From 59988b117761a2ee7665d3ad9d06d1e13b2d9cc3 Mon Sep 17 00:00:00 2001
From: Michael Jumper <zhangmaike@users.sourceforge.net>
Date: Sat, 4 Dec 2010 23:40:24 -0800
Subject: [PATCH] Fixed MD5 auth

---
 .../net/sourceforge/guacamole/basic/BasicLogin.java  |  3 +--
 .../basic/BasicUserMappingContentHandler.java        | 12 ++----------
 2 files changed, 3 insertions(+), 12 deletions(-)

diff --git a/guacamole/web-client/src/net/sourceforge/guacamole/basic/BasicLogin.java b/guacamole/web-client/src/net/sourceforge/guacamole/basic/BasicLogin.java
index f73b8974b..adfda4405 100644
--- a/guacamole/web-client/src/net/sourceforge/guacamole/basic/BasicLogin.java
+++ b/guacamole/web-client/src/net/sourceforge/guacamole/basic/BasicLogin.java
@@ -94,8 +94,7 @@ public class BasicLogin extends HttpServlet {
         if (info != null) {
 
             // Validate username and password
-            if (info.getAuthorizedUsername().equals(username)
-                && info.getAuthorizedPassword().equals(password)) {
+            if (info.validate(username, password)) {
 
                 // Store authorized configuration
                 HttpSession session = req.getSession(true);
diff --git a/guacamole/web-client/src/net/sourceforge/guacamole/basic/BasicUserMappingContentHandler.java b/guacamole/web-client/src/net/sourceforge/guacamole/basic/BasicUserMappingContentHandler.java
index 8bb34240f..ea282c448 100644
--- a/guacamole/web-client/src/net/sourceforge/guacamole/basic/BasicUserMappingContentHandler.java
+++ b/guacamole/web-client/src/net/sourceforge/guacamole/basic/BasicUserMappingContentHandler.java
@@ -40,14 +40,6 @@ public class BasicUserMappingContentHandler extends DefaultHandler {
             this.auth_encoding = auth_encoding;
         }
 
-        public String getAuthorizedUsername() {
-            return auth_username;
-        }
-
-        public String getAuthorizedPassword() {
-            return auth_password;
-        }
-
         private static final char HEX_CHARS[] = {
             '0', '1', '2', '3', '4', '5', '6', '7',
             '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'
@@ -87,7 +79,7 @@ public class BasicUserMappingContentHandler extends DefaultHandler {
                         try {
                             MessageDigest digest = MessageDigest.getInstance("MD5");
                             String hashedPassword = getHexString(digest.digest(password.getBytes()));
-                            return hashedPassword.equals(auth_password);
+                            return hashedPassword.equals(auth_password.toUpperCase());
                         }
                         catch (NoSuchAlgorithmException e) {
                             throw new UnsupportedOperationException("Unexpected lack of MD5 support.", e);
@@ -137,7 +129,7 @@ public class BasicUserMappingContentHandler extends DefaultHandler {
 
             // Finalize mapping for this user
             authMapping.put(
-                current.getAuthorizedUsername(),
+                current.auth_username,
                 current
             );