X-Git-Url: https://code.citadel.org/?a=blobdiff_plain;f=citadel%2Fmodules%2Fxmpp%2Fxmpp_sasl_service.c;h=bb31ddaba299242de58b9059fc35481022e0a29b;hb=7a9b0685e406cc83597171cc39d008c7e5459ca8;hp=e7ad1a2b19f40e035750d0d2b750a9abc8957856;hpb=e7c125bafc3bd24fd9cfb18c39b29abd19c7478f;p=citadel.git diff --git a/citadel/modules/xmpp/xmpp_sasl_service.c b/citadel/modules/xmpp/xmpp_sasl_service.c index e7ad1a2b1..bb31ddaba 100644 --- a/citadel/modules/xmpp/xmpp_sasl_service.c +++ b/citadel/modules/xmpp/xmpp_sasl_service.c @@ -3,22 +3,15 @@ * * Note: RFC3920 says we "must" support DIGEST-MD5 but we only support PLAIN. * - * Copyright (c) 2007-2009 by Art Cancro + * Copyright (c) 2007-2019 by Art Cancro * - * This program is open source software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License version 3. - * - * - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * - * - * + * This program is open source software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. */ #include "sysdep.h" @@ -30,18 +23,7 @@ #include #include #include - -#if TIME_WITH_SYS_TIME -# include -# include -#else -# if HAVE_SYS_TIME_H -# include -# else -# include -# endif -#endif - +#include #include #include #include @@ -55,7 +37,6 @@ #include "config.h" #include "user_ops.h" #include "internet_addressing.h" -#include "md5.h" #include "ctdl_module.h" #include "serv_xmpp.h" @@ -65,52 +46,29 @@ */ int xmpp_auth_plain(char *authstring) { - StrBuf *AuthBuf; - const char *decoded_authstring; - char ident[256] = ""; - char user[256] = ""; - char pass[256] = ""; + char decoded_authstring[1024]; + char ident[256]; + char user[256]; + char pass[256]; int result; long len; - /* Take apart the authentication string */ memset(pass, 0, sizeof(pass)); - AuthBuf = NewStrBufPlain(authstring, -1); - len = StrBufDecodeBase64(AuthBuf); - if (len > 0) - { - decoded_authstring = ChrPtr(AuthBuf); - - len = safestrncpy(ident, decoded_authstring, sizeof ident); - - decoded_authstring += len + 1; - - len = safestrncpy(user, decoded_authstring, sizeof user); - - decoded_authstring += len + 1; - - len = safestrncpy(pass, decoded_authstring, sizeof pass); - if (len < 0) - len = sizeof(pass) - 1; + CtdlDecodeBase64(decoded_authstring, authstring, strlen(authstring)); + safestrncpy(ident, decoded_authstring, sizeof ident); + safestrncpy(user, &decoded_authstring[strlen(ident) + 1], sizeof user); + len = safestrncpy(pass, &decoded_authstring[strlen(ident) + strlen(user) + 2], sizeof pass); + if (len < 0) { + len = -len; } - FreeStrBuf(&AuthBuf); - - /* If there are underscores in either string, change them to spaces. Some clients - * do not allow spaces so we can tell the user to substitute underscores if their - * login name contains spaces. - */ - convert_spaces_to_underscores(ident); - convert_spaces_to_underscores(user); - - /* Now attempt authentication */ if (!IsEmptyStr(ident)) { - result = CtdlLoginExistingUser(user, ident); + result = CtdlLoginExistingUser(ident); } else { - result = CtdlLoginExistingUser(NULL, user); + result = CtdlLoginExistingUser(user); } if (result == login_ok) { @@ -132,6 +90,7 @@ void xmpp_output_auth_mechs(void) { cprintf(""); } + /* * Here we go ... client is trying to authenticate. */ @@ -144,7 +103,9 @@ void xmpp_sasl_auth(char *sasl_auth_mech, char *authstring) { return; } - if (CC->logged_in) CtdlUserLogout(); /* Client may try to log in twice. Handle this. */ + if (CC->logged_in) { + CtdlUserLogout(); /* Client may try to log in twice. Handle this. */ + } if (CC->nologin) { cprintf(""); @@ -164,17 +125,18 @@ void xmpp_sasl_auth(char *sasl_auth_mech, char *authstring) { } - /* * Non-SASL authentication */ -void xmpp_non_sasl_authenticate(char *iq_id, char *username, char *password, char *resource) { +void xmpp_non_sasl_authenticate(char *iq_id, char *username, char *password) { int result; char xmlbuf[256]; - if (CC->logged_in) CtdlUserLogout(); /* Client may try to log in twice. Handle this. */ + if (CC->logged_in) { + CtdlUserLogout(); /* Client may try to log in twice. Handle this. */ + } - result = CtdlLoginExistingUser(NULL, username); + result = CtdlLoginExistingUser(username); if (result == login_ok) { result = CtdlTryPassword(password, strlen(password)); if (result == pass_ok) {