Changeset 6b578df for core


Ignore:
Timestamp:
May 8, 2016 7:49:14 PM (4 years ago)
Author:
zzz <zzz@…>
Branches:
master
Children:
ab3dbd5
Parents:
8bb6922
Message:

Console: Fix UTF-8 passwords
Partial fix for UTF-8 usernames
Better input checking and help messages

Location:
core/java/src/net/i2p
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • core/java/src/net/i2p/data/DataHelper.java

    r8bb6922 r6b578df  
    18741874     *  will not throw an exception.
    18751875     *
    1876      *  @param orig non-null, must be 7-bit chars
     1876     *  Warning - misnamed, converts to ISO-8859-1.
     1877     *
     1878     *  @param orig non-null, truncates to 8-bit chars
    18771879     *  @since 0.9.5
    18781880     */
  • core/java/src/net/i2p/util/PasswordManager.java

    r8bb6922 r6b578df  
    3131    /** stored obfuscated as b64 of the UTF-8 bytes */
    3232    protected static final String PROP_B64 = ".b64";
    33     /** stored as the hex of the MD5 hash of the ISO-8859-1 bytes. Compatible with Jetty. */
     33    /** stored as the hex of the MD5 hash of the UTF-8 bytes. Compatible with Jetty. */
    3434    protected static final String PROP_MD5 = ".md5";
    3535    /** stored as a Unix crypt string */
     
    186186     *  and RFC 2617.
    187187     *
     188     *  Updated in 0.9.26 to use UTF-8, as implied in RFC 7616/7617
     189     *  See also http://stackoverflow.com/questions/7242316/what-encoding-should-i-use-for-http-basic-authentication
     190     *  http://stackoverflow.com/questions/702629/utf-8-characters-mangled-in-http-basic-auth-username
     191     *
    188192     *  @param subrealm to be used in creating the checksum
    189193     *  @param user non-null, non-empty, already trimmed
     
    201205     *  and RFC 2617.
    202206     *
     207     *  Updated in 0.9.26 to use UTF-8, as implied in RFC 7616/7617
     208     *  See also http://stackoverflow.com/questions/7242316/what-encoding-should-i-use-for-http-basic-authentication
     209     *
    203210     *  @param fullpw non-null, plain text, already trimmed
    204211     *  @return lower-case hex with leading zeros, 32 chars, or null on error
    205212     */
    206213    public static String md5Hex(String fullpw) {
    207         try {
    208             byte[] data = fullpw.getBytes("ISO-8859-1");
    209             byte[] sum = md5Sum(data);
    210             if (sum != null)
    211                 // adds leading zeros if necessary
    212                 return DataHelper.toString(sum);
    213         } catch (UnsupportedEncodingException uee) {}
     214        byte[] data = DataHelper.getUTF8(fullpw);
     215        byte[] sum = md5Sum(data);
     216        if (sum != null)
     217            // adds leading zeros if necessary
     218            return DataHelper.toString(sum);
    214219        return null;
    215220    }
Note: See TracChangeset for help on using the changeset viewer.