Return-Path: 
 <proton-return-4048-apmail-qpid-proton-archive=qpid.apache.org@qpid.apache.org>
X-Original-To: apmail-qpid-proton-archive@minotaur.apache.org
Delivered-To: apmail-qpid-proton-archive@minotaur.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 5192B10FEA
	for <apmail-qpid-proton-archive@minotaur.apache.org>;
 Fri,  4 Apr 2014 19:04:22 +0000 (UTC)
Received: (qmail 19666 invoked by uid 500); 4 Apr 2014 19:04:18 -0000
Delivered-To: apmail-qpid-proton-archive@qpid.apache.org
Received: (qmail 19532 invoked by uid 500); 4 Apr 2014 19:04:17 -0000
Mailing-List: contact proton-help@qpid.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:proton-help@qpid.apache.org>
List-Unsubscribe: <mailto:proton-unsubscribe@qpid.apache.org>
List-Post: <mailto:proton@qpid.apache.org>
List-Id: <proton.qpid.apache.org>
Reply-To: proton@qpid.apache.org
Delivered-To: mailing list proton@qpid.apache.org
Received: (qmail 19508 invoked by uid 99); 4 Apr 2014 19:04:16 -0000
Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28)
    by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 04 Apr 2014 19:04:16 +0000
Date: Fri, 4 Apr 2014 19:04:15 +0000 (UTC)
From: "Rafael H. Schloming (JIRA)" <jira@apache.org>
To: proton@qpid.apache.org
Message-ID: <JIRA.12706316.1396478028637.65956.1396638255908@arcas>
In-Reply-To: <JIRA.12706316.1396478028637@arcas>
References: <JIRA.12706316.1396478028637@arcas>
Subject: [jira] [Resolved] (PROTON-553) Proton-C does not URLdecode password
 before doing SASL-PLAIN
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394


     [ https://issues.apache.org/jira/browse/PROTON-553?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Rafael H. Schloming resolved PROTON-553.
----------------------------------------

       Resolution: Fixed
    Fix Version/s: 0.7
         Assignee: Rafael H. Schloming

> Proton-C does not URLdecode password before doing SASL-PLAIN
> ------------------------------------------------------------
>
>                 Key: PROTON-553
>                 URL: https://issues.apache.org/jira/browse/PROTON-553
>             Project: Qpid Proton
>          Issue Type: Bug
>          Components: proton-c
>    Affects Versions: 0.7
>            Reporter: James Birdsall
>            Assignee: Rafael H. Schloming
>             Fix For: 0.7
>
>         Attachments: sasl.c
>
>
> This is a serious issue using Proton-C against ServiceBus because our passwords are base64-encoded keys and frequently contain '/'. Previous versions of Proton-C didn't care about technically illegal forward slashes in the URL, but 0.7 sure does. URL encoding the password gets around that, but then the encoded password is presented to our broker and is rejected. Since Proton is the one dealing with a URL and enforcing URL rules, it should do the decoding before passing the pieces on to other layers.



--
This message was sent by Atlassian JIRA
(v6.2#6252)