From f8c76ac1e80f69244c069b08ef40114cbade30ec Mon Sep 17 00:00:00 2001
From: Emmanuel Gil Peyrot <emmanuel.peyrot@collabora.com>
Date: Sat, 1 Apr 2017 14:36:55 +0100
Subject: [PATCH] =?UTF-8?q?respect=20rfc6120=20=C2=A76.5=20properly=20in?=
 =?UTF-8?q?=20sasl=5Ferror?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Any unknown condition should be considered as a <not-authorized/> one.
---
 src/components/sasl_error.rs | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/src/components/sasl_error.rs b/src/components/sasl_error.rs
index bf59cb48..4e943cf5 100644
--- a/src/components/sasl_error.rs
+++ b/src/components/sasl_error.rs
@@ -70,6 +70,16 @@ impl FromElement for SaslError {
         else if element.has_child("temporary-auth-failure", ns::SASL) {
             err.condition = Condition::TemporaryAuthFailure;
         }
+        else {
+            /* RFC 6120 section 6.5:
+             *
+             * However, because additional error conditions might be defined in
+             * the future, if an entity receives a SASL error condition that it
+             * does not understand then it MUST treat the unknown condition as
+             * a generic authentication failure, i.e., as equivalent to
+             * <not-authorized/> (Section 6.5.10). */
+            err.condition = Condition::NotAuthorized;
+        }
         Ok(err)
     }
 }