2 * XMPP (Jabber) service for the Citadel system
3 * Copyright (c) 2007-2011 by Art Cancro
5 * This program is open source software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 3 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 // uncomment for more verbosity
31 #include <sys/types.h>
33 #if TIME_WITH_SYS_TIME
34 # include <sys/time.h>
38 # include <sys/time.h>
48 #include <libcitadel.h>
52 #include "citserver.h"
58 #include "internet_addressing.h"
60 #include "ctdl_module.h"
61 #include "serv_xmpp.h"
63 /* XML_StopParser is present in expat 2.x */
64 #if XML_MAJOR_VERSION > 1
65 #define HAVE_XML_STOPPARSER
68 struct xmpp_event *xmpp_queue = NULL;
70 int XMPPSrvDebugEnable = 0;
74 #ifdef HAVE_XML_STOPPARSER
75 /* Stop the parser if an entity declaration is hit. */
76 static void xmpp_entity_declaration(void *userData, const XML_Char *entityName,
77 int is_parameter_entity, const XML_Char *value,
78 int value_length, const XML_Char *base,
79 const XML_Char *systemId, const XML_Char *publicId,
80 const XML_Char *notationName
83 syslog(LOG_WARNING, "Illegal entity declaration encountered; stopping parser.");
85 XMPPM_syslog(LOG_WARNING, "Illegal entity declaration encountered; stopping parser.");
86 >>>>>>> 1c0b8162b0a90f2e97028a531005c11b09441498
87 XML_StopParser(XMPP->xp, XML_FALSE);
91 static inline int XMPP_GetUtf8SequenceLength(const char *CharS, const char *CharE)
93 /* if this is is migrated to strbuf, remove this copy. */
95 unsigned char test = (1<<7);
97 if ((*CharS & 0xC0) != 0xC0)
101 ((test & ((unsigned char)*CharS)) != 0))
106 if ((n > 6) || ((CharE - CharS) < n))
113 * Given a source string and a target buffer, returns the string
114 * properly escaped for insertion into an XML stream. Returns a
115 * pointer to the target buffer for convenience.
117 * BUG: this does not properly handle UTF-8
119 char *xmlesc(char *buf, char *str, int bufsiz)
128 if (!buf) return(NULL);
138 for (ptr=str; *ptr; ptr++) {
141 strcpy(&buf[len], "<");
144 else if (ch == '>') {
145 strcpy(&buf[len], ">");
148 else if (ch == '&') {
149 strcpy(&buf[len], "&");
152 else if ((ch >= 0x20) && (ch <= 0x7F)) {
156 else if (ch < 0x20) {
157 /* we probably shouldn't be doing this */
164 IsUtf8Sequence = XMPP_GetUtf8SequenceLength(&buf[len], eiptr);
167 while (IsUtf8Sequence > 0){
170 if (--IsUtf8Sequence)
177 sprintf(oct, "&#%o;", ch);
178 strcpy(&buf[len], oct);
182 if ((len + 6) > bufsiz) {
191 * We have just received a <stream> tag from the client, so send them ours
193 void xmpp_stream_start(void *data, const char *supplied_el, const char **attr)
198 if (!strcasecmp(attr[0], "to")) {
199 safestrncpy(XMPP->server_name, attr[1], sizeof XMPP->server_name);
204 cprintf("<?xml version=\"1.0\" encoding=\"UTF-8\"?>");
206 cprintf("<stream:stream ");
207 cprintf("from=\"%s\" ", xmlesc(xmlbuf, XMPP->server_name, sizeof xmlbuf));
208 cprintf("id=\"%08x\" ", CC->cs_pid);
209 cprintf("version=\"1.0\" ");
210 cprintf("xmlns:stream=\"http://etherx.jabber.org/streams\" ");
211 cprintf("xmlns=\"jabber:client\">");
213 /* The features of this stream are... */
214 cprintf("<stream:features>");
217 * TLS encryption (but only if it isn't already active)
222 >>>>>>> 1c0b8162b0a90f2e97028a531005c11b09441498
224 if (!CC->redirect_ssl) {
225 cprintf("<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'></starttls>");
232 >>>>>>> 1c0b8162b0a90f2e97028a531005c11b09441498
233 if (!CC->logged_in) {
234 /* If we're not logged in yet, offer SASL as our feature set */
235 xmpp_output_auth_mechs();
237 /* Also offer non-SASL authentication */
238 cprintf("<auth xmlns=\"http://jabber.org/features/iq-auth\"/>");
241 /* Offer binding and sessions as part of our feature set */
242 cprintf("<bind xmlns=\"urn:ietf:params:xml:ns:xmpp-bind\"/>");
243 cprintf("<session xmlns=\"urn:ietf:params:xml:ns:xmpp-session\"/>");
246 cprintf("</stream:features>");
248 >>>>>>> 1c0b8162b0a90f2e97028a531005c11b09441498
250 cprintf("</stream:features>");
255 CC->is_async = 1; /* XMPP sessions are inherently async-capable */
259 >>>>>>> 1c0b8162b0a90f2e97028a531005c11b09441498
260 void xmpp_xml_start(void *data, const char *supplied_el, const char **attr) {
265 /* Axe the namespace, we don't care about it */
266 safestrncpy(el, supplied_el, sizeof el);
267 while (sep = strchr(el, ':'), sep) {
273 syslog(LOG_DEBUG, "XMPP ELEMENT START: <%s>\n", el);
274 for (i=0; attr[i] != NULL; i+=2) {
275 syslog(LOG_DEBUG, " Attribute '%s' = '%s'\n", attr[i], attr[i+1]);
277 #endif /* XMPP_DEBUG */
280 XMPP_syslog(LOG_DEBUG, "XMPP ELEMENT START: <%s>\n", el);
281 for (i=0; attr[i] != NULL; i+=2) {
282 XMPP_syslog(LOG_DEBUG, " Attribute '%s' = '%s'\n", attr[i], attr[i+1]);
284 uncomment for more verbosity */
285 >>>>>>> 1c0b8162b0a90f2e97028a531005c11b09441498
287 if (!strcasecmp(el, "stream")) {
288 xmpp_stream_start(data, supplied_el, attr);
291 else if (!strcasecmp(el, "query")) {
292 XMPP->iq_query_xmlns[0] = 0;
293 safestrncpy(XMPP->iq_query_xmlns, supplied_el, sizeof XMPP->iq_query_xmlns);
297 else if (!strcasecmp(el, "bind")) {
298 XMPP->bind_requested = 1;
301 else if (!strcasecmp(el, "iq")) {
302 for (i=0; attr[i] != NULL; i+=2) {
303 if (!strcasecmp(attr[i], "type")) {
304 safestrncpy(XMPP->iq_type, attr[i+1], sizeof XMPP->iq_type);
306 else if (!strcasecmp(attr[i], "id")) {
307 safestrncpy(XMPP->iq_id, attr[i+1], sizeof XMPP->iq_id);
309 else if (!strcasecmp(attr[i], "from")) {
310 safestrncpy(XMPP->iq_from, attr[i+1], sizeof XMPP->iq_from);
312 else if (!strcasecmp(attr[i], "to")) {
313 safestrncpy(XMPP->iq_to, attr[i+1], sizeof XMPP->iq_to);
318 else if (!strcasecmp(el, "auth")) {
319 XMPP->sasl_auth_mech[0] = 0;
320 for (i=0; attr[i] != NULL; i+=2) {
321 if (!strcasecmp(attr[i], "mechanism")) {
322 safestrncpy(XMPP->sasl_auth_mech, attr[i+1], sizeof XMPP->sasl_auth_mech);
327 else if (!strcasecmp(el, "message")) {
328 for (i=0; attr[i] != NULL; i+=2) {
329 if (!strcasecmp(attr[i], "to")) {
330 safestrncpy(XMPP->message_to, attr[i+1], sizeof XMPP->message_to);
336 else if (!strcasecmp(el, "bind")) {
337 XMPP->bind_requested = 1;
340 else if (!strcasecmp(el, "iq")) {
341 for (i=0; attr[i] != NULL; i+=2) {
342 if (!strcasecmp(attr[i], "type")) {
343 safestrncpy(XMPP->iq_type, attr[i+1], sizeof XMPP->iq_type);
345 else if (!strcasecmp(attr[i], "id")) {
346 safestrncpy(XMPP->iq_id, attr[i+1], sizeof XMPP->iq_id);
348 else if (!strcasecmp(attr[i], "from")) {
349 safestrncpy(XMPP->iq_from, attr[i+1], sizeof XMPP->iq_from);
351 else if (!strcasecmp(attr[i], "to")) {
352 safestrncpy(XMPP->iq_to, attr[i+1], sizeof XMPP->iq_to);
357 else if (!strcasecmp(el, "auth")) {
358 XMPP->sasl_auth_mech[0] = 0;
359 for (i=0; attr[i] != NULL; i+=2) {
360 if (!strcasecmp(attr[i], "mechanism")) {
361 safestrncpy(XMPP->sasl_auth_mech, attr[i+1], sizeof XMPP->sasl_auth_mech);
366 else if (!strcasecmp(el, "message")) {
367 for (i=0; attr[i] != NULL; i+=2) {
368 if (!strcasecmp(attr[i], "to")) {
369 safestrncpy(XMPP->message_to, attr[i+1], sizeof XMPP->message_to);
374 else if (!strcasecmp(el, "html")) {
375 ++XMPP->html_tag_level;
381 void xmpp_xml_end(void *data, const char *supplied_el) {
386 /* Axe the namespace, we don't care about it */
387 safestrncpy(el, supplied_el, sizeof el);
388 while (sep = strchr(el, ':'), sep) {
393 XMPP_syslog(LOG_DEBUG, "XMPP ELEMENT END : <%s>\n", el);
394 if (XMPP->chardata_len > 0) {
395 XMPP_syslog(LOG_DEBUG, " chardata: %s\n", XMPP->chardata);
396 >>>>>>> 1c0b8162b0a90f2e97028a531005c11b09441498
400 else if (!strcasecmp(el, "html")) {
401 ++XMPP->html_tag_level;
407 void xmpp_xml_end(void *data, const char *supplied_el) {
412 /* Axe the namespace, we don't care about it */
413 safestrncpy(el, supplied_el, sizeof el);
414 while (sep = strchr(el, ':'), sep) {
419 syslog(LOG_DEBUG, "XMPP ELEMENT END : <%s>\n", el);
420 if (XMPP->chardata_len > 0) {
421 syslog(LOG_DEBUG, " chardata: %s\n", XMPP->chardata);
423 #endif /* XMPP_DEBUG */
425 if (!strcasecmp(el, "resource")) {
426 if (XMPP->chardata_len > 0) {
427 safestrncpy(XMPP->iq_client_resource, XMPP->chardata,
428 sizeof XMPP->iq_client_resource);
429 striplt(XMPP->iq_client_resource);
433 else if (!strcasecmp(el, "username")) { /* NON SASL ONLY */
434 if (XMPP->chardata_len > 0) {
435 safestrncpy(XMPP->iq_client_username, XMPP->chardata,
436 sizeof XMPP->iq_client_username);
437 striplt(XMPP->iq_client_username);
441 else if (!strcasecmp(el, "password")) { /* NON SASL ONLY */
442 if (XMPP->chardata_len > 0) {
443 safestrncpy(XMPP->iq_client_password, XMPP->chardata,
444 sizeof XMPP->iq_client_password);
445 striplt(XMPP->iq_client_password);
449 else if (!strcasecmp(el, "iq")) {
452 if (!strcasecmp(el, "resource")) {
453 if (XMPP->chardata_len > 0) {
454 safestrncpy(XMPP->iq_client_resource, XMPP->chardata,
455 sizeof XMPP->iq_client_resource);
456 striplt(XMPP->iq_client_resource);
460 else if (!strcasecmp(el, "username")) { /* NON SASL ONLY */
461 if (XMPP->chardata_len > 0) {
462 safestrncpy(XMPP->iq_client_username, XMPP->chardata,
463 sizeof XMPP->iq_client_username);
464 striplt(XMPP->iq_client_username);
468 else if (!strcasecmp(el, "password")) { /* NON SASL ONLY */
469 if (XMPP->chardata_len > 0) {
470 safestrncpy(XMPP->iq_client_password, XMPP->chardata,
471 sizeof XMPP->iq_client_password);
472 striplt(XMPP->iq_client_password);
476 else if (!strcasecmp(el, "iq")) {
478 >>>>>>> 1c0b8162b0a90f2e97028a531005c11b09441498
480 * iq type="get" (handle queries)
482 if (!strcasecmp(XMPP->iq_type, "get")) {
485 * Query on a namespace
487 if (!IsEmptyStr(XMPP->iq_query_xmlns)) {
488 xmpp_query_namespace(XMPP->iq_id, XMPP->iq_from,
489 XMPP->iq_to, XMPP->iq_query_xmlns);
493 * ping ( http://xmpp.org/extensions/xep-0199.html )
495 else if (XMPP->ping_requested) {
496 cprintf("<iq type=\"result\" ");
497 if (!IsEmptyStr(XMPP->iq_from)) {
498 cprintf("to=\"%s\" ", xmlesc(xmlbuf, XMPP->iq_from, sizeof xmlbuf));
500 if (!IsEmptyStr(XMPP->iq_to)) {
501 cprintf("from=\"%s\" ", xmlesc(xmlbuf, XMPP->iq_to, sizeof xmlbuf));
503 cprintf("id=\"%s\"/>", xmlesc(xmlbuf, XMPP->iq_id, sizeof xmlbuf));
507 * Unknown query ... return the XML equivalent of a blank stare
513 XMPP_syslog(LOG_DEBUG,
514 >>>>>>> 1c0b8162b0a90f2e97028a531005c11b09441498
515 "Unknown query <%s> - returning <service-unavailable/>\n",
518 cprintf("<iq type=\"error\" id=\"%s\">", xmlesc(xmlbuf, XMPP->iq_id, sizeof xmlbuf));
519 cprintf("<error code=\"503\" type=\"cancel\">"
520 "<service-unavailable xmlns=\"urn:ietf:params:xml:ns:xmpp-stanzas\"/>"
528 * Non SASL authentication
531 (!strcasecmp(XMPP->iq_type, "set"))
532 && (!strcasecmp(XMPP->iq_query_xmlns, "jabber:iq:auth:query"))
535 xmpp_non_sasl_authenticate(
537 XMPP->iq_client_username,
538 XMPP->iq_client_password,
539 XMPP->iq_client_resource
544 * If this <iq> stanza was a "bind" attempt, process it ...
547 (XMPP->bind_requested)
548 && (!IsEmptyStr(XMPP->iq_id))
549 && (!IsEmptyStr(XMPP->iq_client_resource))
553 /* Generate the "full JID" of the client resource */
555 snprintf(XMPP->client_jid, sizeof XMPP->client_jid,
558 XMPP->iq_client_resource
561 /* Tell the client what its JID is */
563 cprintf("<iq type=\"result\" id=\"%s\">", xmlesc(xmlbuf, XMPP->iq_id, sizeof xmlbuf));
564 cprintf("<bind xmlns=\"urn:ietf:params:xml:ns:xmpp-bind\">");
565 cprintf("<jid>%s</jid>", xmlesc(xmlbuf, XMPP->client_jid, sizeof xmlbuf));
570 else if (XMPP->iq_session) {
571 cprintf("<iq type=\"result\" id=\"%s\">", xmlesc(xmlbuf, XMPP->iq_id, sizeof xmlbuf));
576 cprintf("<iq type=\"error\" id=\"%s\">", xmlesc(xmlbuf, XMPP->iq_id, sizeof xmlbuf));
577 cprintf("<error>Don't know howto do '%s'!</error>", xmlesc(xmlbuf, XMPP->iq_type, sizeof xmlbuf));
581 /* Now clear these fields out so they don't get used by a future stanza */
583 XMPP->iq_from[0] = 0;
585 XMPP->iq_type[0] = 0;
586 XMPP->iq_client_resource[0] = 0;
587 XMPP->iq_session = 0;
588 XMPP->iq_query_xmlns[0] = 0;
589 XMPP->bind_requested = 0;
590 XMPP->ping_requested = 0;
593 else if (!strcasecmp(el, "auth")) {
595 /* Try to authenticate (this function is responsible for the output stanza) */
596 xmpp_sasl_auth(XMPP->sasl_auth_mech, (XMPP->chardata != NULL ? XMPP->chardata : "") );
598 /* Now clear these fields out so they don't get used by a future stanza */
599 XMPP->sasl_auth_mech[0] = 0;
602 else if (!strcasecmp(el, "session")) {
603 XMPP->iq_session = 1;
606 else if (!strcasecmp(el, "presence")) {
608 /* Respond to a <presence> update by firing back with presence information
609 * on the entire wholist. Check this assumption, it's probably wrong.
611 xmpp_wholist_presence_dump();
614 else if ( (!strcasecmp(el, "body")) && (XMPP->html_tag_level == 0) ) {
615 if (XMPP->message_body != NULL) {
616 free(XMPP->message_body);
617 XMPP->message_body = NULL;
619 if (XMPP->chardata_len > 0) {
620 XMPP->message_body = strdup(XMPP->chardata);
624 else if (!strcasecmp(el, "message")) {
625 xmpp_send_message(XMPP->message_to, XMPP->message_body);
626 XMPP->html_tag_level = 0;
629 else if (!strcasecmp(el, "html")) {
630 --XMPP->html_tag_level;
633 else if (!strcasecmp(el, "starttls")) {
635 cprintf("<proceed xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>");
636 CtdlModuleStartCryptoMsgs(NULL, NULL, NULL);
637 if (!CC->redirect_ssl) CC->kill_me = KILLME_NO_CRYPTO;
639 cprintf("<failure xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>");
640 CC->kill_me = KILLME_NO_CRYPTO;
644 else if (!strcasecmp(el, "ping")) {
645 XMPP->ping_requested = 1;
649 else if (!strcasecmp(el, "stream")) {
650 syslog(LOG_DEBUG, "XMPP client shut down their stream\n");
651 xmpp_massacre_roster();
652 cprintf("</stream>\n");
653 CC->kill_me = KILLME_CLIENT_LOGGED_OUT;
656 else if (!strcasecmp(el, "query")) {
657 // no action required here, we picked up the xmlns= parameter during xmpp_xml_start()
661 syslog(LOG_DEBUG, "Ignoring unknown tag <%s>\n", el);
665 else if (!strcasecmp(el, "stream")) {
666 XMPPM_syslog(LOG_DEBUG, "XMPP client shut down their stream\n");
667 xmpp_massacre_roster();
668 cprintf("</stream>\n");
669 CC->kill_me = KILLME_CLIENT_LOGGED_OUT;
673 XMPP_syslog(LOG_DEBUG, "Ignoring unknown tag <%s>\n", el);
674 >>>>>>> 1c0b8162b0a90f2e97028a531005c11b09441498
677 XMPP->chardata_len = 0;
678 if (XMPP->chardata_alloc > 0) {
679 XMPP->chardata[0] = 0;
684 void xmpp_xml_chardata(void *data, const XML_Char *s, int len)
688 if (X->chardata_alloc == 0) {
689 X->chardata_alloc = SIZ;
690 X->chardata = malloc(X->chardata_alloc);
692 if ((X->chardata_len + len + 1) > X->chardata_alloc) {
693 X->chardata_alloc = X->chardata_len + len + 1024;
694 X->chardata = realloc(X->chardata, X->chardata_alloc);
696 memcpy(&X->chardata[X->chardata_len], s, len);
697 X->chardata_len += len;
698 X->chardata[X->chardata_len] = 0;
703 * This cleanup function blows away the temporary memory and files used by the XMPP service.
705 void xmpp_cleanup_function(void) {
707 /* Don't do this stuff if this is not a XMPP session! */
708 if (CC->h_command_function != xmpp_command_loop) return;
710 if (XMPP->chardata != NULL) {
711 free(XMPP->chardata);
712 XMPP->chardata = NULL;
713 XMPP->chardata_len = 0;
714 XMPP->chardata_alloc = 0;
715 if (XMPP->message_body != NULL) {
716 free(XMPP->message_body);
719 XML_ParserFree(XMPP->xp);
726 * Here's where our XMPP session begins its happy day.
728 void xmpp_greeting(void) {
729 client_set_inbound_buf(4);
730 strcpy(CC->cs_clientname, "XMPP session");
731 CC->session_specific_data = malloc(sizeof(citxmpp));
732 memset(XMPP, 0, sizeof(citxmpp));
733 XMPP->last_event_processed = queue_event_seq;
735 /* XMPP does not use a greeting, but we still have to initialize some things. */
737 XMPP->xp = XML_ParserCreateNS("UTF-8", ':');
738 if (XMPP->xp == NULL) {
739 syslog(LOG_ALERT, "Cannot create XML parser!\n");
740 CC->kill_me = KILLME_XML_PARSER;
744 XML_SetElementHandler(XMPP->xp, xmpp_xml_start, xmpp_xml_end);
745 XML_SetCharacterDataHandler(XMPP->xp, xmpp_xml_chardata);
746 // XML_SetUserData(XMPP->xp, something...);
748 /* Prevent the "billion laughs" attack against expat by disabling
749 * internal entity expansion. With 2.x, forcibly stop the parser
750 * if an entity is declared - this is safer and a more obvious
751 * failure mode. With older versions, simply prevent expansion
752 * of such entities. */
753 #ifdef HAVE_XML_STOPPARSER
754 XML_SetEntityDeclHandler(XMPP->xp, xmpp_entity_declaration);
756 XML_SetDefaultHandler(XMPP->xp, NULL);
759 CC->can_receive_im = 1; /* This protocol is capable of receiving instant messages */
764 * Main command loop for XMPP sessions.
766 void xmpp_command_loop(void) {
768 StrBuf *stream_input = NewStrBuf();
771 rc = client_read_random_blob(stream_input, 30);
773 syslog(LOG_DEBUG, "\033[32m%s\033[0m", ChrPtr(stream_input));
774 XML_Parse(XMPP->xp, ChrPtr(stream_input), rc, 0);
777 syslog(LOG_ERR, "client disconnected: ending session.\n");
778 CC->kill_me = KILLME_CLIENT_DISCONNECTED;
780 FreeStrBuf(&stream_input);
785 * Async loop for XMPP sessions (handles the transmission of unsolicited stanzas)
787 void xmpp_async_loop(void) {
788 xmpp_process_events();
789 xmpp_output_incoming_messages();
794 * Login hook for XMPP sessions
796 void xmpp_login_hook(void) {
797 xmpp_queue_event(XMPP_EVT_LOGIN, CC->cs_inet_email);
802 * Logout hook for XMPP sessions
804 void xmpp_logout_hook(void) {
805 xmpp_queue_event(XMPP_EVT_LOGOUT, CC->cs_inet_email);
809 void LogXMPPSrvDebugEnable(const int n)
811 XMPPSrvDebugEnable = n;
813 const char *CitadelServiceXMPP="XMPP";
814 extern void xmpp_cleanup_events(void);
815 CTDL_MODULE_INIT(xmpp)
818 CtdlRegisterServiceHook(config.c_xmpp_c2s_port,
825 CtdlRegisterDebugFlagHook(HKEY("serv_xmpp"), LogXMPPSrvDebugEnable, &XMPPSrvDebugEnable);
826 CtdlRegisterSessionHook(xmpp_cleanup_function, EVT_STOP, PRIO_STOP + 70);
827 CtdlRegisterSessionHook(xmpp_login_hook, EVT_LOGIN, PRIO_LOGIN + 90);
828 CtdlRegisterSessionHook(xmpp_logout_hook, EVT_LOGOUT, PRIO_LOGOUT + 90);
829 CtdlRegisterSessionHook(xmpp_login_hook, EVT_UNSTEALTH, PRIO_UNSTEALTH + 1);
830 CtdlRegisterSessionHook(xmpp_logout_hook, EVT_STEALTH, PRIO_STEALTH + 1);
831 CtdlRegisterCleanupHook(xmpp_cleanup_events);
835 /* return our module name for the log */