Issue 7819 - jldap DigesetMD5SaslClient is using m_serverName for digest-uri, when it should be use m_digestURI instead
Summary: jldap DigesetMD5SaslClient is using m_serverName for digest-uri, when it shou...
Status: UNCONFIRMED
Alias: None
Product: JLDAP
Classification: Unclassified
Component: JLDAP (show other issues)
Version: unspecified
Hardware: All All
: --- normal
Target Milestone: ---
Assignee: OpenLDAP project
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-03-11 16:39 UTC by fschmaus@gmail.com
Modified: 2020-03-20 18:39 UTC (History)
0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this issue.
Description fschmaus@gmail.com 2014-03-11 16:39:33 UTC 
Full_Name: Florian Schmaus
Version: 
OS: 
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (131.188.31.107)


com.novell.sasl.client.DigestMD5SaslClient is using a hard-coded prefix "ldap/"
concatenated with 'm_ServerName' as value for the 'digest-uri' attribute in the
SASL response. The correct value for 'digest-uri' is 'm_digestURI'. This would
make the code ldap agnostic and re-useable for other purposes (e.g. XMPP), while
still being able to perform ldap auth. See the following patch:

--- a/com/novell/sasl/client/DigestMD5SaslClient.java	2009-12-07
19:14:10.000000000 +0100
+++ b/com/novell/sasl/client/DigestMD5SaslClient.java	2009-12-07
19:19:07.000000000 +0100
@@ -673,8 +673,8 @@
         digestResponse.append("00000001"); //nounce count
         digestResponse.append(",qop=");
         digestResponse.append(m_qopValue);
-        digestResponse.append(",digest-uri=\"ldap/");
-        digestResponse.append(m_serverName);
+        digestResponse.append(",digest-uri=\"");
+	digestResponse.append(m_digestURI);
         digestResponse.append("\",response=");
         digestResponse.append(response);
         digestResponse.append(",charset=utf-8,nonce=\"");