[jdev] implementing SASL digest in client library
erkyrath at eblong.com
Thu Mar 23 13:06:29 CST 2006
I implemented this months ago, and it worked, but I never fully tested it
with non-ASCII usernames and passwords. Now I'm running into a problem,
and I don't know whether it's my fault.
The SASL Digest document (rfc2831) says, in section 188.8.131.52:
The "username-value", "realm-value" and "passwd" are encoded
according to the value of the "charset" directive. If "charset=UTF-8"
is present, and all the characters of either "username-value" or
"passwd" are in the ISO 8859-1 character set, then it must be
converted to ISO 8859-1 before being hashed.
If I follow this instruction, authentication doesn't work. (I mean, it
doesn't work for usernames that contain characters in the 128-255 range.
If everything fits in ASCII, the two encodings are identical and
everything works. If there's a character beyond 255, the quoted
instruction doesn't apply and everything still works.)
If I ignore the instruction (and never convert to 8859-1), then
authentication works in all cases.
(I tested this against our own ejabberd server and against jabber.org.)
So, did I screw up the implementation somewhere? Is ejabberd behaving
badly? Or should I be ignoring that line of the spec? (That would surely
be the easy way out, since it leads to my code working.)
"And Aholibamah bare Jeush, and Jaalam, and Korah: these were the borogoves..."
If the Bush administration hasn't thrown you in military prison without trial,
it's for one reason: they don't feel like it. Not because you're an American.
More information about the JDev