Merge branch 'configdb' of ssh://git.citadel.org/appl/gitroot/citadel

[citadel.git] / citadel / modules / xmpp / xmpp_sasl_service.c

diff --git a/citadel/modules/xmpp/xmpp_sasl_service.c b/citadel/modules/xmpp/xmpp_sasl_service.c
index a9d73b3602b483a4cb383e459a0bbf2e377ada57..393174dce18b2cf78901e61aa1955743d84f08fc 100644 (file)
--- a/citadel/modules/xmpp/xmpp_sasl_service.c
+++ b/citadel/modules/xmpp/xmpp_sasl_service.c
@@ -1,25 +1,23 @@
 /*
- * $Id$ 
- *
  * Barebones SASL authentication service for XMPP (Jabber) clients.
  *
  * Note: RFC3920 says we "must" support DIGEST-MD5 but we only support PLAIN.
  *
  * Copyright (c) 2007-2009 by Art Cancro
  *
- *  This program is free software; you can redistribute it and/or modify
- *  it under the terms of the GNU General Public License as published by
- *  the Free Software Foundation; either version 3 of the License, or
- *  (at your option) any later version.
+ *  This program is open source software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License version 3.
+ *  
+ *  
  *
  *  This program is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  *  GNU General Public License for more details.
  *
- *  You should have received a copy of the GNU General Public License
- *  along with this program; if not, write to the Free Software
- *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ *  
+ *  
+ *  
  *
  */
 
@@ -72,6 +70,7 @@ int xmpp_auth_plain(char *authstring)
        char user[256];
        char pass[256];
        int result;
+       long len;
 
 
        /* Take apart the authentication string */
@@ -80,8 +79,9 @@ int xmpp_auth_plain(char *authstring)
        CtdlDecodeBase64(decoded_authstring, authstring, strlen(authstring));
        safestrncpy(ident, decoded_authstring, sizeof ident);
        safestrncpy(user, &decoded_authstring[strlen(ident) + 1], sizeof user);
-       safestrncpy(pass, &decoded_authstring[strlen(ident) + strlen(user) + 2], sizeof pass);
-
+       len = safestrncpy(pass, &decoded_authstring[strlen(ident) + strlen(user) + 2], sizeof pass);
+       if (len < 0)
+               len = -len;
 
        /* If there are underscores in either string, change them to spaces.  Some clients
         * do not allow spaces so we can tell the user to substitute underscores if their
@@ -100,7 +100,7 @@ int xmpp_auth_plain(char *authstring)
        }
 
        if (result == login_ok) {
-               if (CtdlTryPassword(pass) == pass_ok) {
+               if (CtdlTryPassword(pass, len) == pass_ok) {
                        return(0);                              /* success */
                }
        }
@@ -162,7 +162,7 @@ void xmpp_non_sasl_authenticate(char *iq_id, char *username, char *password, cha
 
        result = CtdlLoginExistingUser(NULL, username);
        if (result == login_ok) {
-               result = CtdlTryPassword(password);
+               result = CtdlTryPassword(password, strlen(password));
                if (result == pass_ok) {
                        cprintf("<iq type=\"result\" id=\"%s\"></iq>", xmlesc(xmlbuf, iq_id, sizeof xmlbuf));   /* success */
                        return;