Merge pull request #657 from Alexander198961/master

SPARK-1803 Can't use usernames with non-latin symbols

Merge pull request #657 from Alexander198961/master
SPARK-1803 Can't use usernames with non-latin symbols
b89a1357 · Dave Cridland · GitHub · 18147911 · 3f062818 · b89a1357
Commit b89a1357 authored Dec 12, 2016 by Dave Cridland Committed by GitHub Dec 12, 2016
Hide whitespace changes
Inline Side-by-side

Showing with 6 additions and 10 deletions

ScramUtils.java src/java/org/jivesoftware/openfire/auth/ScramUtils.java +2 -2

ScramSha1SaslServer.java ...a/org/jivesoftware/openfire/sasl/ScramSha1SaslServer.java +4 -8

No files found.
--- a/src/java/org/jivesoftware/openfire/auth/ScramUtils.java
+++ b/src/java/org/jivesoftware/openfire/auth/ScramUtils.java
@@ -41,7 +41,7 @@ public class ScramUtils {
 	private ScramUtils() {}

    public static byte[] createSaltedPassword(byte[] salt, String password, int iters) throws SaslException {
-        Mac mac = createSha1Hmac(password.getBytes(StandardCharsets.US_ASCII));
+        Mac mac = createSha1Hmac(password.getBytes(StandardCharsets.UTF_8));
        mac.update(salt);
        mac.update(new byte[]{0, 0, 0, 1});
        byte[] result = mac.doFinal();
@@ -61,7 +61,7 @@ public class ScramUtils {
    public static byte[] computeHmac(final byte[] key, final String string)
            throws SaslException {
        Mac mac = createSha1Hmac(key);
-        mac.update(string.getBytes(StandardCharsets.US_ASCII));
+        mac.update(string.getBytes(StandardCharsets.UTF_8));
        return mac.doFinal();
    }


--- a/src/java/org/jivesoftware/openfire/sasl/ScramSha1SaslServer.java
+++ b/src/java/org/jivesoftware/openfire/sasl/ScramSha1SaslServer.java
@@ -140,13 +140,11 @@ public class ScramSha1SaslServer implements SaslServer {
     *   - the number of iterations
     */
    private byte[] generateServerFirstMessage(final byte[] response) throws SaslException {
-        String clientFirstMessage = new String(response, StandardCharsets.US_ASCII);
-        
+        String clientFirstMessage = new String(response, StandardCharsets.UTF_8);
        Matcher m = CLIENT_FIRST_MESSAGE.matcher(clientFirstMessage);
        if (!m.matches()) {
        	throw new SaslException("Invalid first client message");
        }
-        
 //        String gs2Header = m.group(1);
 //        String gs2CbindFlag = m.group(2);
 //        String gs2CbindName = m.group(3);
@@ -154,7 +152,6 @@ public class ScramSha1SaslServer implements SaslServer {
        clientFirstMessageBare = m.group(5);
        username = m.group(6);
        String clientNonce = m.group(7);
-        
        nonce = clientNonce + UUID.randomUUID().toString();

        try {
@@ -164,15 +161,14 @@ public class ScramSha1SaslServer implements SaslServer {
            throw new SaslException(e.getMessage(), e);
 		}
        
-        return serverFirstMessage.getBytes(StandardCharsets.US_ASCII);
+ return serverFirstMessage.getBytes(StandardCharsets.UTF_8);
    }

    /**
     * Final response returns the server signature.
     */
    private byte[] generateServerFinalMessage(final byte[] response) throws SaslException {
-        String clientFinalMessage = new String(response, StandardCharsets.US_ASCII);
-        
+        String clientFinalMessage = new String(response, StandardCharsets.UTF_8);
        Matcher m = CLIENT_FINAL_MESSAGE.matcher(clientFinalMessage);
        if (!m.matches()) {
        	throw new SaslException("Invalid client final message");
@@ -211,7 +207,7 @@ public class ScramSha1SaslServer implements SaslServer {
                throw new SaslException("Authentication failed");
            }
            return ("v=" + DatatypeConverter.printBase64Binary(serverSignature))
-            		.getBytes(StandardCharsets.US_ASCII);
+            		.getBytes(StandardCharsets.UTF_8);
        } catch (UserNotFoundException | NoSuchAlgorithmException e) {
            throw new SaslException(e.getMessage(), e);
        }