[gnutls-devel] GnuTLS | cannot use colon (':') in gnutls_psk_set_server_credentials_file file (#1103)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Tue Oct 13 04:19:34 CEST 2020
Spongman created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1103
rfc4279 does not exclude ':' from the PSK identity, so the client can (and do) send usernames that contain ':' characters.
for example:
```
username = urn:imei:1234567890
```
it's impossible to authenticate these username when put in a file passwd to gnutls_psk_set_server_credentials_file(), since that authentication path just blindly looks for the first ':' on the line, eg:
```
urn:imei:1234567890:password
```
the parsing code for that line should allow escaping the ':'s in the username, eg:
```
urn\:imei\:1234567890:password
```
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1103
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20201013/473cbdb6/attachment.html>
More information about the Gnutls-devel
mailing list