[jdev] sasl digest-response
Andrew Plotkin
erkyrath at eblong.com
Tue Apr 25 20:57:25 CDT 2006
On Sun, 23 Apr 2006, Bruce Campbell wrote:
> On Sat, 22 Apr 2006, [ISO-8859-2] Asia G?siewska wrote:
>
>> during digest- response. After reading RFC2831 I just don' t understand
>> this part:
>>
>> passwd = *OCTET
>>
>> The "username-value", "realm-value" and "passwd" are encoded
>> according to the value of the "charset" directive. If "charset=UTF-8"
>> is present, and all the characters of either "username-value" or
>> "passwd" are in the ISO 8859-1 character set, then it must be
>> converted to ISO 8859-1 before being hashed.
>>
>> What does it mean *OCTET
>
> '*OCTET' - as many octets (bytes, 8 bits) as required for the password.
>
>> and should I change everything everytime to iso 8859-1 ?
>
> The whole reference to ISO 8859-1 is to maintain compatibility with HTTP. The
> way it works is that for the 'username-value' and 'password' fields, you scan
> through the field looking for any characters that are _not_ in ISO 8859-1 .
> If there are no characters outside ISO 8859-1 in the field, you send that
> field in ISO 8859-1, assuming that the value of the 'charset' directive is
> 'ISO 8859-1' for that specific field.
I'll repeat the observation I made a few weeks ago: when I implemented
this paragraph strictly, my client stopped being able to connect to
ejabberd. (When the username was in the ISO 8859-1 character set, but
outside of pure ASCII.)
I went back to using UTF-8 everywhere, and it worked. So that's what I'm
doing for the moment.
I haven't tested this with the new ejabberd 1.1.0.
--Z
--
"And Aholibamah bare Jeush, and Jaalam, and Korah: these were the borogoves..."
*
Just because you vote for the Republicans, doesn't mean they let you be one.
More information about the JDev
mailing list