diff options
| -rw-r--r-- | src/rabbit_auth_mechanism_amqplain.erl | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/src/rabbit_auth_mechanism_amqplain.erl b/src/rabbit_auth_mechanism_amqplain.erl index 6ae0512a47..acc5f678e2 100644 --- a/src/rabbit_auth_mechanism_amqplain.erl +++ b/src/rabbit_auth_mechanism_amqplain.erl @@ -41,13 +41,21 @@ should_offer(_Sock) -> init(_Sock) -> []. +-define(IS_STRING_TYPE(Type), Type =:= longstr orelse Type =:= shortstr). + handle_response(Response, _State) -> LoginTable = rabbit_binary_parser:parse_table(Response), case {lists:keysearch(<<"LOGIN">>, 1, LoginTable), lists:keysearch(<<"PASSWORD">>, 1, LoginTable)} of - {{value, {_, longstr, User}}, - {value, {_, longstr, Pass}}} -> + {{value, {_, UserType, User}}, + {value, {_, PassType, Pass}}} when ?IS_STRING_TYPE(UserType); + ?IS_STRING_TYPE(PassType) -> rabbit_access_control:check_user_pass_login(User, Pass); + {{value, {_, _UserType, _User}}, + {value, {_, _PassType, _Pass}}} -> + {protocol_error, + "AMQPLAIN auth info ~w uses unsupported type for LOGIN or PASSWORD field", + [LoginTable]}; _ -> {protocol_error, "AMQPLAIN auth info ~w is missing LOGIN or PASSWORD field", |