Revert xmpp back to a working state

[citadel.git] / citadel / modules / xmpp / xmpp_sasl_service.c

diff --git a/citadel/modules/xmpp/xmpp_sasl_service.c b/citadel/modules/xmpp/xmpp_sasl_service.c
index a9d73b3602b483a4cb383e459a0bbf2e377ada57..e7ad1a2b19f40e035750d0d2b750a9abc8957856 100644 (file)
--- a/citadel/modules/xmpp/xmpp_sasl_service.c
+++ b/citadel/modules/xmpp/xmpp_sasl_service.c
@@ -1,25 +1,23 @@
 /*
- * $Id$ 
- *
  * Barebones SASL authentication service for XMPP (Jabber) clients.
  *
  * Note: RFC3920 says we "must" support DIGEST-MD5 but we only support PLAIN.
  *
  * Copyright (c) 2007-2009 by Art Cancro
  *
- *  This program is free software; you can redistribute it and/or modify
- *  it under the terms of the GNU General Public License as published by
- *  the Free Software Foundation; either version 3 of the License, or
- *  (at your option) any later version.
+ *  This program is open source software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License version 3.
+ *  
+ *  
  *
  *  This program is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  *  GNU General Public License for more details.
  *
- *  You should have received a copy of the GNU General Public License
- *  along with this program; if not, write to the Free Software
- *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ *  
+ *  
+ *  
  *
  */
 
@@ -67,21 +65,37 @@
  */
 int xmpp_auth_plain(char *authstring)
 {
-       char decoded_authstring[1024];
-       char ident[256];
-       char user[256];
-       char pass[256];
+       StrBuf *AuthBuf;
+       const char *decoded_authstring;
+       char ident[256] = "";
+       char user[256] = "";
+       char pass[256] = "";
        int result;
+       long len;
 
 
        /* Take apart the authentication string */
        memset(pass, 0, sizeof(pass));
 
-       CtdlDecodeBase64(decoded_authstring, authstring, strlen(authstring));
-       safestrncpy(ident, decoded_authstring, sizeof ident);
-       safestrncpy(user, &decoded_authstring[strlen(ident) + 1], sizeof user);
-       safestrncpy(pass, &decoded_authstring[strlen(ident) + strlen(user) + 2], sizeof pass);
+       AuthBuf = NewStrBufPlain(authstring, -1);
+       len = StrBufDecodeBase64(AuthBuf);
+       if (len > 0)
+       {
+               decoded_authstring = ChrPtr(AuthBuf);
+
+               len = safestrncpy(ident, decoded_authstring, sizeof ident);
+
+               decoded_authstring += len + 1;
 
+               len = safestrncpy(user, decoded_authstring, sizeof user);
+
+               decoded_authstring += len + 1;
+
+               len = safestrncpy(pass, decoded_authstring, sizeof pass);
+               if (len < 0)
+                       len = sizeof(pass) - 1;
+       }
+       FreeStrBuf(&AuthBuf);
 
        /* If there are underscores in either string, change them to spaces.  Some clients
         * do not allow spaces so we can tell the user to substitute underscores if their
@@ -100,7 +114,7 @@ int xmpp_auth_plain(char *authstring)
        }
 
        if (result == login_ok) {
-               if (CtdlTryPassword(pass) == pass_ok) {
+               if (CtdlTryPassword(pass, len) == pass_ok) {
                        return(0);                              /* success */
                }
        }
@@ -162,7 +176,7 @@ void xmpp_non_sasl_authenticate(char *iq_id, char *username, char *password, cha
 
        result = CtdlLoginExistingUser(NULL, username);
        if (result == login_ok) {
-               result = CtdlTryPassword(password);
+               result = CtdlTryPassword(password, strlen(password));
                if (result == pass_ok) {
                        cprintf("<iq type=\"result\" id=\"%s\"></iq>", xmlesc(xmlbuf, iq_id, sizeof xmlbuf));   /* success */
                        return;