Github user necouchman commented on a diff in the pull request:
https://github.com/apache/guacamole-client/pull/242#discussion_r165853678
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/AuthenticationProviderService.java
---
@@ -155,9 +158,21 @@ public AuthenticatedUser authenticateUser(Credentials
credentials)
// This is a response to a previous challenge, authenticate with
that.
else {
try {
+ String stateString =
request.getParameter(RadiusStateField.PARAMETER_NAME);
+ if (stateString == null) {
+ logger.warn("Expected state parameter was not present
in challenge/response.");
+ throw new
GuacamoleInvalidCredentialsException("Authentication error.",
CredentialsInfo.USERNAME_PASSWORD);
+ }
+
+ byte[] stateBytes =
DatatypeConverter.parseHexBinary(stateString);
radPack =
radiusService.sendChallengeResponse(credentials.getUsername(),
- challengeResponse,
-
request.getParameter(RadiusStateField.PARAMETER_NAME));
+
challengeResponse,
+ stateBytes);
+ }
+ catch (IllegalArgumentException e) {
+ logger.warn("Illegal hexadecimal value while parsing
RADIUS state string.", e.getMessage());
+ logger.debug("Encountered exception while attepmting to
perse the hexidecimanl state value.", e);
--- End diff --
Whoa, not my best job of speling.
---
