2 * XMPP (Jabber) service for the Citadel system
3 * Copyright (c) 2007-2021 by Art Cancro and citadel.org
5 * This program is open source software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 3 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
28 #include <sys/types.h>
34 #include <libcitadel.h>
38 #include "citserver.h"
44 #include "internet_addressing.h"
45 #include "ctdl_module.h"
46 #include "serv_xmpp.h"
48 /* uncomment for more verbosity - it will log all received XML tags */
49 // #define XMPP_XML_DEBUG
51 /* XML_StopParser is present in expat 2.x */
52 #if XML_MAJOR_VERSION > 1
53 #define HAVE_XML_STOPPARSER
56 struct xmpp_event *xmpp_queue = NULL;
58 #ifdef HAVE_XML_STOPPARSER
59 /* Stop the parser if an entity declaration is hit. */
60 static void xmpp_entity_declaration(void *userData, const XML_Char *entityName,
61 int is_parameter_entity, const XML_Char *value,
62 int value_length, const XML_Char *base,
63 const XML_Char *systemId, const XML_Char *publicId,
64 const XML_Char *notationName
66 syslog(LOG_WARNING, "xmpp: illegal entity declaration encountered; stopping parser.");
67 XML_StopParser(XMPP->xp, XML_FALSE);
73 * support function for xmlesc() which helps with UTF-8 strings
75 static inline int Ctdl_GetUtf8SequenceLength(const char *CharS, const char *CharE)
78 unsigned char test = (1<<7);
80 if ((*CharS & 0xC0) != 0xC0) {
84 while ((n < 8) && ((test & ((unsigned char)*CharS)) != 0)) {
88 if ((n > 6) || ((CharE - CharS) < n)) {
96 * Given a source string and a target buffer, returns the string
97 * properly escaped for insertion into an XML stream. Returns a
98 * pointer to the target buffer for convenience.
100 char *xmlesc(char *buf, char *str, int bufsiz)
108 if (!buf) return(NULL);
117 for (ptr=str; *ptr; ptr++) {
120 strcpy(&buf[len], "<");
123 else if (ch == '>') {
124 strcpy(&buf[len], ">");
127 else if (ch == '&') {
128 strcpy(&buf[len], "&");
131 else if ((ch >= 0x20) && (ch <= 0x7F)) {
135 else if (ch < 0x20) {
136 buf[len++] = '_'; // we probably shouldn't be doing this
140 IsUtf8Sequence = Ctdl_GetUtf8SequenceLength(ptr, pche);
143 while ((IsUtf8Sequence > 0) &&
154 sprintf(oct, "&#%o;", ch);
155 strcpy(&buf[len], oct);
159 if ((len + 6) > bufsiz) {
168 * We have just received a <stream> tag from the client, so send them ours
170 void xmpp_stream_start(void *data, const char *supplied_el, const char **attr)
175 if (!strcasecmp(attr[0], "to")) {
176 safestrncpy(XMPP->server_name, attr[1], sizeof XMPP->server_name);
181 cprintf("<?xml version=\"1.0\" encoding=\"UTF-8\"?>");
182 cprintf("<stream:stream ");
183 cprintf("from=\"%s\" ", xmlesc(xmlbuf, XMPP->server_name, sizeof xmlbuf));
184 cprintf("id=\"%08x\" ", CC->cs_pid);
185 cprintf("version=\"1.0\" ");
186 cprintf("xmlns:stream=\"http://etherx.jabber.org/streams\" ");
187 cprintf("xmlns=\"jabber:client\">");
189 /* The features of this stream are... */
190 cprintf("<stream:features>");
193 * TLS encryption (but only if it isn't already active)
196 if (!CC->redirect_ssl) {
197 cprintf("<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'></starttls>");
201 if (!CC->logged_in) {
202 /* If we're not logged in yet, offer SASL as our feature set */
203 xmpp_output_auth_mechs();
205 /* Also offer non-SASL authentication */
206 cprintf("<auth xmlns=\"http://jabber.org/features/iq-auth\"/>");
209 /* Offer binding and sessions as part of our feature set */
210 cprintf("<bind xmlns=\"urn:ietf:params:xml:ns:xmpp-bind\"/>");
211 cprintf("<session xmlns=\"urn:ietf:params:xml:ns:xmpp-session\"/>");
212 cprintf("</stream:features>");
214 CC->is_async = 1; /* XMPP sessions are inherently async-capable */
218 void xmpp_xml_start(void *data, const char *supplied_el, const char **attr) {
223 /* Create a version of the element with the namespace removed.
224 * Now we can access "el" or "supplied_el" depending on whether we want to see the whole namespace.
226 safestrncpy(el, supplied_el, sizeof el);
227 while (sep = strchr(el, ':'), sep) {
231 #ifdef XMPP_XML_DEBUG
232 syslog(LOG_DEBUG, "xmpp: ELEMENT START: <%s>", el);
233 for (i=0; attr[i] != NULL; i+=2) {
234 syslog(LOG_DEBUG, "xmpp: Attribute '%s' = '%s'", attr[i], attr[i+1]);
238 if (!strcasecmp(el, "stream")) {
239 xmpp_stream_start(data, supplied_el, attr);
242 else if (!strcasecmp(el, "query")) {
243 XMPP->iq_query_xmlns[0] = 0;
244 safestrncpy(XMPP->iq_query_xmlns, supplied_el, sizeof XMPP->iq_query_xmlns);
247 else if (!strcasecmp(el, "bind")) {
248 XMPP->bind_requested = 1;
251 else if (!strcasecmp(el, "iq")) {
252 for (i=0; attr[i] != NULL; i+=2) {
253 if (!strcasecmp(attr[i], "type")) {
254 safestrncpy(XMPP->iq_type, attr[i+1], sizeof XMPP->iq_type);
256 else if (!strcasecmp(attr[i], "id")) {
257 safestrncpy(XMPP->iq_id, attr[i+1], sizeof XMPP->iq_id);
259 else if (!strcasecmp(attr[i], "from")) {
260 safestrncpy(XMPP->iq_from, attr[i+1], sizeof XMPP->iq_from);
262 else if (!strcasecmp(attr[i], "to")) {
263 safestrncpy(XMPP->iq_to, attr[i+1], sizeof XMPP->iq_to);
268 else if (!strcasecmp(el, "auth")) {
269 XMPP->sasl_auth_mech[0] = 0;
270 for (i=0; attr[i] != NULL; i+=2) {
271 if (!strcasecmp(attr[i], "mechanism")) {
272 safestrncpy(XMPP->sasl_auth_mech, attr[i+1], sizeof XMPP->sasl_auth_mech);
277 else if (!strcasecmp(el, "message")) {
278 for (i=0; attr[i] != NULL; i+=2) {
279 if (!strcasecmp(attr[i], "to")) {
280 safestrncpy(XMPP->message_to, attr[i+1], sizeof XMPP->message_to);
285 else if (!strcasecmp(el, "html")) {
286 ++XMPP->html_tag_level;
291 void xmpp_xml_end(void *data, const char *supplied_el) {
296 /* Create a version of the element with the namespace removed.
297 * Now we can access "el" or "supplied_el" depending on whether we want to see the whole namespace.
299 safestrncpy(el, supplied_el, sizeof el);
300 while (sep = strchr(el, ':'), sep) {
304 #ifdef XMPP_XML_DEBUG
305 syslog(LOG_DEBUG, "xmpp: ELEMENT END : <%s>", el);
306 if (XMPP->chardata_len > 0) {
307 syslog(LOG_DEBUG, "xmpp: chardata: %s", XMPP->chardata);
311 if (!strcasecmp(el, "resource")) {
312 if (XMPP->chardata_len > 0) {
313 safestrncpy(XMPP->iq_client_resource, XMPP->chardata, sizeof XMPP->iq_client_resource);
314 striplt(XMPP->iq_client_resource);
318 else if (!strcasecmp(el, "username")) { /* NON SASL ONLY */
319 if (XMPP->chardata_len > 0) {
320 safestrncpy(XMPP->iq_client_username, XMPP->chardata, sizeof XMPP->iq_client_username);
321 striplt(XMPP->iq_client_username);
325 else if (!strcasecmp(el, "password")) { /* NON SASL ONLY */
326 if (XMPP->chardata_len > 0) {
327 safestrncpy(XMPP->iq_client_password, XMPP->chardata, sizeof XMPP->iq_client_password);
328 striplt(XMPP->iq_client_password);
332 else if (!strcasecmp(el, "iq")) {
335 * iq type="get" (handle queries)
337 if (!strcasecmp(XMPP->iq_type, "get")) {
340 * Query on a namespace
342 if (!IsEmptyStr(XMPP->iq_query_xmlns)) {
343 xmpp_query_namespace(XMPP->iq_id, XMPP->iq_from, XMPP->iq_to, XMPP->iq_query_xmlns);
347 * ping ( http://xmpp.org/extensions/xep-0199.html )
349 else if (XMPP->ping_requested) {
350 cprintf("<iq type=\"result\" ");
351 if (!IsEmptyStr(XMPP->iq_from)) {
352 cprintf("to=\"%s\" ", xmlesc(xmlbuf, XMPP->iq_from, sizeof xmlbuf));
354 if (!IsEmptyStr(XMPP->iq_to)) {
355 cprintf("from=\"%s\" ", xmlesc(xmlbuf, XMPP->iq_to, sizeof xmlbuf));
357 cprintf("id=\"%s\"/>", xmlesc(xmlbuf, XMPP->iq_id, sizeof xmlbuf));
361 * Client is requesting its own vCard
362 * (If we make this more elaborate, move it to a separate function)
364 else if (XMPP->iq_vcard) {
365 cprintf("<iq type=\"result\" id=\"%s\" ", xmlesc(xmlbuf, XMPP->iq_id, sizeof xmlbuf));
366 cprintf("to=\"%s\">", xmlesc(xmlbuf, XMPP->iq_from, sizeof xmlbuf));
367 cprintf("<vCard xmlns=\"vcard-temp\">");
368 cprintf("<fn>%s</fn>", xmlesc(xmlbuf, CC->user.fullname, sizeof xmlbuf));
369 cprintf("<nickname>%s</nickname>", xmlesc(xmlbuf, CC->user.fullname, sizeof xmlbuf));
375 * Unknown query ... return the XML equivalent of a blank stare
378 syslog(LOG_DEBUG, "xmpp: Unknown query <%s> - returning <service-unavailable/>", el);
379 cprintf("<iq type=\"error\" id=\"%s\">", xmlesc(xmlbuf, XMPP->iq_id, sizeof xmlbuf));
380 cprintf("<error code=\"503\" type=\"cancel\">"
381 "<service-unavailable xmlns=\"urn:ietf:params:xml:ns:xmpp-stanzas\"/>"
389 * Non SASL authentication
392 (!strcasecmp(XMPP->iq_type, "set"))
393 && (!strcasecmp(XMPP->iq_query_xmlns, "jabber:iq:auth:query"))
395 xmpp_non_sasl_authenticate(XMPP->iq_id, XMPP->iq_client_username, XMPP->iq_client_password);
399 * If this <iq> stanza was a "bind" attempt, process it ...
402 (XMPP->bind_requested)
403 && (!IsEmptyStr(XMPP->iq_id))
406 /* If the client has not specified a client resource, generate one */
407 if (IsEmptyStr(XMPP->iq_client_resource)) {
408 snprintf(XMPP->iq_client_resource, sizeof XMPP->iq_client_resource, "%d", CC->cs_pid);
411 /* Generate the "full JID" of the client (user@host/resource) */
412 snprintf(XMPP->client_jid, sizeof XMPP->client_jid, "%s/%s", CC->cs_principal_id, XMPP->iq_client_resource);
414 /* Tell the client what its JID is */
415 cprintf("<iq type=\"result\" id=\"%s\">", xmlesc(xmlbuf, XMPP->iq_id, sizeof xmlbuf));
416 cprintf("<bind xmlns=\"urn:ietf:params:xml:ns:xmpp-bind\">");
417 cprintf("<jid>%s</jid>", xmlesc(xmlbuf, XMPP->client_jid, sizeof xmlbuf));
422 else if (XMPP->iq_session) {
423 cprintf("<iq type=\"result\" id=\"%s\">", xmlesc(xmlbuf, XMPP->iq_id, sizeof xmlbuf));
428 cprintf("<iq type=\"error\" id=\"%s\">", xmlesc(xmlbuf, XMPP->iq_id, sizeof xmlbuf));
429 cprintf("<error>Don't know how to do '%s'!</error>", xmlesc(xmlbuf, XMPP->iq_type, sizeof xmlbuf));
431 syslog(LOG_DEBUG, "XMPP: don't know how to do iq_type='%s' with iq_query_xmlns='%s'", XMPP->iq_type, XMPP->iq_query_xmlns);
434 /* Now clear these fields out so they don't get used by a future stanza */
436 XMPP->iq_from[0] = 0;
438 XMPP->iq_type[0] = 0;
439 XMPP->iq_client_resource[0] = 0;
440 XMPP->iq_session = 0;
442 XMPP->iq_query_xmlns[0] = 0;
443 XMPP->bind_requested = 0;
444 XMPP->ping_requested = 0;
447 else if (!strcasecmp(el, "auth")) {
448 /* Try to authenticate (this function is responsible for the output stanza) */
449 xmpp_sasl_auth(XMPP->sasl_auth_mech, (XMPP->chardata != NULL ? XMPP->chardata : "") );
451 /* Now clear these fields out so they don't get used by a future stanza */
452 XMPP->sasl_auth_mech[0] = 0;
455 else if (!strcasecmp(el, "session")) {
456 XMPP->iq_session = 1;
459 else if (!strcasecmp(supplied_el, "vcard-temp:vCard")) {
463 else if (!strcasecmp(el, "presence")) {
464 /* Respond to a <presence> update by firing back with presence information
465 * on the entire wholist. Check this assumption, it's probably wrong.
467 xmpp_wholist_presence_dump();
470 else if ( (!strcasecmp(el, "body")) && (XMPP->html_tag_level == 0) ) {
471 if (XMPP->message_body != NULL) {
472 free(XMPP->message_body);
473 XMPP->message_body = NULL;
475 if (XMPP->chardata_len > 0) {
476 XMPP->message_body = strdup(XMPP->chardata);
480 else if (!strcasecmp(el, "message")) {
481 xmpp_send_message(XMPP->message_to, XMPP->message_body);
482 XMPP->html_tag_level = 0;
485 else if (!strcasecmp(el, "html")) {
486 --XMPP->html_tag_level;
489 else if (!strcasecmp(el, "starttls")) {
491 cprintf("<proceed xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>");
492 CtdlModuleStartCryptoMsgs(NULL, NULL, NULL);
493 if (!CC->redirect_ssl) CC->kill_me = KILLME_NO_CRYPTO;
495 cprintf("<failure xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>");
496 CC->kill_me = KILLME_NO_CRYPTO;
500 else if (!strcasecmp(el, "ping")) {
501 XMPP->ping_requested = 1;
504 else if (!strcasecmp(el, "stream")) {
505 syslog(LOG_DEBUG, "xmpp: client shut down their stream");
506 xmpp_massacre_roster();
507 cprintf("</stream>\n");
508 CC->kill_me = KILLME_CLIENT_LOGGED_OUT;
511 else if (!strcasecmp(el, "query")) {
512 /* already processed , no further action needed here */
515 else if (!strcasecmp(el, "bind")) {
516 /* already processed , no further action needed here */
520 syslog(LOG_DEBUG, "xmpp: ignoring unknown tag <%s>", el);
523 XMPP->chardata_len = 0;
524 if (XMPP->chardata_alloc > 0) {
525 XMPP->chardata[0] = 0;
530 void xmpp_xml_chardata(void *data, const XML_Char *s, int len)
534 if (X->chardata_alloc == 0) {
535 X->chardata_alloc = SIZ;
536 X->chardata = malloc(X->chardata_alloc);
538 if ((X->chardata_len + len + 1) > X->chardata_alloc) {
539 X->chardata_alloc = X->chardata_len + len + 1024;
540 X->chardata = realloc(X->chardata, X->chardata_alloc);
542 memcpy(&X->chardata[X->chardata_len], s, len);
543 X->chardata_len += len;
544 X->chardata[X->chardata_len] = 0;
549 * This cleanup function blows away the temporary memory and files used by the XMPP service.
551 void xmpp_cleanup_function(void) {
553 /* Don't do this stuff if this is not a XMPP session! */
554 if (CC->h_command_function != xmpp_command_loop) return;
556 if (XMPP->chardata != NULL) {
557 free(XMPP->chardata);
558 XMPP->chardata = NULL;
559 XMPP->chardata_len = 0;
560 XMPP->chardata_alloc = 0;
561 if (XMPP->message_body != NULL) {
562 free(XMPP->message_body);
565 XML_ParserFree(XMPP->xp);
571 * Here's where our XMPP session begins its happy day.
573 void xmpp_greeting(void) {
574 client_set_inbound_buf(4);
575 strcpy(CC->cs_clientname, "XMPP session");
576 CC->session_specific_data = malloc(sizeof(citxmpp));
577 memset(XMPP, 0, sizeof(citxmpp));
578 XMPP->last_event_processed = queue_event_seq;
580 /* XMPP does not use a greeting, but we still have to initialize some things. */
582 XMPP->xp = XML_ParserCreateNS("UTF-8", ':');
583 if (XMPP->xp == NULL) {
584 syslog(LOG_ERR, "xmpp: cannot create XML parser");
585 CC->kill_me = KILLME_XML_PARSER;
589 XML_SetElementHandler(XMPP->xp, xmpp_xml_start, xmpp_xml_end);
590 XML_SetCharacterDataHandler(XMPP->xp, xmpp_xml_chardata);
591 // XML_SetUserData(XMPP->xp, something...);
593 /* Prevent the "billion laughs" attack against expat by disabling
594 * internal entity expansion. With 2.x, forcibly stop the parser
595 * if an entity is declared - this is safer and a more obvious
596 * failure mode. With older versions, simply prevent expansion
597 * of such entities. */
598 #ifdef HAVE_XML_STOPPARSER
599 XML_SetEntityDeclHandler(XMPP->xp, xmpp_entity_declaration);
601 XML_SetDefaultHandler(XMPP->xp, NULL);
604 CC->can_receive_im = 1; /* This protocol is capable of receiving instant messages */
609 * Main command loop for XMPP sessions.
611 void xmpp_command_loop(void) {
613 StrBuf *stream_input = NewStrBuf();
616 rc = client_read_random_blob(stream_input, 30);
618 XML_Parse(XMPP->xp, ChrPtr(stream_input), rc, 0);
621 syslog(LOG_ERR, "xmpp: client disconnected: ending session.");
622 CC->kill_me = KILLME_CLIENT_DISCONNECTED;
624 FreeStrBuf(&stream_input);
629 * Async loop for XMPP sessions (handles the transmission of unsolicited stanzas)
631 void xmpp_async_loop(void) {
632 xmpp_process_events();
633 xmpp_output_incoming_messages();
638 * Login hook for XMPP sessions
640 void xmpp_login_hook(void) {
641 xmpp_queue_event(XMPP_EVT_LOGIN, CC->cs_principal_id);
646 * Logout hook for XMPP sessions
648 void xmpp_logout_hook(void) {
649 xmpp_queue_event(XMPP_EVT_LOGOUT, CC->cs_principal_id);
653 const char *CitadelServiceXMPP="XMPP";
654 CTDL_MODULE_INIT(xmpp)
657 CtdlRegisterServiceHook(CtdlGetConfigInt("c_xmpp_c2s_port"),
664 CtdlRegisterSessionHook(xmpp_cleanup_function, EVT_STOP, PRIO_STOP + 70);
665 CtdlRegisterSessionHook(xmpp_login_hook, EVT_LOGIN, PRIO_LOGIN + 90);
666 CtdlRegisterSessionHook(xmpp_logout_hook, EVT_LOGOUT, PRIO_LOGOUT + 90);
667 CtdlRegisterSessionHook(xmpp_login_hook, EVT_UNSTEALTH, PRIO_UNSTEALTH + 1);
668 CtdlRegisterSessionHook(xmpp_logout_hook, EVT_STEALTH, PRIO_STEALTH + 1);
672 /* return our module name for the log */