From b9510e0c035a26b6d2aa55f82278d1743f2e3e07 Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Thu, 26 Jul 2012 11:46:55 +0200
Subject: session is handled by the class that includes SRP::Authentication -
 not the client

---
 lib/srp/client.rb |  8 ++++----
 test/auth_test.rb | 10 ++++++++++
 2 files changed, 14 insertions(+), 4 deletions(-)

diff --git a/lib/srp/client.rb b/lib/srp/client.rb
index 667d5ba..be94072 100644
--- a/lib/srp/client.rb
+++ b/lib/srp/client.rb
@@ -19,10 +19,10 @@ module SRP
       x = calculate_x(username, password, salt)
       a = bigrand(32).hex
       aa = modpow(GENERATOR, a, PRIME_N) # A = g^a (mod N)
-      session = server.initialize_auth(aa)
-      u = calculate_u(aa, session.bb, PRIME_N)
-      client_s = calculate_client_s(x, a, session.bb, u)
-      server.authenticate(calculate_m(aa,session.bb,client_s), session)
+      bb = server.handshake(aa)
+      u = calculate_u(aa, bb, PRIME_N)
+      client_s = calculate_client_s(x, a, bb, u)
+      server.validate(calculate_m(aa, bb, client_s))
     end
 
     protected
diff --git a/test/auth_test.rb b/test/auth_test.rb
index b8c3c05..182722f 100644
--- a/test/auth_test.rb
+++ b/test/auth_test.rb
@@ -10,6 +10,16 @@ class User
     @salt = salt
     @verifier = verifier
   end
+
+  def handshake(aa)
+    @session = initialize_auth(aa)
+    return @session.bb
+  end
+
+  def validate(m)
+    authenticate(m, @session)
+  end
+
 end
 
 class AuthTest < Test::Unit::TestCase
-- 
cgit v1.2.3