fix md5 authentication, remove guava deps

Previously, the code looking for $MD5$ preambles would always return false, as the '$' characters were quoted as if they were being passed to a regexp library. Splitter.on() did not take a regex, so this pattern never matched.
sjamesr · Jan 1, 2020 · 0ed5adc · 0ed5adc
1 parent 8f1fffb
commit 0ed5adc
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 7 deletions.
diff --git a/src/main/java/au/com/southsky/jfreesane/SanePasswordEncoder.java b/src/main/java/au/com/southsky/jfreesane/SanePasswordEncoder.java
@@ -50,7 +50,7 @@ static String derivePassword(String salt, String password) {
     try {
       MessageDigest md = MessageDigest.getInstance("MD5");
       md.update(StandardCharsets.ISO_8859_1.encode(salt));
-      md.update(StandardCharsets.ISO_8859_1.encode(CharBuffer.wrap(password)));
+      md.update(password.getBytes(StandardCharsets.ISO_8859_1));
       return encodeAsHex(md.digest());
     } catch (NoSuchAlgorithmException ex) {
       // This is not expected, so convert to RuntimeException

diff --git a/src/main/java/au/com/southsky/jfreesane/SaneSession.java b/src/main/java/au/com/southsky/jfreesane/SaneSession.java
@@ -1,6 +1,5 @@
 package au.com.southsky.jfreesane;
 
-import com.google.common.base.Splitter;
 import java.awt.image.BufferedImage;
 import java.io.BufferedInputStream;
 import java.io.Closeable;
@@ -22,6 +21,7 @@ public final class SaneSession implements Closeable {
 
   private static final int READ_BUFFER_SIZE = 1 << 20; // 1mb
   private static final int DEFAULT_PORT = 6566;
+  private static final String MD5_PREFIX = "$MD5$";
 
   private final Socket socket;
   private final SaneOutputStream outputStream;
@@ -374,13 +374,13 @@ boolean authorize(String resource) throws IOException {
    * @throws IOException
    */
   private void writePassword(String resource, String password) throws IOException {
-    List<String> resourceParts = Splitter.on("\\$MD5\\$").splitToList(resource);
-    if (resourceParts.size() == 1) {
+    int markerIdx = resource.indexOf(MD5_PREFIX);
+    if (markerIdx > -1) {
+      outputStream.write(
+          MD5_PREFIX + SanePasswordEncoder.derivePassword(resource.substring(markerIdx + MD5_PREFIX.length()), password));
+    } else {
       // Write in clean
       outputStream.write(password);
-    } else {
-      outputStream.write(
-          "$MD5$" + SanePasswordEncoder.derivePassword(resourceParts.get(1), password));
     }
   }