From 6731be584cc85e18b645399f99aed35c6dc5067c Mon Sep 17 00:00:00 2001 From: Art Cancro Date: Thu, 6 Dec 2007 22:44:59 +0000 Subject: [PATCH] This implementation of non-SASL Jabber authentication seems to work. --- citadel/modules/jabber/serv_xmpp.c | 37 ++++++++++++++++++++-- citadel/modules/jabber/serv_xmpp.h | 3 ++ citadel/modules/jabber/xmpp_sasl_service.c | 30 ++++++++++++++++++ 3 files changed, 68 insertions(+), 2 deletions(-) diff --git a/citadel/modules/jabber/serv_xmpp.c b/citadel/modules/jabber/serv_xmpp.c index 00c08bd89..c7e3fb92c 100644 --- a/citadel/modules/jabber/serv_xmpp.c +++ b/citadel/modules/jabber/serv_xmpp.c @@ -89,8 +89,8 @@ void xmpp_stream_start(void *data, const char *supplied_el, const char **attr) /* If we're not logged in yet, offer SASL as our feature set */ xmpp_output_auth_mechs(); - /* Also offer non-SASL authentication - cprintf(""); */ + /* Also offer non-SASL authentication */ + cprintf(""); } /* Offer binding and sessions as part of our feature set */ @@ -193,6 +193,23 @@ void xmpp_xml_end(void *data, const char *supplied_el) { if (XMPP->chardata_len > 0) { safestrncpy(XMPP->iq_client_resource, XMPP->chardata, sizeof XMPP->iq_client_resource); + striplt(XMPP->iq_client_resource); + } + } + + if (!strcasecmp(el, "username")) { /* NON SASL ONLY */ + if (XMPP->chardata_len > 0) { + safestrncpy(XMPP->iq_client_username, XMPP->chardata, + sizeof XMPP->iq_client_username); + striplt(XMPP->iq_client_username); + } + } + + if (!strcasecmp(el, "password")) { /* NON SASL ONLY */ + if (XMPP->chardata_len > 0) { + safestrncpy(XMPP->iq_client_password, XMPP->chardata, + sizeof XMPP->iq_client_password); + striplt(XMPP->iq_client_password); } } @@ -220,6 +237,22 @@ void xmpp_xml_end(void *data, const char *supplied_el) { } } + /* + * Non SASL authentication + */ + else if ( + (!strcasecmp(XMPP->iq_type, "set")) + && (!strcasecmp(XMPP->iq_query_xmlns, "jabber:iq:auth:query")) + ) { + + jabber_non_sasl_authenticate( + XMPP->iq_id, + XMPP->iq_client_username, + XMPP->iq_client_password, + XMPP->iq_client_resource + ); + } + /* * If this stanza was a "bind" attempt, process it ... */ diff --git a/citadel/modules/jabber/serv_xmpp.h b/citadel/modules/jabber/serv_xmpp.h index f00bd743d..2b62606c2 100644 --- a/citadel/modules/jabber/serv_xmpp.h +++ b/citadel/modules/jabber/serv_xmpp.h @@ -16,6 +16,8 @@ struct citxmpp { /* Information about the current session */ char iq_id[256]; char iq_from[256]; char iq_to[256]; + char iq_client_username[256]; /* username requested by the client (NON SASL ONLY) */ + char iq_client_password[256]; /* password requested by the client (NON SASL ONLY) */ char iq_client_resource[256]; /* resource name requested by the client */ int iq_session; /* nonzero == client is requesting a session */ char iq_query_xmlns[256]; /* Namespace of */ @@ -62,3 +64,4 @@ void xmpp_process_events(void); void xmpp_presence_notify(char *, char *); void jabber_roster_item(struct CitContext *); void jabber_send_message(char *, char *); +void jabber_non_sasl_authenticate(char *, char *, char *, char *); diff --git a/citadel/modules/jabber/xmpp_sasl_service.c b/citadel/modules/jabber/xmpp_sasl_service.c index d3c9742a5..2f2dc419a 100644 --- a/citadel/modules/jabber/xmpp_sasl_service.c +++ b/citadel/modules/jabber/xmpp_sasl_service.c @@ -118,4 +118,34 @@ void xmpp_sasl_auth(char *sasl_auth_mech, char *authstring) { } } + + +/* + * Non-SASL authentication + */ +void jabber_non_sasl_authenticate(char *iq_id, char *username, char *password, char *resource) { + int result; + + if (CC->logged_in) logout(CC); /* Client may try to log in twice. Handle this. */ + + result = CtdlLoginExistingUser(NULL, username); + if (result == login_ok) { + result = CtdlTryPassword(password); + if (result == pass_ok) { + cprintf("", iq_id); /* success */ + return; + } + } + + /* failure */ + cprintf("", iq_id); + cprintf("" + "" + "" + "" + ); +} + + + #endif /* HAVE_EXPAT */ -- 2.39.2