X-Git-Url: https://code.citadel.org/?a=blobdiff_plain;f=citadel%2Fmodules%2Fxmpp%2Fxmpp_sasl_service.c;fp=citadel%2Fmodules%2Fxmpp%2Fxmpp_sasl_service.c;h=aee8bb7576457f7d793c7b67e1f7c885177622ba;hb=263eb53ff5e8a68b61789dad6ac3f999d98e8f2c;hp=a9d73b3602b483a4cb383e459a0bbf2e377ada57;hpb=d618782c3acea2b76ad78b2744093bf9b99ca6ab;p=citadel.git diff --git a/citadel/modules/xmpp/xmpp_sasl_service.c b/citadel/modules/xmpp/xmpp_sasl_service.c index a9d73b360..aee8bb757 100644 --- a/citadel/modules/xmpp/xmpp_sasl_service.c +++ b/citadel/modules/xmpp/xmpp_sasl_service.c @@ -72,6 +72,7 @@ int xmpp_auth_plain(char *authstring) char user[256]; char pass[256]; int result; + long len; /* Take apart the authentication string */ @@ -80,8 +81,9 @@ int xmpp_auth_plain(char *authstring) CtdlDecodeBase64(decoded_authstring, authstring, strlen(authstring)); safestrncpy(ident, decoded_authstring, sizeof ident); safestrncpy(user, &decoded_authstring[strlen(ident) + 1], sizeof user); - safestrncpy(pass, &decoded_authstring[strlen(ident) + strlen(user) + 2], sizeof pass); - + len = safestrncpy(pass, &decoded_authstring[strlen(ident) + strlen(user) + 2], sizeof pass); + if (len < 0) + len = -len; /* If there are underscores in either string, change them to spaces. Some clients * do not allow spaces so we can tell the user to substitute underscores if their @@ -100,7 +102,7 @@ int xmpp_auth_plain(char *authstring) } if (result == login_ok) { - if (CtdlTryPassword(pass) == pass_ok) { + if (CtdlTryPassword(pass, len) == pass_ok) { return(0); /* success */ } } @@ -162,7 +164,7 @@ void xmpp_non_sasl_authenticate(char *iq_id, char *username, char *password, cha result = CtdlLoginExistingUser(NULL, username); if (result == login_ok) { - result = CtdlTryPassword(password); + result = CtdlTryPassword(password, strlen(password)); if (result == pass_ok) { cprintf("", xmlesc(xmlbuf, iq_id, sizeof xmlbuf)); /* success */ return;