diff options
author | Sam Whited <sam@samwhited.com> | 2014-12-02 19:33:41 -0500 |
---|---|---|
committer | Sam Whited <sam@samwhited.com> | 2014-12-02 19:33:41 -0500 |
commit | feec659b08661e822c700347c4cf4734a79841a8 (patch) | |
tree | 01afbd0c350fac3dc215c01dfd7c12c0c36743e8 /src | |
parent | 46b2760069874cda80a8f23f20adaa886c422f59 (diff) |
Make sure SASL tokenizer strips strings
Fix DIGEST-MD5 auth (make sure we're not splitting on BASE64 `==')
Diffstat (limited to 'src')
-rw-r--r-- | src/main/java/eu/siacs/conversations/crypto/sasl/DigestMd5.java | 2 | ||||
-rw-r--r-- | src/main/java/eu/siacs/conversations/crypto/sasl/Tokenizer.java | 4 |
2 files changed, 5 insertions, 1 deletions
diff --git a/src/main/java/eu/siacs/conversations/crypto/sasl/DigestMd5.java b/src/main/java/eu/siacs/conversations/crypto/sasl/DigestMd5.java index 850cacc2..55c38f40 100644 --- a/src/main/java/eu/siacs/conversations/crypto/sasl/DigestMd5.java +++ b/src/main/java/eu/siacs/conversations/crypto/sasl/DigestMd5.java @@ -39,7 +39,7 @@ public class DigestMd5 extends SaslMechanism { final Tokenizer tokenizer = new Tokenizer(Base64.decode(challenge, Base64.DEFAULT)); String nonce = ""; for (final String token : tokenizer) { - final String[] parts = token.split("="); + final String[] parts = token.split("=", 2); if (parts[0].equals("nonce")) { nonce = parts[1].replace("\"", ""); } else if (parts[0].equals("rspauth")) { diff --git a/src/main/java/eu/siacs/conversations/crypto/sasl/Tokenizer.java b/src/main/java/eu/siacs/conversations/crypto/sasl/Tokenizer.java index 39be0224..e37e0fa7 100644 --- a/src/main/java/eu/siacs/conversations/crypto/sasl/Tokenizer.java +++ b/src/main/java/eu/siacs/conversations/crypto/sasl/Tokenizer.java @@ -16,6 +16,10 @@ public final class Tokenizer implements Iterator<String>, Iterable<String> { public Tokenizer(final byte[] challenge) { final String challengeString = new String(challenge); parts = new ArrayList<>(Arrays.asList(challengeString.split(","))); + // Trim parts. + for (int i = 0; i < parts.size(); i++) { + parts.set(i, parts.get(i).trim()); + } index = 0; } |