/* If we're not logged in yet, offer SASL as our feature set */
xmpp_output_auth_mechs();
- /* Also offer non-SASL authentication
- cprintf("<auth xmlns=\"http://jabber.org/features/iq-auth\"/>"); */
+ /* Also offer non-SASL authentication */
+ cprintf("<auth xmlns=\"http://jabber.org/features/iq-auth\"/>");
}
/* Offer binding and sessions as part of our feature set */
if (XMPP->chardata_len > 0) {
safestrncpy(XMPP->iq_client_resource, XMPP->chardata,
sizeof XMPP->iq_client_resource);
+ striplt(XMPP->iq_client_resource);
+ }
+ }
+
+ if (!strcasecmp(el, "username")) { /* NON SASL ONLY */
+ if (XMPP->chardata_len > 0) {
+ safestrncpy(XMPP->iq_client_username, XMPP->chardata,
+ sizeof XMPP->iq_client_username);
+ striplt(XMPP->iq_client_username);
+ }
+ }
+
+ if (!strcasecmp(el, "password")) { /* NON SASL ONLY */
+ if (XMPP->chardata_len > 0) {
+ safestrncpy(XMPP->iq_client_password, XMPP->chardata,
+ sizeof XMPP->iq_client_password);
+ striplt(XMPP->iq_client_password);
}
}
}
}
+ /*
+ * Non SASL authentication
+ */
+ else if (
+ (!strcasecmp(XMPP->iq_type, "set"))
+ && (!strcasecmp(XMPP->iq_query_xmlns, "jabber:iq:auth:query"))
+ ) {
+
+ jabber_non_sasl_authenticate(
+ XMPP->iq_id,
+ XMPP->iq_client_username,
+ XMPP->iq_client_password,
+ XMPP->iq_client_resource
+ );
+ }
+
/*
* If this <iq> stanza was a "bind" attempt, process it ...
*/
char iq_id[256];
char iq_from[256];
char iq_to[256];
+ char iq_client_username[256]; /* username requested by the client (NON SASL ONLY) */
+ char iq_client_password[256]; /* password requested by the client (NON SASL ONLY) */
char iq_client_resource[256]; /* resource name requested by the client */
int iq_session; /* nonzero == client is requesting a session */
char iq_query_xmlns[256]; /* Namespace of <query> */
void xmpp_presence_notify(char *, char *);
void jabber_roster_item(struct CitContext *);
void jabber_send_message(char *, char *);
+void jabber_non_sasl_authenticate(char *, char *, char *, char *);
}
}
+
+
+/*
+ * Non-SASL authentication
+ */
+void jabber_non_sasl_authenticate(char *iq_id, char *username, char *password, char *resource) {
+ int result;
+
+ if (CC->logged_in) logout(CC); /* Client may try to log in twice. Handle this. */
+
+ result = CtdlLoginExistingUser(NULL, username);
+ if (result == login_ok) {
+ result = CtdlTryPassword(password);
+ if (result == pass_ok) {
+ cprintf("<iq type=\"result\" id=\"%s\"></iq>", iq_id); /* success */
+ return;
+ }
+ }
+
+ /* failure */
+ cprintf("<iq type=\"error\" id=\"%s\">", iq_id);
+ cprintf("<error code=\"401\" type=\"auth\">"
+ "<not-authorized xmlns=\"urn:ietf:params:xml:ns:xmpp-stanzas\"/>"
+ "</error>"
+ "</iq>"
+ );
+}
+
+
+
#endif /* HAVE_EXPAT */
projects / citadel.git / commitdiff