SCRAM-SHA-1 authenticator preps user name incorrectly

XMLWordPrintableJSON

    • Type: Bug
    • Resolution: Fixed
    • Priority: Minor - P4
    • 3.6.2
    • Affects Version/s: 3.0.0
    • Component/s: Security
    • None
    • None
    • None
    • None
    • None
    • None
    • None
    • None

      The SCRAM SASL RFC states that

      The characters ',' or '=' in usernames are sent as '=2C' and '=3D' respectively. If the server receives a username that contains '=' not followed by either '2C' or '3D', then the server MUST fail the authentication.

      The driver incorrectly uses =2D instead of =2C

              Assignee:
              Jeffrey Yemin
              Reporter:
              Jeffrey Yemin
              None
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: