Make sure SASL tokenizer strips strings

Fix DIGEST-MD5 auth (make sure we're not splitting on BASE64 `==')
2014-12-02 19:33:41 -05:00 · 2014-12-02 19:33:41 -05:00 · feec659b08
parent 46b2760069
commit feec659b08
2 changed files with 5 additions and 1 deletions
--- a/src/main/java/eu/siacs/conversations/crypto/sasl/DigestMd5.java
+++ b/src/main/java/eu/siacs/conversations/crypto/sasl/DigestMd5.java
@ -39,7 +39,7 @@ public class DigestMd5 extends SaslMechanism {
 					final Tokenizer tokenizer = new Tokenizer(Base64.decode(challenge, Base64.DEFAULT));
 					String nonce = "";
 					for (final String token : tokenizer) {
-						final String[] parts = token.split("=");
+						final String[] parts = token.split("=", 2);
 						if (parts[0].equals("nonce")) {
 							nonce = parts[1].replace("\"", "");
 						} else if (parts[0].equals("rspauth")) {
--- a/src/main/java/eu/siacs/conversations/crypto/sasl/Tokenizer.java
+++ b/src/main/java/eu/siacs/conversations/crypto/sasl/Tokenizer.java
@ -16,6 +16,10 @@ public final class Tokenizer implements Iterator<String>, Iterable<String> {
 	public Tokenizer(final byte[] challenge) {
 		final String challengeString = new String(challenge);
 		parts = new ArrayList<>(Arrays.asList(challengeString.split(",")));
+		// Trim parts.
+		for (int i = 0; i < parts.size(); i++) {
+			parts.set(i, parts.get(i).trim());
+		}
 		index = 0;
 	}