summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRemko Tronçon <git@el-tramo.be>2011-05-18 13:45:41 (GMT)
committerRemko Tronçon <git@el-tramo.be>2011-05-18 14:24:28 (GMT)
commit23fa0f462ddd0c686c677bfe5d4d743621432b7e (patch)
treeb8f0ea1860640f89eafba2460cc5d45bf28fc77c /Swiften/SASL/DIGESTMD5ClientAuthenticator.cpp
parent2456a8b12163b3249b6b9164b601c36772eb05a1 (diff)
downloadswift-contrib-23fa0f462ddd0c686c677bfe5d4d743621432b7e.zip
swift-contrib-23fa0f462ddd0c686c677bfe5d4d743621432b7e.tar.bz2
Introduce safe containers for storing passwords.
Diffstat (limited to 'Swiften/SASL/DIGESTMD5ClientAuthenticator.cpp')
-rw-r--r--Swiften/SASL/DIGESTMD5ClientAuthenticator.cpp12
1 files changed, 7 insertions, 5 deletions
diff --git a/Swiften/SASL/DIGESTMD5ClientAuthenticator.cpp b/Swiften/SASL/DIGESTMD5ClientAuthenticator.cpp
index 3ff0893..ffa098c 100644
--- a/Swiften/SASL/DIGESTMD5ClientAuthenticator.cpp
+++ b/Swiften/SASL/DIGESTMD5ClientAuthenticator.cpp
@@ -18,9 +18,9 @@ namespace Swift {
DIGESTMD5ClientAuthenticator::DIGESTMD5ClientAuthenticator(const std::string& host, const std::string& nonce) : ClientAuthenticator("DIGEST-MD5"), step(Initial), host(host), cnonce(nonce) {
}
-boost::optional<ByteArray> DIGESTMD5ClientAuthenticator::getResponse() const {
+boost::optional<SafeByteArray> DIGESTMD5ClientAuthenticator::getResponse() const {
if (step == Initial) {
- return boost::optional<ByteArray>();
+ return boost::optional<SafeByteArray>();
}
else if (step == Response) {
std::string realm;
@@ -33,7 +33,9 @@ boost::optional<ByteArray> DIGESTMD5ClientAuthenticator::getResponse() const {
// Compute the response value
ByteArray A1 = concat(
- MD5::getHash(createByteArray(getAuthenticationID() + ":" + realm + ":" + getPassword())), createByteArray(":"), createByteArray(*challenge.getValue("nonce")), createByteArray(":"), createByteArray(cnonce));
+ MD5::getHash(
+ createSafeByteArray(concat(SafeString(getAuthenticationID().c_str()), SafeString(":"), SafeString(realm.c_str()), SafeString(":"), getPassword()))),
+ createByteArray(":"), createByteArray(*challenge.getValue("nonce")), createByteArray(":"), createByteArray(cnonce));
if (!getAuthorizationID().empty()) {
append(A1, createByteArray(":" + getAuthenticationID()));
}
@@ -60,10 +62,10 @@ boost::optional<ByteArray> DIGESTMD5ClientAuthenticator::getResponse() const {
if (!getAuthorizationID().empty()) {
response.setValue("authzid", getAuthorizationID());
}
- return response.serialize();
+ return createSafeByteArray(response.serialize());
}
else {
- return boost::optional<ByteArray>();
+ return boost::optional<SafeByteArray>();
}
}