[ejabberd] cyrsasl_digest and gsasl

Martin Pokorny martin at truffulatree.org
Wed Aug 10 23:15:09 MSD 2005


Hi,

I'm working on an XMPP application that uses libgsasl
(http://josefsson.org/gsasl) for SASL authentication. Using the DIGEST-MD5
mechanism, the library produces responses that have a number of "empty" fields,
for example

username="martin", , nonce="2874065148", cnonce="N41ZoPnBdq61JnqkP0r/LQ==",
nc=00000001, qop=auth, digest-uri="xmpp/localhost",
response=f9b98eab077439243b70e0be68ce4296, , charset=utf-8, , authzid="martin"

While something of a wart in libgsasl, this seems to be a valid response (which
is the claim in a comment in the libgsasl source code). Unfortunately, ejabberd
doesn't like the response much, and fails to parse it correctly. By making a
small change in cyrsasl_digest.erl, however, this can be remedied. Following is
the "svn diff" output of the changes I made.

Index: cyrsasl_digest.erl
===================================================================
--- cyrsasl_digest.erl  (revision 402)
+++ cyrsasl_digest.erl  (working copy)
@@ -77,6 +77,10 @@
                                                                                
 parse1([$= | Cs], S, Ts) ->
     parse2(Cs, lists:reverse(S), "", Ts);
+parse1([$, | Cs], S, Ts) ->
+    parse1(Cs, S, Ts);
+parse1([$  | Cs], S, Ts) ->
+    parse1(Cs, S, Ts);
 parse1([C | Cs], S, Ts) ->
     parse1(Cs, [C | S], Ts);
 parse1([], [], T) ->
@@ -152,6 +156,3 @@
        NC ++ ":" ++ CNonce ++ ":" ++ QOP ++ ":" ++
        hex(binary_to_list(crypto:md5(A2))),
     hex(binary_to_list(crypto:md5(T))).

Use as you see fit.

-- 
Martin




More information about the ejabberd mailing list