrap_err(err: String) -> Error { Error::SaslError(Some(err)) } // TODO: better way for selecting these, enabling anonymous auth - let mut mechanism: Box = if ms.contains("SCRAM-SHA-256-PLUS") { + let mut mechanism: Box = if ms.contains("SCRAM-SHA-256-PLUS") && credentials.channel_binding != ChannelBinding::None { Box::new(Scram::::from_credentials(credentials).map_err(wrap_err)?) } - else if ms.contains("SCRAM-SHA-1-PLUS") { + else if ms.contains("SCRAM-SHA-1-PLUS") && credentials.channel_binding != ChannelBinding::None { Box::new(Scram::::from_credentials(credentials).map_err(wrap_err)?) } else if ms.contains("SCRAM-SHA-256") { - credentials.channel_binding = ChannelBinding::Unsupported; + if credentials.channel_binding != ChannelBinding::None { + credentials.channel_binding = ChannelBinding::Unsupported; + } Box::new(Scram::::from_credentials(credentials).map_err(wrap_err)?) } else if ms.contains("SCRAM-SHA-1") { - credentials.channel_binding = ChannelBinding::Unsupported; + if credentials.channel_binding != ChannelBinding::None { + credentials.channel_binding = ChannelBinding::Unsupported; + } Box::new(Scram::::from_credentials(credentials).map_err(wrap_err)?) } else if ms.contains("PLAIN") {