/*
- * $Id$
- *
* Barebones SASL authentication service for XMPP (Jabber) clients.
*
* Note: RFC3920 says we "must" support DIGEST-MD5 but we only support PLAIN.
*
* Copyright (c) 2007-2009 by Art Cancro
*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
+ * This program is open source software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 3.
+ *
+ *
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ *
+ *
+ *
*
*/
char user[256];
char pass[256];
int result;
+ long len;
/* Take apart the authentication string */
CtdlDecodeBase64(decoded_authstring, authstring, strlen(authstring));
safestrncpy(ident, decoded_authstring, sizeof ident);
safestrncpy(user, &decoded_authstring[strlen(ident) + 1], sizeof user);
- safestrncpy(pass, &decoded_authstring[strlen(ident) + strlen(user) + 2], sizeof pass);
-
+ len = safestrncpy(pass, &decoded_authstring[strlen(ident) + strlen(user) + 2], sizeof pass);
+ if (len < 0)
+ len = -len;
/* If there are underscores in either string, change them to spaces. Some clients
* do not allow spaces so we can tell the user to substitute underscores if their
}
if (result == login_ok) {
- if (CtdlTryPassword(pass) == pass_ok) {
+ if (CtdlTryPassword(pass, len) == pass_ok) {
return(0); /* success */
}
}
* Output the list of SASL mechanisms offered by this stream.
*/
void xmpp_output_auth_mechs(void) {
- cprintf("<mechanisms xmlns=\"urn:ietf:params:xml:ns:xmpp-sasl\">");
- cprintf("<mechanism>PLAIN</mechanism>");
- cprintf("</mechanisms>");
+ XPUT("<mechanisms xmlns=\"urn:ietf:params:xml:ns:xmpp-sasl\">"
+ "<mechanism>PLAIN</mechanism>"
+ "</mechanisms>");
}
/*
void xmpp_sasl_auth(char *sasl_auth_mech, char *authstring) {
if (strcasecmp(sasl_auth_mech, "PLAIN")) {
- cprintf("<failure xmlns=\"urn:ietf:params:xml:ns:xmpp-sasl\">");
- cprintf("<invalid-mechanism/>");
- cprintf("</failure>");
+ XPUT("<failure xmlns=\"urn:ietf:params:xml:ns:xmpp-sasl\">"
+ "<invalid-mechanism/>"
+ "</failure>");
return;
}
if (CC->logged_in) CtdlUserLogout(); /* Client may try to log in twice. Handle this. */
if (CC->nologin) {
- cprintf("<failure xmlns=\"urn:ietf:params:xml:ns:xmpp-sasl\">");
- cprintf("<system-shutdown/>");
- cprintf("</failure>");
+ XPUT("<failure xmlns=\"urn:ietf:params:xml:ns:xmpp-sasl\">"
+ "<system-shutdown/>"
+ "</failure>");
}
else if (xmpp_auth_plain(authstring) == 0) {
- cprintf("<success xmlns=\"urn:ietf:params:xml:ns:xmpp-sasl\"/>");
+ XPUT("<success xmlns=\"urn:ietf:params:xml:ns:xmpp-sasl\"/>");
}
else {
- cprintf("<failure xmlns=\"urn:ietf:params:xml:ns:xmpp-sasl\">");
- cprintf("<not-authorized/>");
- cprintf("</failure>");
+ XPUT("<failure xmlns=\"urn:ietf:params:xml:ns:xmpp-sasl\">"
+ "<not-authorized/>"
+ "</failure>");
}
}
/*
* Non-SASL authentication
*/
-void xmpp_non_sasl_authenticate(char *iq_id, char *username, char *password, char *resource) {
+void xmpp_non_sasl_authenticate(StrBuf *IQ_id, char *username, char *password, char *resource) {
int result;
- char xmlbuf[256];
if (CC->logged_in) CtdlUserLogout(); /* Client may try to log in twice. Handle this. */
result = CtdlLoginExistingUser(NULL, username);
if (result == login_ok) {
- result = CtdlTryPassword(password);
+ result = CtdlTryPassword(password, strlen(password));
if (result == pass_ok) {
- cprintf("<iq type=\"result\" id=\"%s\"></iq>", xmlesc(xmlbuf, iq_id, sizeof xmlbuf)); /* success */
+ XPrint(HKEY("iq"), XCLOSED,
+ XCPROPERTY("type", "result"),
+ XSPROPERTY("ID", IQ_id),
+ TYPE_ARGEND);
+ /* success */
return;
}
}
/* failure */
- cprintf("<iq type=\"error\" id=\"%s\">", xmlesc(xmlbuf, iq_id, sizeof xmlbuf));
- cprintf("<error code=\"401\" type=\"auth\">"
- "<not-authorized xmlns=\"urn:ietf:params:xml:ns:xmpp-stanzas\"/>"
- "</error>"
- "</iq>"
+ XPrint(HKEY("iq"), 0,
+ XCPROPERTY("type", "error"),
+ XSPROPERTY("ID", IQ_id),
+ TYPE_ARGEND);
+ XPUT("<error code=\"401\" type=\"auth\">"
+ "<not-authorized xmlns=\"urn:ietf:params:xml:ns:xmpp-stanzas\"/>"
+ "</error>"
+ "</iq>"
);
}
projects / citadel.git / blobdiff