Merge pull request #672 from SamWhited/development
Don't escape passwords in SASL
This commit is contained in:
commit
2c65477532
|
@ -52,7 +52,7 @@ public class ScramSha1 extends SaslMechanism {
|
||||||
final String[] kparts = k.split(",", 4);
|
final String[] kparts = k.split(",", 4);
|
||||||
try {
|
try {
|
||||||
final byte[] saltedPassword, serverKey, clientKey;
|
final byte[] saltedPassword, serverKey, clientKey;
|
||||||
saltedPassword = hi(CryptoHelper.saslPrep(CryptoHelper.hexToString(kparts[1])).getBytes(),
|
saltedPassword = hi(CryptoHelper.hexToString(kparts[1]).getBytes(),
|
||||||
Base64.decode(CryptoHelper.hexToString(kparts[2]), Base64.DEFAULT), Integer.valueOf(kparts[3]));
|
Base64.decode(CryptoHelper.hexToString(kparts[2]), Base64.DEFAULT), Integer.valueOf(kparts[3]));
|
||||||
serverKey = hmac(saltedPassword, SERVER_KEY_BYTES);
|
serverKey = hmac(saltedPassword, SERVER_KEY_BYTES);
|
||||||
clientKey = hmac(saltedPassword, CLIENT_KEY_BYTES);
|
clientKey = hmac(saltedPassword, CLIENT_KEY_BYTES);
|
||||||
|
@ -88,7 +88,7 @@ public class ScramSha1 extends SaslMechanism {
|
||||||
@Override
|
@Override
|
||||||
public String getClientFirstMessage() {
|
public String getClientFirstMessage() {
|
||||||
if (clientFirstMessageBare.isEmpty() && state == State.INITIAL) {
|
if (clientFirstMessageBare.isEmpty() && state == State.INITIAL) {
|
||||||
clientFirstMessageBare = "n=" + CryptoHelper.saslPrep(account.getUsername()) +
|
clientFirstMessageBare = "n=" + CryptoHelper.saslEscape(CryptoHelper.saslPrep(account.getUsername())) +
|
||||||
",r=" + this.clientNonce;
|
",r=" + this.clientNonce;
|
||||||
state = State.AUTH_TEXT_SENT;
|
state = State.AUTH_TEXT_SENT;
|
||||||
}
|
}
|
||||||
|
|
|
@ -80,7 +80,7 @@ public class CryptoHelper {
|
||||||
}
|
}
|
||||||
|
|
||||||
public static String saslPrep(final String s) {
|
public static String saslPrep(final String s) {
|
||||||
return saslEscape(Normalizer.normalize(s, Normalizer.Form.NFKC));
|
return Normalizer.normalize(s, Normalizer.Form.NFKC);
|
||||||
}
|
}
|
||||||
|
|
||||||
public static String prettifyFingerprint(String fingerprint) {
|
public static String prettifyFingerprint(String fingerprint) {
|
||||||
|
|
Loading…
Reference in New Issue