You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by rg...@apache.org on 2014/08/04 17:44:18 UTC
svn commit: r1615620 - in /qpid/trunk/qpid/java:
amqp-1-0-common/src/main/java/org/apache/qpid/amqp_1_0/transport/
broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/
broker-core/src/main/java/org/apache/qpid/server/security/auth/sa...
Author: rgodfrey
Date: Mon Aug 4 15:44:18 2014
New Revision: 1615620
URL: http://svn.apache.org/r1615620
Log:
QPID-5639, QPID-5878 : Ensure that the client gets a chance to evaluate the server proof for SCRAM-SHA* mechanisms
Modified:
qpid/trunk/qpid/java/amqp-1-0-common/src/main/java/org/apache/qpid/amqp_1_0/transport/ConnectionEndpoint.java
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractScramAuthenticationManager.java
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/auth/sasl/scram/ScramSaslServer.java
qpid/trunk/qpid/java/client/src/main/java/org/apache/qpid/client/security/scram/AbstractScramSaslClient.java
Modified: qpid/trunk/qpid/java/amqp-1-0-common/src/main/java/org/apache/qpid/amqp_1_0/transport/ConnectionEndpoint.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/amqp-1-0-common/src/main/java/org/apache/qpid/amqp_1_0/transport/ConnectionEndpoint.java?rev=1615620&r1=1615619&r2=1615620&view=diff
==============================================================================
--- qpid/trunk/qpid/java/amqp-1-0-common/src/main/java/org/apache/qpid/amqp_1_0/transport/ConnectionEndpoint.java (original)
+++ qpid/trunk/qpid/java/amqp-1-0-common/src/main/java/org/apache/qpid/amqp_1_0/transport/ConnectionEndpoint.java Mon Aug 4 15:44:18 2014
@@ -1414,7 +1414,7 @@ public class ConnectionEndpoint implemen
break;
case CLIENT_PROOF_SENT:
evaluateOutcome(challenge);
- response = null;
+ response = new byte[0];
_state = State.COMPLETE;
break;
default:
Modified: qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractScramAuthenticationManager.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractScramAuthenticationManager.java?rev=1615620&r1=1615619&r2=1615620&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractScramAuthenticationManager.java (original)
+++ qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractScramAuthenticationManager.java Mon Aug 4 15:44:18 2014
@@ -110,7 +110,7 @@ public abstract class AbstractScramAuthe
// Process response from the client
byte[] challenge = server.evaluateResponse(response != null ? response : new byte[0]);
- if (server.isComplete())
+ if (server.isComplete() && (challenge == null || challenge.length == 0))
{
final String userId = server.getAuthorizationID();
return new AuthenticationResult(new UsernamePrincipal(userId));
Modified: qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/auth/sasl/scram/ScramSaslServer.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/auth/sasl/scram/ScramSaslServer.java?rev=1615620&r1=1615619&r2=1615620&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/auth/sasl/scram/ScramSaslServer.java (original)
+++ qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/auth/sasl/scram/ScramSaslServer.java Mon Aug 4 15:44:18 2014
@@ -91,6 +91,12 @@ public class ScramSaslServer implements
challenge = generateServerFinalMessage(response);
_state = State.COMPLETE;
break;
+ case COMPLETE:
+ if(response == null || response.length == 0)
+ {
+ challenge = new byte[0];
+ break;
+ }
default:
throw new SaslException("No response expected in state " + _state);
Modified: qpid/trunk/qpid/java/client/src/main/java/org/apache/qpid/client/security/scram/AbstractScramSaslClient.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/client/src/main/java/org/apache/qpid/client/security/scram/AbstractScramSaslClient.java?rev=1615620&r1=1615619&r2=1615620&view=diff
==============================================================================
--- qpid/trunk/qpid/java/client/src/main/java/org/apache/qpid/client/security/scram/AbstractScramSaslClient.java (original)
+++ qpid/trunk/qpid/java/client/src/main/java/org/apache/qpid/client/security/scram/AbstractScramSaslClient.java Mon Aug 4 15:44:18 2014
@@ -112,7 +112,7 @@ public abstract class AbstractScramSaslC
break;
case CLIENT_PROOF_SENT:
evaluateOutcome(challenge);
- response = null;
+ response = new byte[0];
_state = State.COMPLETE;
break;
default:
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org