The SASL PLAIN RFC says that the first part can be empty

So use the second part as the username, and only require it to be equal to the first part if that one is present. ABNF from the spec: message = [authzid] UTF8NUL authcid UTF8NUL passwd Note brackets. Authzid (authorization identity) is meant for impersonation, which we don't support. The actual login username is defined by authcid (authentication identity) Thanks grawity for pointing this out.
author: dequis <dx@dxzone.com.ar> 2015-10-05 01:20:07 -0300
committer: dequis <dx@dxzone.com.ar> 2015-10-08 05:38:47 -0300
commit: c788e1599d6878e447f237d675e7341f5fbc1245 (patch)
tree: 9257d9bea13dd38a2d3d52ee95b1d96376658aac /irc_commands.c
parent: 58b63de6f1dd84a4923c623dafd548512ecdf054 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/irc_commands.c b/irc_commands.c
index aa0ecb73..4e2a2c64 100644
--- a/irc_commands.c
+++ b/irc_commands.c
@@ -79,11 +79,11 @@ static gboolean irc_sasl_plain_parse(char *input, char **user, char **pass)
 	}
 
 	/* sanity checks */
-	if (part != 3 || i != (len + 1) || strcmp(parts[0], parts[1]) != 0) {
+	if (part != 3 || i != (len + 1) || (parts[0][0] && strcmp(parts[0], parts[1]) != 0)) {
 		g_free(decoded);
 		return FALSE;
 	} else {
-		*user = g_strdup(parts[0]);
+		*user = g_strdup(parts[1]);
 		*pass = g_strdup(parts[2]);
 		g_free(decoded);
 		return TRUE;
author	dequis <dx@dxzone.com.ar>	2015-10-05 01:20:07 -0300
committer	dequis <dx@dxzone.com.ar>	2015-10-08 05:38:47 -0300
commit	c788e1599d6878e447f237d675e7341f5fbc1245 (patch)
tree	9257d9bea13dd38a2d3d52ee95b1d96376658aac /irc_commands.c
parent	58b63de6f1dd84a4923c623dafd548512ecdf054 (diff)