Don't produce multibyte strings by accident in sasl-scram-rfc

* lisp/net/sasl-scram-rfc.el (sasl-scram--client-final-message):
The XOR of two unibyte strings should be a unibyte string.
This code previously worked by accident because of an overly tolerant
base64 encoder (bug#52670), but now causes a test failure.

diff --git a/lisp/net/sasl-scram-rfc.el b/lisp/net/sasl-scram-rfc.el
index 91d76663ef28729f7d6e73953a3cc06d0267f389..c0793691993199f6116e420cac7f204ef14e868b 100644 (file)
--- a/lisp/net/sasl-scram-rfc.el
+++ b/lisp/net/sasl-scram-rfc.el
@@ -90,6 +90,8 @@
                     (sasl-mechanism-name (sasl-client-mechanism client))
                     (sasl-client-name client))))
           (salt (base64-decode-string salt-base64))
+           (string-xor (lambda (a b)
+                         (apply #'unibyte-string (cl-mapcar #'logxor a b))))
           (salted-password
            ;; Hi(str, salt, i):
            (let ((digest (concat salt (string 0 0 0 1)))
@@ -98,7 +100,7 @@
                (setq digest (funcall hmac-fun digest password))
                (setq xored (if (null xored)
                                digest
-                             (cl-map 'string 'logxor xored digest))))))
+                              (funcall string-xor xored digest))))))
           (client-key
            (funcall hmac-fun "Client Key" salted-password))
           (stored-key (decode-hex-string (funcall hash-fun client-key)))
@@ -108,7 +110,7 @@
             step-data ","
             client-final-message-without-proof))
           (client-signature (funcall hmac-fun (encode-coding-string auth-message 'utf-8) stored-key))
-          (client-proof (cl-map 'string 'logxor client-key client-signature))
+          (client-proof (funcall string-xor client-key client-signature))
           (client-final-message
            (concat client-final-message-without-proof ","
                    "p=" (base64-encode-string client-proof))))