*
* Note: RFC3920 says we "must" support DIGEST-MD5 but we only support PLAIN.
*
- * Copyright (c) 2007-2018 by Art Cancro
+ * Copyright (c) 2007-2019 by Art Cancro
*
* This program is open source software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 3.
#include "config.h"
#include "user_ops.h"
#include "internet_addressing.h"
-#include "md5.h"
#include "ctdl_module.h"
#include "serv_xmpp.h"
char pass[256];
int result;
long len;
- int i;
/* Take apart the authentication string */
memset(pass, 0, sizeof(pass));
safestrncpy(ident, decoded_authstring, sizeof ident);
safestrncpy(user, &decoded_authstring[strlen(ident) + 1], sizeof user);
len = safestrncpy(pass, &decoded_authstring[strlen(ident) + strlen(user) + 2], sizeof pass);
- if (len < 0)
+ if (len < 0) {
len = -len;
-
- /* If there are underscores in either string, change them to spaces. Some clients
- * do not allow spaces so we can tell the user to substitute underscores if their
- * login name contains spaces.
- */
- for (i=0; ident[i]!=0; ++i) {
- if (ident[i] == '_') {
- ident[i] = ' ';
- }
}
- for (i=0; user[i]!=0; ++i) {
- if (user[i] == '_') {
- user[i] = ' ';
- }
- }
-
- /* Now attempt authentication */
if (!IsEmptyStr(ident)) {
result = CtdlLoginExistingUser(ident);
cprintf("</mechanisms>");
}
+
/*
* Here we go ... client is trying to authenticate.
*/
return;
}
- if (CC->logged_in) CtdlUserLogout(); /* Client may try to log in twice. Handle this. */
+ if (CC->logged_in) {
+ CtdlUserLogout(); /* Client may try to log in twice. Handle this. */
+ }
if (CC->nologin) {
cprintf("<failure xmlns=\"urn:ietf:params:xml:ns:xmpp-sasl\">");
}
-
/*
* Non-SASL authentication
*/
int result;
char xmlbuf[256];
- if (CC->logged_in) CtdlUserLogout(); /* Client may try to log in twice. Handle this. */
+ if (CC->logged_in) {
+ CtdlUserLogout(); /* Client may try to log in twice. Handle this. */
+ }
result = CtdlLoginExistingUser(username);
if (result == login_ok) {