mirror of
https://github.com/moparisthebest/Conversations
synced 2024-11-24 17:52:17 -05:00
Make sure SASL tokenizer strips strings
Fix DIGEST-MD5 auth (make sure we're not splitting on BASE64 `==')
This commit is contained in:
parent
46b2760069
commit
feec659b08
@ -39,7 +39,7 @@ public class DigestMd5 extends SaslMechanism {
|
||||
final Tokenizer tokenizer = new Tokenizer(Base64.decode(challenge, Base64.DEFAULT));
|
||||
String nonce = "";
|
||||
for (final String token : tokenizer) {
|
||||
final String[] parts = token.split("=");
|
||||
final String[] parts = token.split("=", 2);
|
||||
if (parts[0].equals("nonce")) {
|
||||
nonce = parts[1].replace("\"", "");
|
||||
} else if (parts[0].equals("rspauth")) {
|
||||
|
@ -16,6 +16,10 @@ public final class Tokenizer implements Iterator<String>, Iterable<String> {
|
||||
public Tokenizer(final byte[] challenge) {
|
||||
final String challengeString = new String(challenge);
|
||||
parts = new ArrayList<>(Arrays.asList(challengeString.split(",")));
|
||||
// Trim parts.
|
||||
for (int i = 0; i < parts.size(); i++) {
|
||||
parts.set(i, parts.get(i).trim());
|
||||
}
|
||||
index = 0;
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user