Disable SCRAM if username/password contains non-ascii characters as saslprep is not yet used

author: Marius Halden <marius.h@lden.org> 2016-06-20 18:20:11 +0200
committer: Marius Halden <marius.h@lden.org> 2016-06-26 14:28:58 +0200
commit: 8f02b17f4244f07d60cbedd2db039b616210d1f9 (patch)
tree: 77ddf8c4dbd80ce2b27fd254e766d4308ac3a7d4
parent: a110ae7c40ddd8ad099f94d7197848cf26f4511a (diff)
1 files changed, 19 insertions, 0 deletions
diff --git a/protocols/jabber/sasl.c b/protocols/jabber/sasl.c
index de91034b..b60bdc7e 100644
--- a/protocols/jabber/sasl.c
+++ b/protocols/jabber/sasl.c
@@ -40,6 +40,20 @@ const struct oauth2_service oauth2_service_google =
 	"6C-Zgf7Tr7gEQTPlBhMUgo7R",
 };
 
+static int is_ascii(const char *str)
+{
+	if (!str) {
+		return 0;
+	}
+
+	while (*str) {
+		if (*str++ & 0x80)
+			return 0;
+	}
+
+	return 1;
+}
+
 xt_status sasl_pkt_mechanisms(struct xt_node *node, gpointer data)
 {
 	struct im_connection *ic = data;
@@ -92,6 +106,11 @@ xt_status sasl_pkt_mechanisms(struct xt_node *node, gpointer data)
 		c = c->next;
 	}
 
+	if (sup_scram && (!is_ascii(jd->username) || !is_ascii(ic->acc->pass))) {
+		imcb_log(ic, "Username/password contains non-ascii characters, SCRAM authentication disabled");
+		sup_scram = 0;
+	}
+
 	if (!want_oauth && !want_anonymous && !sup_plain && !sup_digest && !sup_scram) {
 		if (sup_gtalk) {
 			imcb_error(ic, "This server requires OAuth "
author	Marius Halden <marius.h@lden.org>	2016-06-20 18:20:11 +0200
committer	Marius Halden <marius.h@lden.org>	2016-06-26 14:28:58 +0200
commit	8f02b17f4244f07d60cbedd2db039b616210d1f9 (patch)
tree	77ddf8c4dbd80ce2b27fd254e766d4308ac3a7d4
parent	a110ae7c40ddd8ad099f94d7197848cf26f4511a (diff)