X-Git-Url: https://code.citadel.org/?a=blobdiff_plain;f=citadel%2Fmodules%2Fxmpp%2Fxmpp_sasl_service.c;h=1b2e98ae98197697b75a60f955127dfdef335d0f;hb=e329db30593524cc2d8851a4500bac41f2340354;hp=e7ad1a2b19f40e035750d0d2b750a9abc8957856;hpb=e7c125bafc3bd24fd9cfb18c39b29abd19c7478f;p=citadel.git diff --git a/citadel/modules/xmpp/xmpp_sasl_service.c b/citadel/modules/xmpp/xmpp_sasl_service.c index e7ad1a2b1..1b2e98ae9 100644 --- a/citadel/modules/xmpp/xmpp_sasl_service.c +++ b/citadel/modules/xmpp/xmpp_sasl_service.c @@ -3,22 +3,15 @@ * * Note: RFC3920 says we "must" support DIGEST-MD5 but we only support PLAIN. * - * Copyright (c) 2007-2009 by Art Cancro + * Copyright (c) 2007-2018 by Art Cancro * - * This program is open source software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License version 3. - * - * - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * - * - * + * This program is open source software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. */ #include "sysdep.h" @@ -65,52 +58,46 @@ */ int xmpp_auth_plain(char *authstring) { - StrBuf *AuthBuf; - const char *decoded_authstring; - char ident[256] = ""; - char user[256] = ""; - char pass[256] = ""; + char decoded_authstring[1024]; + char ident[256]; + char user[256]; + char pass[256]; int result; long len; - + int i; /* Take apart the authentication string */ memset(pass, 0, sizeof(pass)); - AuthBuf = NewStrBufPlain(authstring, -1); - len = StrBufDecodeBase64(AuthBuf); - if (len > 0) - { - decoded_authstring = ChrPtr(AuthBuf); - - len = safestrncpy(ident, decoded_authstring, sizeof ident); - - decoded_authstring += len + 1; - - len = safestrncpy(user, decoded_authstring, sizeof user); - - decoded_authstring += len + 1; - - len = safestrncpy(pass, decoded_authstring, sizeof pass); - if (len < 0) - len = sizeof(pass) - 1; - } - FreeStrBuf(&AuthBuf); + CtdlDecodeBase64(decoded_authstring, authstring, strlen(authstring)); + safestrncpy(ident, decoded_authstring, sizeof ident); + safestrncpy(user, &decoded_authstring[strlen(ident) + 1], sizeof user); + len = safestrncpy(pass, &decoded_authstring[strlen(ident) + strlen(user) + 2], sizeof pass); + if (len < 0) + len = -len; /* If there are underscores in either string, change them to spaces. Some clients * do not allow spaces so we can tell the user to substitute underscores if their * login name contains spaces. */ - convert_spaces_to_underscores(ident); - convert_spaces_to_underscores(user); + for (i=0; ident[i]!=0; ++i) { + if (ident[i] == '_') { + ident[i] = ' '; + } + } + for (i=0; user[i]!=0; ++i) { + if (user[i] == '_') { + user[i] = ' '; + } + } /* Now attempt authentication */ if (!IsEmptyStr(ident)) { - result = CtdlLoginExistingUser(user, ident); + result = CtdlLoginExistingUser(ident); } else { - result = CtdlLoginExistingUser(NULL, user); + result = CtdlLoginExistingUser(user); } if (result == login_ok) { @@ -168,13 +155,13 @@ void xmpp_sasl_auth(char *sasl_auth_mech, char *authstring) { /* * Non-SASL authentication */ -void xmpp_non_sasl_authenticate(char *iq_id, char *username, char *password, char *resource) { +void xmpp_non_sasl_authenticate(char *iq_id, char *username, char *password) { int result; char xmlbuf[256]; if (CC->logged_in) CtdlUserLogout(); /* Client may try to log in twice. Handle this. */ - result = CtdlLoginExistingUser(NULL, username); + result = CtdlLoginExistingUser(username); if (result == login_ok) { result = CtdlTryPassword(password, strlen(password)); if (result == pass_ok) {