We're updating the issue view to help you get more done. 

Recursive Loop in SCRAM salt generation

Description

Guus's assessment: "it tries to generate a salt for a user by resetting the password - which unexpectedly does not create a salt, causing it to fall in a recursive loop". Am seeing this on ignite's Openfire:

Environment

None

Acceptance Test - Entry

None

Activity

Show:
Daryl Herzmann
February 17, 2017, 6:13 PM

Uffties, took me a while to figure out a reproducer.

Set openfire property `sasl.mechs = SCRAM-SHA-1`
Update an example user's ofUser table entry to look like so

attempt to login with Pidgin, boom

Daryl Herzmann
February 17, 2017, 6:23 PM

Tested patch and can not reproduce.

Assignee

Dave Cridland

Reporter

Daryl Herzmann

Labels

None

Expected Effort

None

Ignite Forum URL

None

Components

Fix versions

Affects versions

Priority

Major
Configure