--- a/jdk/src/share/classes/com/sun/security/sasl/digest/DigestMD5Server.java Thu Nov 01 18:09:43 2012 -0400
+++ b/jdk/src/share/classes/com/sun/security/sasl/digest/DigestMD5Server.java Fri Nov 02 10:48:04 2012 +0800
@@ -141,8 +141,10 @@
private List<String> serverRealms;
DigestMD5Server(String protocol, String serverName, Map<String, ?> props,
- CallbackHandler cbh) throws SaslException {
- super(props, MY_CLASS_NAME, 1, protocol + "/" + serverName, cbh);
+ CallbackHandler cbh) throws SaslException {
+ super(props, MY_CLASS_NAME, 1,
+ protocol + "/" + (serverName==null?"*":serverName),
+ cbh);
serverRealms = new ArrayList<String>();
@@ -173,7 +175,12 @@
// By default, use server name as realm
if (serverRealms.isEmpty()) {
- serverRealms.add(serverName);
+ if (serverName == null) {
+ throw new SaslException(
+ "A realm must be provided in props or serverName");
+ } else {
+ serverRealms.add(serverName);
+ }
}
}
@@ -539,7 +546,7 @@
// host should match one of service's configured service names
// Check against digest URI that mech was created with
- if (digestUri.equalsIgnoreCase(digestUriFromResponse)) {
+ if (uriMatches(digestUri, digestUriFromResponse)) {
digestUri = digestUriFromResponse; // account for case-sensitive diffs
} else {
throw new SaslException("DIGEST-MD5: digest response format " +
@@ -653,6 +660,21 @@
}
}
+ private static boolean uriMatches(String thisUri, String incomingUri) {
+ // Full match
+ if (thisUri.equalsIgnoreCase(incomingUri)) {
+ return true;
+ }
+ // Unbound match
+ if (thisUri.endsWith("/*")) {
+ int protoAndSlash = thisUri.length() - 1;
+ String thisProtoAndSlash = thisUri.substring(0, protoAndSlash);
+ String incomingProtoAndSlash = incomingUri.substring(0, protoAndSlash);
+ return thisProtoAndSlash.equalsIgnoreCase(incomingProtoAndSlash);
+ }
+ return false;
+ }
+
/**
* Server sends a message formatted as follows:
* response-auth = "rspauth" "=" response-value