mirror of
https://github.com/vanitasvitae/Smack.git
synced 2024-12-22 18:48:00 +01:00
Fix SCRAM-SHA1 mechanism creating invalid c-nonce
Because of the condition "c >= 32", Smack would possible return a c-nonce containing ASCII whitespace characters (32d, 0x20), which are not allowed in the c-nonce as per RFC 5802. This commit applies the correct condition: "c > 32". Fixes SMACK-735.
This commit is contained in:
parent
a1bbefc9e3
commit
fca2f59e08
1 changed files with 4 additions and 1 deletions
|
@ -257,7 +257,10 @@ public class SCRAMSHA1Mechanism extends SASLMechanism {
|
|||
if (c == ',') {
|
||||
return false;
|
||||
}
|
||||
return c >= 32 && c < 127;
|
||||
// RFC 5802 § 7. 'printable': Contains all chars within 0x21 (33d) to 0x2b (43d) and 0x2d (45d) to 0x7e (126)
|
||||
// aka. "Printable ASCII except ','". Since we already filter the ASCII ',' (0x2c, 44d) above, we only have to
|
||||
// ensure that c is within [33, 126].
|
||||
return c > 32 && c < 127;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
Loading…
Reference in a new issue