From 4b07509d5e67c78166784a8fc118953eee6ec564 Mon Sep 17 00:00:00 2001
From: Yann Leboulanger <asterix@lagaule.org>
Date: Mon, 14 Dec 2009 17:47:14 +0100
Subject: [PATCH] [Dave Cridland] try to encode username, realm and password in
 iso-8859-1 when doing DIGEST-MD5 before computing the hash. Fixes #5512

---
 src/common/xmpp/auth_nb.py | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/src/common/xmpp/auth_nb.py b/src/common/xmpp/auth_nb.py
index cac73ec877..9872f651b0 100644
--- a/src/common/xmpp/auth_nb.py
+++ b/src/common/xmpp/auth_nb.py
@@ -351,8 +351,17 @@ class SASL(PlugIn):
 		else:
 			self.password = password
 		if self.mechanism == 'DIGEST-MD5':
-			A1 = C([H(C([self.resp['username'], self.resp['realm'],
-				self.password])), self.resp['nonce'], self.resp['cnonce']])
+			def convert_to_iso88591(string):
+				try:
+					string = string.decode('utf-8').encode('iso-8859-1')
+				except UnicodeEncodeError:
+					pass
+				return string
+			hash_username = convert_to_iso88591(self.resp['username'])
+			hash_realm = convert_to_iso88591(self.resp['realm'])
+			hash_password = convert_to_iso88591(self.password)
+			A1 = C([H(C([hash_username, hash_realm, hash_password])),
+				self.resp['nonce'], self.resp['cnonce']])
 			A2 = C(['AUTHENTICATE', self.resp['digest-uri']])
 			response= HH(C([HH(A1), self.resp['nonce'], self.resp['nc'],
 				self.resp['cnonce'], self.resp['qop'], HH(A2)]))
-- 
GitLab