From cb8e9f7b3dec1963e0d985b1b2541b260a132762 Mon Sep 17 00:00:00 2001
From: Azul <azul@riseup.net>
Date: Mon, 15 Oct 2012 12:54:24 +0200
Subject: expecting the salt to be send with key salt

---
 src/srp.js | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

(limited to 'src')

diff --git a/src/srp.js b/src/srp.js
index 972b211..b348e69 100644
--- a/src/srp.js
+++ b/src/srp.js
@@ -19,9 +19,14 @@ function SRP(remote, session)
       // B = 0 will make the algorithm always succeed
       // -> refuse such a server answer
       if(response.B === 0) {
-        srp.error("Server send random number 0 - this is not allowed");
-      } else {
-        session.calculations(response.s, response.B);
+        srp.error("Server send random number 0 - could not login.");
+      }
+      else if(! response.salt || response.salt === 0) {
+        srp.error("Server failed to send salt - could not login.");
+      } 
+      else 
+      {
+        session.calculations(response.salt, response.B);
         remote.authenticate(session, confirm_authentication);
       }
     }
-- 
cgit v1.2.3