Make sure SASL tokenizer strips strings

Fix DIGEST-MD5 auth (make sure we're not splitting on BASE64 `==')
This commit is contained in:
Sam Whited 2014-12-02 19:33:41 -05:00
parent 46b2760069
commit feec659b08
2 changed files with 5 additions and 1 deletions

View File

@ -39,7 +39,7 @@ public class DigestMd5 extends SaslMechanism {
final Tokenizer tokenizer = new Tokenizer(Base64.decode(challenge, Base64.DEFAULT)); final Tokenizer tokenizer = new Tokenizer(Base64.decode(challenge, Base64.DEFAULT));
String nonce = ""; String nonce = "";
for (final String token : tokenizer) { for (final String token : tokenizer) {
final String[] parts = token.split("="); final String[] parts = token.split("=", 2);
if (parts[0].equals("nonce")) { if (parts[0].equals("nonce")) {
nonce = parts[1].replace("\"", ""); nonce = parts[1].replace("\"", "");
} else if (parts[0].equals("rspauth")) { } else if (parts[0].equals("rspauth")) {

View File

@ -16,6 +16,10 @@ public final class Tokenizer implements Iterator<String>, Iterable<String> {
public Tokenizer(final byte[] challenge) { public Tokenizer(final byte[] challenge) {
final String challengeString = new String(challenge); final String challengeString = new String(challenge);
parts = new ArrayList<>(Arrays.asList(challengeString.split(","))); parts = new ArrayList<>(Arrays.asList(challengeString.split(",")));
// Trim parts.
for (int i = 0; i < parts.size(); i++) {
parts.set(i, parts.get(i).trim());
}
index = 0; index = 0;
} }