Commit b89a1357 authored by Dave Cridland's avatar Dave Cridland Committed by GitHub

Merge pull request #657 from Alexander198961/master

SPARK-1803 Can't use usernames with non-latin symbols
parents 18147911 3f062818
...@@ -41,7 +41,7 @@ public class ScramUtils { ...@@ -41,7 +41,7 @@ public class ScramUtils {
private ScramUtils() {} private ScramUtils() {}
public static byte[] createSaltedPassword(byte[] salt, String password, int iters) throws SaslException { public static byte[] createSaltedPassword(byte[] salt, String password, int iters) throws SaslException {
Mac mac = createSha1Hmac(password.getBytes(StandardCharsets.US_ASCII)); Mac mac = createSha1Hmac(password.getBytes(StandardCharsets.UTF_8));
mac.update(salt); mac.update(salt);
mac.update(new byte[]{0, 0, 0, 1}); mac.update(new byte[]{0, 0, 0, 1});
byte[] result = mac.doFinal(); byte[] result = mac.doFinal();
...@@ -61,7 +61,7 @@ public class ScramUtils { ...@@ -61,7 +61,7 @@ public class ScramUtils {
public static byte[] computeHmac(final byte[] key, final String string) public static byte[] computeHmac(final byte[] key, final String string)
throws SaslException { throws SaslException {
Mac mac = createSha1Hmac(key); Mac mac = createSha1Hmac(key);
mac.update(string.getBytes(StandardCharsets.US_ASCII)); mac.update(string.getBytes(StandardCharsets.UTF_8));
return mac.doFinal(); return mac.doFinal();
} }
......
...@@ -140,13 +140,11 @@ public class ScramSha1SaslServer implements SaslServer { ...@@ -140,13 +140,11 @@ public class ScramSha1SaslServer implements SaslServer {
* - the number of iterations * - the number of iterations
*/ */
private byte[] generateServerFirstMessage(final byte[] response) throws SaslException { private byte[] generateServerFirstMessage(final byte[] response) throws SaslException {
String clientFirstMessage = new String(response, StandardCharsets.US_ASCII); String clientFirstMessage = new String(response, StandardCharsets.UTF_8);
Matcher m = CLIENT_FIRST_MESSAGE.matcher(clientFirstMessage); Matcher m = CLIENT_FIRST_MESSAGE.matcher(clientFirstMessage);
if (!m.matches()) { if (!m.matches()) {
throw new SaslException("Invalid first client message"); throw new SaslException("Invalid first client message");
} }
// String gs2Header = m.group(1); // String gs2Header = m.group(1);
// String gs2CbindFlag = m.group(2); // String gs2CbindFlag = m.group(2);
// String gs2CbindName = m.group(3); // String gs2CbindName = m.group(3);
...@@ -154,7 +152,6 @@ public class ScramSha1SaslServer implements SaslServer { ...@@ -154,7 +152,6 @@ public class ScramSha1SaslServer implements SaslServer {
clientFirstMessageBare = m.group(5); clientFirstMessageBare = m.group(5);
username = m.group(6); username = m.group(6);
String clientNonce = m.group(7); String clientNonce = m.group(7);
nonce = clientNonce + UUID.randomUUID().toString(); nonce = clientNonce + UUID.randomUUID().toString();
try { try {
...@@ -164,15 +161,14 @@ public class ScramSha1SaslServer implements SaslServer { ...@@ -164,15 +161,14 @@ public class ScramSha1SaslServer implements SaslServer {
throw new SaslException(e.getMessage(), e); throw new SaslException(e.getMessage(), e);
} }
return serverFirstMessage.getBytes(StandardCharsets.US_ASCII); return serverFirstMessage.getBytes(StandardCharsets.UTF_8);
} }
/** /**
* Final response returns the server signature. * Final response returns the server signature.
*/ */
private byte[] generateServerFinalMessage(final byte[] response) throws SaslException { private byte[] generateServerFinalMessage(final byte[] response) throws SaslException {
String clientFinalMessage = new String(response, StandardCharsets.US_ASCII); String clientFinalMessage = new String(response, StandardCharsets.UTF_8);
Matcher m = CLIENT_FINAL_MESSAGE.matcher(clientFinalMessage); Matcher m = CLIENT_FINAL_MESSAGE.matcher(clientFinalMessage);
if (!m.matches()) { if (!m.matches()) {
throw new SaslException("Invalid client final message"); throw new SaslException("Invalid client final message");
...@@ -211,7 +207,7 @@ public class ScramSha1SaslServer implements SaslServer { ...@@ -211,7 +207,7 @@ public class ScramSha1SaslServer implements SaslServer {
throw new SaslException("Authentication failed"); throw new SaslException("Authentication failed");
} }
return ("v=" + DatatypeConverter.printBase64Binary(serverSignature)) return ("v=" + DatatypeConverter.printBase64Binary(serverSignature))
.getBytes(StandardCharsets.US_ASCII); .getBytes(StandardCharsets.UTF_8);
} catch (UserNotFoundException | NoSuchAlgorithmException e) { } catch (UserNotFoundException | NoSuchAlgorithmException e) {
throw new SaslException(e.getMessage(), e); throw new SaslException(e.getMessage(), e);
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment