Mercurial Mercurial > beem > reviews / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | zip | gz | bz2 | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Scram-Sha-1 mechanism : do not send authzid if it not absolutely necessary
authorDa Risk <da_risk@beem-project.com>
Wed, 06 Mar 2013 21:30:51 +0100
changeset 1027 8198b5e53cac
parent 1026 9496db83135d
child 1028 67532322fa39
Scram-Sha-1 mechanism : do not send authzid if it not absolutely necessary Some servers (ejabberd) reject the challenge if the scram attributes a (authzid) and n (authcid) are equals or they just don't handle the authzid. So we just don't send it if they are the same This fix #484
src/com/beem/project/beem/smack/sasl/ScramSaslClient.java file | annotate | diff | comparison | revisions 
--- a/src/com/beem/project/beem/smack/sasl/ScramSaslClient.java	Sat Mar 02 15:52:11 2013 +0100
+++ b/src/com/beem/project/beem/smack/sasl/ScramSaslClient.java	Wed Mar 06 21:30:51 2013 +0100
@@ -106,6 +106,12 @@
 	    String passwd = new String(passwdBytes);
 	    String nonce = getClientNonce();
 	    clientAuthenticator = new SCRAMSHA1ClientAuthenticator(nonce);
+	    // some servers (ejabberd) reject the challenge if the
+	    // scram attributes a (authzid) and n (authcid) are equals
+	    // or they just don't handle the authzid
+	    // So we just don't send it if they are the same
+	    if (authcid != null && authcid.equals(authzid))
+		authzid = "";
 	    clientAuthenticator.setCredentials(authcid, passwd, authzid);
 	    return clientAuthenticator.getResponse().getData();
 	}
BEEM-reviews