aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorSam Whited <sam@samwhited.com>2014-12-02 19:33:41 -0500
committerSam Whited <sam@samwhited.com>2014-12-02 19:33:41 -0500
commitfeec659b08661e822c700347c4cf4734a79841a8 (patch)
tree01afbd0c350fac3dc215c01dfd7c12c0c36743e8 /src
parent46b2760069874cda80a8f23f20adaa886c422f59 (diff)
Make sure SASL tokenizer strips strings
Fix DIGEST-MD5 auth (make sure we're not splitting on BASE64 `==')
Diffstat (limited to 'src')
-rw-r--r--src/main/java/eu/siacs/conversations/crypto/sasl/DigestMd5.java2
-rw-r--r--src/main/java/eu/siacs/conversations/crypto/sasl/Tokenizer.java4
2 files changed, 5 insertions, 1 deletions
diff --git a/src/main/java/eu/siacs/conversations/crypto/sasl/DigestMd5.java b/src/main/java/eu/siacs/conversations/crypto/sasl/DigestMd5.java
index 850cacc2..55c38f40 100644
--- a/src/main/java/eu/siacs/conversations/crypto/sasl/DigestMd5.java
+++ b/src/main/java/eu/siacs/conversations/crypto/sasl/DigestMd5.java
@@ -39,7 +39,7 @@ public class DigestMd5 extends SaslMechanism {
final Tokenizer tokenizer = new Tokenizer(Base64.decode(challenge, Base64.DEFAULT));
String nonce = "";
for (final String token : tokenizer) {
- final String[] parts = token.split("=");
+ final String[] parts = token.split("=", 2);
if (parts[0].equals("nonce")) {
nonce = parts[1].replace("\"", "");
} else if (parts[0].equals("rspauth")) {
diff --git a/src/main/java/eu/siacs/conversations/crypto/sasl/Tokenizer.java b/src/main/java/eu/siacs/conversations/crypto/sasl/Tokenizer.java
index 39be0224..e37e0fa7 100644
--- a/src/main/java/eu/siacs/conversations/crypto/sasl/Tokenizer.java
+++ b/src/main/java/eu/siacs/conversations/crypto/sasl/Tokenizer.java
@@ -16,6 +16,10 @@ public final class Tokenizer implements Iterator<String>, Iterable<String> {
public Tokenizer(final byte[] challenge) {
final String challengeString = new String(challenge);
parts = new ArrayList<>(Arrays.asList(challengeString.split(",")));
+ // Trim parts.
+ for (int i = 0; i < parts.size(); i++) {
+ parts.set(i, parts.get(i).trim());
+ }
index = 0;
}