diff options
| -rw-r--r-- | Makefile | 15 | ||||
| -rw-r--r-- | doc/user-guide/commands.xml | 6 | ||||
| -rw-r--r-- | irc_im.c | 8 | ||||
| -rw-r--r-- | lib/Makefile | 2 | ||||
| -rw-r--r-- | lib/md5.c | 11 | ||||
| -rw-r--r-- | lib/md5.h | 1 | ||||
| -rw-r--r-- | lib/misc.c | 55 | ||||
| -rw-r--r-- | lib/misc.h | 4 | ||||
| -rw-r--r-- | lib/oauth.c | 64 | ||||
| -rw-r--r-- | lib/oauth.h | 5 | ||||
| -rw-r--r-- | lib/oauth2.c | 195 | ||||
| -rw-r--r-- | lib/oauth2.h | 50 | ||||
| -rw-r--r-- | protocols/jabber/conference.c | 3 | ||||
| -rw-r--r-- | protocols/jabber/iq.c | 26 | ||||
| -rw-r--r-- | protocols/jabber/jabber.c | 134 | ||||
| -rw-r--r-- | protocols/jabber/jabber.h | 17 | ||||
| -rw-r--r-- | protocols/jabber/jabber_util.c | 18 | ||||
| -rw-r--r-- | protocols/jabber/sasl.c | 238 | ||||
| -rw-r--r-- | protocols/msn/msn.h | 1 | ||||
| -rw-r--r-- | protocols/msn/msn_util.c | 52 | ||||
| -rw-r--r-- | protocols/msn/ns.c | 14 | ||||
| -rw-r--r-- | protocols/msn/sb.c | 8 | ||||
| -rw-r--r-- | protocols/nogaim.c | 19 | ||||
| -rw-r--r-- | protocols/twitter/twitter.c | 6 | ||||
| -rw-r--r-- | root_commands.c | 24 | ||||
| -rw-r--r-- | set.c | 28 | ||||
| -rw-r--r-- | set.h | 4 |
27 files changed, 770 insertions, 238 deletions
@@ -26,12 +26,14 @@ endif # Expansion of variables subdirobjs = $(foreach dir,$(subdirs),$(dir)/$(dir).o) -all: $(OUTFILE) $(OTR_PI) $(SKYPE_PI) systemd - $(MAKE) -C doc +all: $(OUTFILE) $(OTR_PI) $(SKYPE_PI) doc systemd ifdef SKYPE_PI $(MAKE) -C protocols/skype doc endif +doc: + $(MAKE) -C doc + uninstall: uninstall-bin uninstall-doc @echo -e '\nmake uninstall does not remove files in '$(DESTDIR)$(ETCDIR)', you can use make uninstall-etc to do that.\n' @@ -42,7 +44,7 @@ install: install-bin install-doc install-plugins install-systemd .PHONY: install install-bin install-etc install-doc install-plugins install-systemd \ uninstall uninstall-bin uninstall-etc uninstall-doc \ - all clean distclean tar $(subdirs) + all clean distclean tar $(subdirs) doc Makefile.settings: @echo @@ -188,5 +190,12 @@ ctags: helloworld: @echo Hello World +# Check if we can load the helpfile. (This fails if some article is >1KB.) +# If print returns a NULL pointer, the file is unusable. +testhelp: doc + gdb --eval-command='b main' --eval-command='r' \ + --eval-command='print help_init(&global->helpfile, "doc/user-guide/help.txt")' \ + $(OUTFILE) < /dev/null + -include .depend/*.d # DO NOT DELETE diff --git a/doc/user-guide/commands.xml b/doc/user-guide/commands.xml index 8fc58c9e..dccf87ed 100644 --- a/doc/user-guide/commands.xml +++ b/doc/user-guide/commands.xml @@ -1125,15 +1125,15 @@ <description> <para> - This enables OAuth authentication for Twitter accounts. From June 2010 this will be mandatory. + This enables OAuth authentication for an IM account; right now the Twitter (working for Twitter only) and Jabber (for Google Talk, Facebook and MSN Messenger) module support it. </para> <para> - With OAuth enabled, you shouldn't tell BitlBee your Twitter password. Just add your account with a bogus password and type <emphasis>account on</emphasis>. BitlBee will then give you a URL to authenticate with Twitter. If this succeeds, Twitter will return a PIN code which you can give back to BitlBee to finish the process. + With OAuth enabled, you shouldn't tell BitlBee your account password. Just add your account with a bogus password and type <emphasis>account on</emphasis>. BitlBee will then give you a URL to authenticate with the service. If this succeeds, you will get a PIN code which you can give back to BitlBee to finish the process. </para> <para> - The resulting access token will be saved permanently, so you have to do this only once. + The resulting access token will be saved permanently, so you have to do this only once. If for any reason you want to/have to reauthenticate, you can use <emphasis>account set</emphasis> to reset the account password to something random. </para> </description> @@ -441,9 +441,13 @@ static gboolean bee_irc_user_privmsg( irc_user_t *iu, const char *msg ) static gboolean bee_irc_user_privmsg_cb( gpointer data, gint fd, b_input_condition cond ) { irc_user_t *iu = data; - char *msg = g_string_free( iu->pastebuf, FALSE ); + char *msg; GSList *l; + msg = g_string_free( iu->pastebuf, FALSE ); + iu->pastebuf = NULL; + iu->pastebuf_timer = 0; + for( l = irc_plugins; l; l = l->next ) { irc_plugin_t *p = l->data; @@ -469,8 +473,6 @@ static gboolean bee_irc_user_privmsg_cb( gpointer data, gint fd, b_input_conditi bee_user_msg( iu->irc->b, iu->bu, msg, 0 ); g_free( msg ); - iu->pastebuf = NULL; - iu->pastebuf_timer = 0; return FALSE; } diff --git a/lib/Makefile b/lib/Makefile index 3ae43935..5f24139d 100644 --- a/lib/Makefile +++ b/lib/Makefile @@ -12,7 +12,7 @@ SRCDIR := $(SRCDIR)lib/ endif # [SH] Program variables -objects = arc.o base64.o $(DES) $(EVENT_HANDLER) ftutil.o http_client.o ini.o md5.o misc.o oauth.o proxy.o sha1.o $(SSL_CLIENT) url.o xmltree.o +objects = arc.o base64.o $(DES) $(EVENT_HANDLER) ftutil.o http_client.o ini.o md5.o misc.o oauth.o oauth2.o proxy.o sha1.o $(SSL_CLIENT) url.o xmltree.o LFLAGS += -r @@ -23,6 +23,7 @@ #include <sys/types.h> #include <string.h> /* for memcpy() */ +#include <stdio.h> #include "md5.h" static void md5_transform(uint32_t buf[4], uint32_t const in[16]); @@ -161,6 +162,16 @@ void md5_finish(struct MD5Context *ctx, md5_byte_t digest[16]) memset(ctx, 0, sizeof(ctx)); /* In case it's sensitive */ } +void md5_finish_ascii(struct MD5Context *context, char *ascii) +{ + md5_byte_t bin[16]; + int i; + + md5_finish(context, bin); + for (i = 0; i < 16; i ++) + sprintf(ascii + i * 2, "%02x", bin[i]); +} + /* The four core functions - F1 is optimized somewhat */ /* #define F1(x, y, z) (x & y | ~x & z) */ @@ -42,5 +42,6 @@ typedef struct MD5Context { G_MODULE_EXPORT void md5_init(struct MD5Context *context); G_MODULE_EXPORT void md5_append(struct MD5Context *context, const md5_byte_t *buf, unsigned int len); G_MODULE_EXPORT void md5_finish(struct MD5Context *context, md5_byte_t digest[16]); +G_MODULE_EXPORT void md5_finish_ascii(struct MD5Context *context, char *ascii); #endif @@ -728,3 +728,58 @@ char **split_command_parts( char *command ) return cmd; } + +char *get_rfc822_header( char *text, char *header, int len ) +{ + int hlen = strlen( header ), i; + char *ret; + + if( text == NULL ) + return NULL; + + if( len == 0 ) + len = strlen( text ); + + i = 0; + while( ( i + hlen ) < len ) + { + /* Maybe this is a bit over-commented, but I just hate this part... */ + if( g_strncasecmp( text + i, header, hlen ) == 0 ) + { + /* Skip to the (probable) end of the header */ + i += hlen; + + /* Find the first non-[: \t] character */ + while( i < len && ( text[i] == ':' || text[i] == ' ' || text[i] == '\t' ) ) i ++; + + /* Make sure we're still inside the string */ + if( i >= len ) return( NULL ); + + /* Save the position */ + ret = text + i; + + /* Search for the end of this line */ + while( i < len && text[i] != '\r' && text[i] != '\n' ) i ++; + + /* Make sure we're still inside the string */ + if( i >= len ) return( NULL ); + + /* Copy the found data */ + return( g_strndup( ret, text + i - ret ) ); + } + + /* This wasn't the header we were looking for, skip to the next line. */ + while( i < len && ( text[i] != '\r' && text[i] != '\n' ) ) i ++; + while( i < len && ( text[i] == '\r' || text[i] == '\n' ) ) i ++; + + /* End of headers? */ + if( ( i >= 4 && strncmp( text + i - 4, "\r\n\r\n", 4 ) == 0 ) || + ( i >= 2 && ( strncmp( text + i - 2, "\n\n", 2 ) == 0 || + strncmp( text + i - 2, "\r\r", 2 ) == 0 ) ) ) + { + break; + } + } + + return NULL; +} @@ -64,11 +64,9 @@ G_MODULE_EXPORT struct ns_srv_reply **srv_lookup( char *service, char *protocol, G_MODULE_EXPORT void srv_free( struct ns_srv_reply **srv ); G_MODULE_EXPORT char *word_wrap( const char *msg, int line_len ); - G_MODULE_EXPORT gboolean ssl_sockerr_again( void *ssl ); - G_MODULE_EXPORT int md5_verify_password( char *password, char *hash ); - G_MODULE_EXPORT char **split_command_parts( char *command ); +G_MODULE_EXPORT char *get_rfc822_header( char *text, char *header, int len ); #endif diff --git a/lib/oauth.c b/lib/oauth.c index 372a62d3..04949e1b 100644 --- a/lib/oauth.c +++ b/lib/oauth.c @@ -37,64 +37,31 @@ static char *oauth_sign( const char *method, const char *url, const char *params, struct oauth_info *oi ) { - sha1_state_t sha1; uint8_t hash[sha1_hash_size]; - uint8_t key[HMAC_BLOCK_SIZE+1]; + GString *payload = g_string_new( "" ); + char *key; char *s; - int i; - /* Create K. If our current key is >64 chars we have to hash it, - otherwise just pad. */ - memset( key, 0, HMAC_BLOCK_SIZE ); - i = strlen( oi->sp->consumer_secret ) + 1 + ( oi->token_secret ? strlen( oi->token_secret ) : 0 ); - if( i > HMAC_BLOCK_SIZE ) - { - sha1_init( &sha1 ); - sha1_append( &sha1, (uint8_t*) oi->sp->consumer_secret, strlen( oi->sp->consumer_secret ) ); - sha1_append( &sha1, (uint8_t*) "&", 1 ); - if( oi->token_secret ) - sha1_append( &sha1, (uint8_t*) oi->token_secret, strlen( oi->token_secret ) ); - sha1_finish( &sha1, key ); - } - else - { - g_snprintf( (gchar*) key, HMAC_BLOCK_SIZE + 1, "%s&%s", - oi->sp->consumer_secret, oi->token_secret ? oi->token_secret : "" ); - } - - /* Inner part: H(K XOR 0x36, text) */ - sha1_init( &sha1 ); + key = g_strdup_printf( "%s&%s", oi->sp->consumer_secret, oi->token_secret ? oi->token_secret : "" ); - for( i = 0; i < HMAC_BLOCK_SIZE; i ++ ) - key[i] ^= 0x36; - sha1_append( &sha1, key, HMAC_BLOCK_SIZE ); - - /* OAuth: text = method&url¶ms, all http_encoded. */ - sha1_append( &sha1, (const uint8_t*) method, strlen( method ) ); - sha1_append( &sha1, (const uint8_t*) "&", 1 ); + g_string_append_printf( payload, "%s&", method ); s = g_new0( char, strlen( url ) * 3 + 1 ); strcpy( s, url ); http_encode( s ); - sha1_append( &sha1, (const uint8_t*) s, strlen( s ) ); - sha1_append( &sha1, (const uint8_t*) "&", 1 ); + g_string_append_printf( payload, "%s&", s ); g_free( s ); s = g_new0( char, strlen( params ) * 3 + 1 ); strcpy( s, params ); http_encode( s ); - sha1_append( &sha1, (const uint8_t*) s, strlen( s ) ); + g_string_append( payload, s ); g_free( s ); - sha1_finish( &sha1, hash ); + sha1_hmac( key, 0, payload->str, 0, hash ); - /* Final result: H(K XOR 0x5C, inner stuff) */ - sha1_init( &sha1 ); - for( i = 0; i < HMAC_BLOCK_SIZE; i ++ ) - key[i] ^= 0x36 ^ 0x5c; - sha1_append( &sha1, key, HMAC_BLOCK_SIZE ); - sha1_append( &sha1, hash, sha1_hash_size ); - sha1_finish( &sha1, hash ); + g_free( key ); + g_string_free( payload, TRUE ); /* base64_encode + HTTP escape it (both consumers need it that away) and we're done. */ @@ -121,6 +88,9 @@ void oauth_params_add( GSList **params, const char *key, const char *value ) { char *item; + if( !key || !value ) + return; + item = g_strdup_printf( "%s=%s", key, value ); *params = g_slist_insert_sorted( *params, item, (GCompareFunc) strcmp ); } @@ -130,6 +100,9 @@ void oauth_params_del( GSList **params, const char *key ) int key_len = strlen( key ); GSList *l, *n; + if( params == NULL ) + return; + for( l = *params; l; l = n ) { n = l->next; @@ -154,6 +127,9 @@ const char *oauth_params_get( GSList **params, const char *key ) int key_len = strlen( key ); GSList *l; + if( params == NULL ) + return NULL; + for( l = *params; l; l = l->next ) { if( strncmp( (char*) l->data, key, key_len ) == 0 && @@ -164,7 +140,7 @@ const char *oauth_params_get( GSList **params, const char *key ) return NULL; } -static void oauth_params_parse( GSList **params, char *in ) +void oauth_params_parse( GSList **params, char *in ) { char *amp, *eq, *s; @@ -332,6 +308,7 @@ static void oauth_request_token_done( struct http_request *req ) st->auth_url = g_strdup_printf( "%s?%s", st->sp->url_authorize, req->reply_body ); oauth_params_parse( ¶ms, req->reply_body ); st->request_token = g_strdup( oauth_params_get( ¶ms, "oauth_token" ) ); + st->token_secret = g_strdup( oauth_params_get( ¶ms, "oauth_token_secret" ) ); oauth_params_free( ¶ms ); } @@ -361,6 +338,7 @@ static void oauth_access_token_done( struct http_request *req ) { oauth_params_parse( &st->params, req->reply_body ); st->token = g_strdup( oauth_params_get( &st->params, "oauth_token" ) ); + g_free( st->token_secret ); st->token_secret = g_strdup( oauth_params_get( &st->params, "oauth_token_secret" ) ); } diff --git a/lib/oauth.h b/lib/oauth.h index 8270a545..50adc95c 100644 --- a/lib/oauth.h +++ b/lib/oauth.h @@ -91,4 +91,9 @@ char *oauth_to_string( struct oauth_info *oi ); struct oauth_info *oauth_from_string( char *in, const struct oauth_service *sp ); /* For reading misc. data. */ +void oauth_params_add( GSList **params, const char *key, const char *value ); +void oauth_params_parse( GSList **params, char *in ); +void oauth_params_free( GSList **params ); +char *oauth_params_string( GSList *params ); +void oauth_params_set( GSList **params, const char *key, const char *value ); const char *oauth_params_get( GSList **params, const char *key ); diff --git a/lib/oauth2.c b/lib/oauth2.c new file mode 100644 index 00000000..0348d0d0 --- /dev/null +++ b/lib/oauth2.c @@ -0,0 +1,195 @@ +/***************************************************************************\ +* * +* BitlBee - An IRC to IM gateway * +* Simple OAuth client (consumer) implementation. * +* * +* Copyright 2010-2011 Wilmer van der Gaast <wilmer@gaast.net> * +* * +* This program is free software; you can redistribute it and/or modify * +* it under the terms of the GNU General Public License as published by * +* the Free Software Foundation; either version 2 of the License, or * +* (at your option) any later version. * +* * +* This program is distributed in the hope that it will be useful, * +* but WITHOUT ANY WARRANTY; without even the implied warranty of * +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * +* GNU General Public License for more details. * +* * +* You should have received a copy of the GNU General Public License along * +* with this program; if not, write to the Free Software Foundation, Inc., * +* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * +* * +\***************************************************************************/ + +#include <glib.h> +#include "http_client.h" +#include "oauth2.h" +#include "oauth.h" +#include "url.h" + +char *oauth2_url( const struct oauth2_service *sp ) +{ + return g_strconcat( sp->auth_url, + "?scope=", sp->scope, + "&response_type=code" + "&redirect_uri=", sp->redirect_url, + "&client_id=", sp->consumer_key, + NULL ); +} + +struct oauth2_access_token_data +{ + oauth2_token_callback func; + gpointer data; +}; + +static char *oauth2_json_dumb_get( const char *json, const char *key ); +static void oauth2_access_token_done( struct http_request *req ); + +int oauth2_access_token( const struct oauth2_service *sp, + const char *auth_type, const char *auth, + oauth2_token_callback func, gpointer data ) +{ + GSList *args = NULL; + char *args_s, *s; + url_t url_p; + struct http_request *req; + struct oauth2_access_token_data *cb_data; + + if( !url_set( &url_p, sp->token_url ) ) + return 0; + + oauth_params_add( &args, "client_id", sp->consumer_key ); + oauth_params_add( &args, "client_secret", sp->consumer_secret ); + oauth_params_add( &args, "grant_type", auth_type ); + if( strcmp( auth_type, OAUTH2_AUTH_CODE ) == 0 ) + { + oauth_params_add( &args, "redirect_uri", sp->redirect_url ); + oauth_params_add( &args, "code", auth ); + } + else + { + oauth_params_add( &args, "refresh_token", auth ); + } + args_s = oauth_params_string( args ); + oauth_params_free( &args ); + + s = g_strdup_printf( "POST %s HTTP/1.0\r\n" + "Host: %s\r\n" + "Content-Type: application/x-www-form-urlencoded\r\n" + "Content-Length: %zd\r\n" + "Connection: close\r\n" + "\r\n" + "%s", url_p.file, url_p.host, strlen( args_s ), args_s ); + g_free( args_s ); + + cb_data = g_new0( struct oauth2_access_token_data, 1 ); + cb_data->func = func; + cb_data->data = data; + + req = http_dorequest( url_p.host, url_p.port, url_p.proto == PROTO_HTTPS, + s, oauth2_access_token_done, cb_data ); + + g_free( s ); + + if( req == NULL ) + g_free( cb_data ); + + return req != NULL; +} + +static void oauth2_access_token_done( struct http_request *req ) +{ + struct oauth2_access_token_data *cb_data = req->data; + char *atoken = NULL, *rtoken = NULL; + const char *content_type; + + if( getenv( "BITLBEE_DEBUG" ) && req->reply_body ) + printf( "%s\n", req->reply_body ); + + content_type = get_rfc822_header( req->reply_headers, "Content-Type", 0 ); + + if( req->status_code != 200 ) + { + } + else if( content_type && strstr( content_type, "application/json" ) ) + { + atoken = oauth2_json_dumb_get( req->reply_body, "access_token" ); + rtoken = oauth2_json_dumb_get( req->reply_body, "refresh_token" ); + if( getenv( "BITLBEE_DEBUG" ) ) + printf( "Extracted atoken=%s rtoken=%s\n", atoken, rtoken ); + } + else + { + /* Facebook use their own odd format here, seems to be URL-encoded. */ + GSList *p_in = NULL; + + oauth_params_parse( &p_in, req->reply_body ); + atoken = g_strdup( oauth_params_get( &p_in, "access_token" ) ); + rtoken = g_strdup( oauth_params_get( &p_in, "refresh_token" ) ); + oauth_params_free( &p_in ); + } + cb_data->func( cb_data->data, atoken, rtoken ); + g_free( atoken ); + g_free( rtoken ); + g_free( cb_data ); +} + +/* Super dumb. I absolutely refuse to use/add a complete json parser library + (adding a new dependency to BitlBee for the first time in.. 6 years?) just + to parse 100 bytes of data. So I have to do my own parsing because OAuth2 + dropped support for XML. (GRRR!) This is very dumb and for example won't + work for integer values, nor will it strip/handle backslashes. */ +static char *oauth2_json_dumb_get( const char *json, const char *key ) +{ + int is_key; /* 1 == reading key, 0 == reading value */ + int found_key = 0; + + while( json && *json ) + { + /* Grab strings and see if they're what we're looking for. */ + if( *json == '"' || *json == '\'' ) + { + char q = *json; + const char *str_start; + json ++; + str_start = json; + + while( *json ) + { + /* \' and \" are not string terminators. */ + if( *json == '\\' && json[1] == q ) + json ++; + /* But without a \ it is. */ + else if( *json == q ) + break; + json ++; + } + if( *json == '\0' ) + return NULL; + + if( is_key && strncmp( str_start, key, strlen( key ) ) == 0 ) + { + found_key = 1; + } + else if( !is_key && found_key ) + { + char *ret = g_memdup( str_start, json - str_start + 1 ); + ret[json-str_start] = '\0'; + return ret; + } + + } + else if( *json == '{' || *json == ',' ) + { + found_key = 0; + is_key = 1; + } + else if( *json == ':' ) + is_key = 0; + + json ++; + } + + return NULL; +} diff --git a/lib/oauth2.h b/lib/oauth2.h new file mode 100644 index 00000000..c8d18963 --- /dev/null +++ b/lib/oauth2.h @@ -0,0 +1,50 @@ +/***************************************************************************\ +* * +* BitlBee - An IRC to IM gateway * +* Simple OAuth2 client (consumer) implementation. * +* * +* Copyright 2010-2011 Wilmer van der Gaast <wilmer@gaast.net> * +* * +* This program is free software; you can redistribute it and/or modify * +* it under the terms of the GNU General Public License as published by * +* the Free Software Foundation; either version 2 of the License, or * +* (at your option) any later version. * +* * +* This program is distributed in the hope that it will be useful, * +* but WITHOUT ANY WARRANTY; without even the implied warranty of * +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * +* GNU General Public License for more details. * +* * +* You should have received a copy of the GNU General Public License along * +* with this program; if not, write to the Free Software Foundation, Inc., * +* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * +* * +\***************************************************************************/ + +/* Implementation mostly based on my experience with writing the previous OAuth + module, and from http://code.google.com/apis/accounts/docs/OAuth2.html . */ + +typedef void (*oauth2_token_callback)( gpointer data, const char *atoken, const char *rtoken ); + +struct oauth2_service +{ + char *auth_url; + char *token_url; + char *redirect_url; + char *scope; + char *consumer_key; + char *consumer_secret; +}; + +#define OAUTH2_AUTH_CODE "authorization_code" +#define OAUTH2_AUTH_REFRESH "refresh_token" + +/* Generate a URL the user should open in his/her browser to get an + authorization code. */ +char *oauth2_url( const struct oauth2_service *sp ); + +/* Exchanges an auth code or refresh token for an access token. + auth_type is one of the two OAUTH2_AUTH_.. constants above. */ +int oauth2_access_token( const struct oauth2_service *sp, + const char *auth_type, const char *auth, + oauth2_token_callback func, gpointer data ); diff --git a/protocols/jabber/conference.c b/protocols/jabber/conference.c index 0c2db0b3..74561d24 100644 --- a/protocols/jabber/conference.c +++ b/protocols/jabber/conference.c @@ -210,6 +210,7 @@ void jabber_chat_pkt_presence( struct im_connection *ic, struct jabber_buddy *bu struct groupchat *chat; struct xt_node *c; char *type = xt_find_attr( node, "type" ); + struct jabber_data *jd = ic->proto_data; struct jabber_chat *jc; char *s; @@ -251,7 +252,7 @@ void jabber_chat_pkt_presence( struct im_connection *ic, struct jabber_buddy *bu { if( bud == jc->me ) { - bud->ext_jid = jabber_normalize( ic->acc->user ); + bud->ext_jid = g_strdup( jd->me ); } else { diff --git a/protocols/jabber/iq.c b/protocols/jabber/iq.c index 0c5671d0..2cdc681e 100644 --- a/protocols/jabber/iq.c +++ b/protocols/jabber/iq.c @@ -30,6 +30,7 @@ static xt_status jabber_iq_display_vcard( struct im_connection *ic, struct xt_no xt_status jabber_pkt_iq( struct xt_node *node, gpointer data ) { struct im_connection *ic = data; + struct jabber_data *jd = ic->proto_data; struct xt_node *c, *reply = NULL; char *type, *s; int st, pack = 1; @@ -169,10 +170,10 @@ xt_status jabber_pkt_iq( struct xt_node *node, gpointer data ) /* This is a roster push. XMPP servers send this when someone was added to (or removed from) the buddy list. AFAIK they're sent even if we added this buddy in our own session. */ - int bare_len = strlen( ic->acc->user ); + int bare_len = strlen( jd->me ); if( ( s = xt_find_attr( node, "from" ) ) == NULL || - ( strncmp( s, ic->acc->user, bare_len ) == 0 && + ( strncmp( s, jd->me, bare_len ) == 0 && ( s[bare_len] == 0 || s[bare_len] == '/' ) ) ) { jabber_parse_roster( ic, node, NULL ); @@ -342,8 +343,25 @@ xt_status jabber_pkt_bind_sess( struct im_connection *ic, struct xt_node *node, if( node && ( c = xt_find_node( node->children, "bind" ) ) ) { c = xt_find_node( c->children, "jid" ); - if( c && c->text_len && ( s = strchr( c->text, '/' ) ) && - strcmp( s + 1, set_getstr( &ic->acc->set, "resource" ) ) != 0 ) + if( !c || !c->text ) + { + /* Server is crap, but this is no disaster. */ + } + else if( strncmp( jd->me, c->text, strlen( jd->me ) ) != 0 ) + { + s = strchr( c->text, '/' ); + if( s ) + *s = '\0'; + jabber_set_me( ic, c->text ); + imcb_log( ic, "Server claims your JID is `%s' instead of `%s'. " + "This mismatch may cause problems with groupchats " + "and possibly other things.", + c->text, ic->acc->user ); + if( s ) + *s = '/'; + } + else if( c && c->text_len && ( s = strchr( c->text, '/' ) ) && + strcmp( s + 1, set_getstr( &ic->acc->set, "resource" ) ) != 0 ) imcb_log( ic, "Server changed session resource string to `%s'", s + 1 ); } diff --git a/protocols/jabber/jabber.c b/protocols/jabber/jabber.c index 372d73a9..92256a71 100644 --- a/protocols/jabber/jabber.c +++ b/protocols/jabber/jabber.c @@ -31,6 +31,7 @@ #include "xmltree.h" #include "bitlbee.h" #include "jabber.h" +#include "oauth.h" #include "md5.h" GSList *jabber_connections; @@ -59,6 +60,8 @@ static void jabber_init( account_t *acc ) s = set_add( &acc->set, "activity_timeout", "600", set_eval_int, acc ); + s = set_add( &acc->set, "oauth", "false", set_eval_oauth, acc ); + g_snprintf( str, sizeof( str ), "%d", jabber_port_list[0] ); s = set_add( &acc->set, "port", str, set_eval_int, acc ); s->flags |= ACC_SET_OFFLINE_ONLY; @@ -72,6 +75,9 @@ static void jabber_init( account_t *acc ) s = set_add( &acc->set, "resource_select", "activity", NULL, acc ); + s = set_add( &acc->set, "sasl", "true", set_eval_bool, acc ); + s->flags |= ACC_SET_OFFLINE_ONLY | SET_HIDDEN_DEFAULT; + s = set_add( &acc->set, "server", NULL, set_eval_account, acc ); s->flags |= ACC_SET_NOSAVE | ACC_SET_OFFLINE_ONLY | SET_NULL_OK; @@ -84,9 +90,6 @@ static void jabber_init( account_t *acc ) s = set_add( &acc->set, "tls_verify", "true", set_eval_bool, acc ); s->flags |= ACC_SET_OFFLINE_ONLY; - s = set_add( &acc->set, "sasl", "true", set_eval_bool, acc ); - s->flags |= ACC_SET_OFFLINE_ONLY | SET_HIDDEN_DEFAULT; - s = set_add( &acc->set, "user_agent", "BitlBee", NULL, acc ); s = set_add( &acc->set, "xmlconsole", "false", set_eval_bool, acc ); @@ -101,9 +104,7 @@ static void jabber_login( account_t *acc ) { struct im_connection *ic = imcb_new( acc ); struct jabber_data *jd = g_new0( struct jabber_data, 1 ); - struct ns_srv_reply **srvl = NULL, *srv = NULL; - char *connect_to, *s; - int i; + char *s; /* For now this is needed in the _connected() handlers if using GLib event handling, to make sure we're not handling events @@ -113,8 +114,7 @@ static void jabber_login( account_t *acc ) jd->ic = ic; ic->proto_data = jd; - jd->username = g_strdup( acc->user ); - jd->server = strchr( jd->username, '@' ); + jabber_set_me( ic, acc->user ); jd->fd = jd->r_inpa = jd->w_inpa = -1; @@ -125,10 +125,6 @@ static void jabber_login( account_t *acc ) return; } - /* So don't think of free()ing jd->server.. :-) */ - *jd->server = 0; - jd->server ++; - if( ( s = strchr( jd->server, '/' ) ) ) { *s = 0; @@ -140,63 +136,62 @@ static void jabber_login( account_t *acc ) *s = 0; } - /* This code isn't really pretty. Backwards compatibility never is... */ - s = acc->server; - while( s ) + jd->node_cache = g_hash_table_new_full( g_str_hash, g_str_equal, NULL, jabber_cache_entry_free ); + jd->buddies = g_hash_table_new( g_str_hash, g_str_equal ); + + if( set_getbool( &acc->set, "oauth" ) ) { - static int had_port = 0; + GSList *p_in = NULL; + const char *tok; + + jd->fd = jd->r_inpa = jd->w_inpa = -1; - if( strncmp( s, "ssl", 3 ) == 0 ) + if( strstr( jd->server, ".live.com" ) ) + jd->oauth2_service = &oauth2_service_mslive; + else if( strstr( jd->server, ".facebook.com" ) ) + jd->oauth2_service = &oauth2_service_facebook; + else + jd->oauth2_service = &oauth2_service_google; + + oauth_params_parse( &p_in, ic->acc->pass ); + + /* First see if we have a refresh token, in which case any + access token we *might* have has probably expired already + anyway. */ + if( ( tok = oauth_params_get( &p_in, "refresh_token" ) ) ) { - set_setstr( &acc->set, "ssl", "true" ); - - /* Flush this part so that (if this was the first - part of the server string) acc->server gets - flushed. We don't want to have to do this another - time. :-) */ - *s = 0; - s ++; - - /* Only set this if the user didn't specify a custom - port number already... */ - if( !had_port ) - set_setint( &acc->set, "port", 5223 ); + sasl_oauth2_refresh( ic, tok ); } - else if( isdigit( *s ) ) + /* If we don't have a refresh token, let's hope the access + token is still usable. */ + else if( ( tok = oauth_params_get( &p_in, "access_token" ) ) ) { - int i; - - /* The first character is a digit. It could be an - IP address though. Only accept this as a port# - if there are only digits. */ - for( i = 0; isdigit( s[i] ); i ++ ); - - /* If the first non-digit character is a colon or - the end of the string, save the port number - where it should be. */ - if( s[i] == ':' || s[i] == 0 ) - { - sscanf( s, "%d", &i ); - set_setint( &acc->set, "port", i ); - - /* See above. */ - *s = 0; - s ++; - } - - had_port = 1; + jd->oauth2_access_token = g_strdup( tok ); + jabber_connect( ic ); } - - s = strchr( s, ':' ); - if( s ) + /* If we don't have any, start the OAuth process now. Don't + even open an XMPP connection yet. */ + else { - *s = 0; - s ++; + sasl_oauth2_init( ic ); + ic->flags |= OPT_SLOW_LOGIN; } + + oauth_params_free( &p_in ); } - - jd->node_cache = g_hash_table_new_full( g_str_hash, g_str_equal, NULL, jabber_cache_entry_free ); - jd->buddies = g_hash_table_new( g_str_hash, g_str_equal ); + else + jabber_connect( ic ); +} + +/* Separate this from jabber_login() so we can do OAuth first if necessary. + Putting this in io.c would probably be more correct. */ +void jabber_connect( struct im_connection *ic ) +{ + account_t *acc = ic->acc; + struct jabber_data *jd = ic->proto_data; + int i; + char *connect_to; + struct ns_srv_reply **srvl = NULL, *srv = NULL; /* Figure out the hostname to connect to. */ if( acc->server && *acc->server ) @@ -321,8 +316,10 @@ static void jabber_logout( struct im_connection *ic ) xt_free( jd->xt ); + g_free( jd->oauth2_access_token ); g_free( jd->away_message ); g_free( jd->username ); + g_free( jd->me ); g_free( jd ); jabber_connections = g_slist_remove( jabber_connections, ic ); @@ -339,6 +336,20 @@ static int jabber_buddy_msg( struct im_connection *ic, char *who, char *message, if( g_strcasecmp( who, JABBER_XMLCONSOLE_HANDLE ) == 0 ) return jabber_write( ic, message, strlen( message ) ); + if( g_strcasecmp( who, "jabber_oauth" ) == 0 ) + { + if( sasl_oauth2_get_refresh_token( ic, message ) ) + { + return 1; + } + else + { + imcb_error( ic, "OAuth failure" ); + imc_logout( ic, TRUE ); + return 0; + } + } + if( ( s = strchr( who, '=' ) ) && jabber_chat_by_jid( ic, s + 1 ) ) bud = jabber_buddy_by_ext_jid( ic, who, 0 ); else @@ -490,11 +501,12 @@ static void jabber_chat_leave_( struct groupchat *c ) static void jabber_chat_invite_( struct groupchat *c, char *who, char *msg ) { + struct jabber_data *jd = c->ic->proto_data; struct jabber_chat *jc = c->data; gchar *msg_alt = NULL; if( msg == NULL ) - msg_alt = g_strdup_printf( "%s invited you to %s", c->ic->acc->user, jc->name ); + msg_alt = g_strdup_printf( "%s invited you to %s", jd->me, jc->name ); if( c && who ) jabber_chat_invite( c, who, msg ? msg : msg_alt ); diff --git a/protocols/jabber/jabber.h b/protocols/jabber/jabber.h index 5996c301..76546bde 100644 --- a/protocols/jabber/jabber.h +++ b/protocols/jabber/jabber.h @@ -46,6 +46,8 @@ typedef enum activates all XEP-85 related code. */ JFLAG_XMLCONSOLE = 64, /* If the user added an xmlconsole buddy. */ JFLAG_STARTTLS_DONE = 128, /* If a plaintext session was converted to TLS. */ + + JFLAG_SASL_FB = 0x10000, /* Trying Facebook authentication. */ } jabber_flags_t; typedef enum @@ -91,6 +93,10 @@ struct jabber_data char *username; /* USERNAME@server */ char *server; /* username@SERVER -=> server/domain, not hostname */ + char *me; /* bare jid */ + + const struct oauth2_service *oauth2_service; + char *oauth2_access_token; /* After changing one of these two (or the priority setting), call presence_send_update() to inform the server about the changes. */ @@ -231,6 +237,9 @@ struct jabber_transfer #define XMLNS_BYTESTREAMS "http://jabber.org/protocol/bytestreams" /* XEP-0065 */ #define XMLNS_IBB "http://jabber.org/protocol/ibb" /* XEP-0047 */ +/* jabber.c */ +void jabber_connect( struct im_connection *ic ); + /* iq.c */ xt_status jabber_pkt_iq( struct xt_node *node, gpointer data ); int jabber_init_iq_auth( struct im_connection *ic ); @@ -299,6 +308,7 @@ void jabber_buddy_remove_all( struct im_connection *ic ); time_t jabber_get_timestamp( struct xt_node *xt ); struct jabber_error *jabber_error_parse( struct xt_node *node, char *xmlns ); void jabber_error_free( struct jabber_error *err ); +gboolean jabber_set_me( struct im_connection *ic, const char *me ); extern const struct jabber_away_state jabber_away_state_list[]; @@ -315,6 +325,13 @@ xt_status sasl_pkt_mechanisms( struct xt_node *node, gpointer data ); xt_status sasl_pkt_challenge( struct xt_node *node, gpointer data ); xt_status sasl_pkt_result( struct xt_node *node, gpointer data ); gboolean sasl_supported( struct im_connection *ic ); +void sasl_oauth2_init( struct im_connection *ic ); +int sasl_oauth2_get_refresh_token( struct im_connection *ic, const char *msg ); +int sasl_oauth2_refresh( struct im_connection *ic, const char *refresh_token ); + +extern const struct oauth2_service oauth2_service_google; +extern const struct oauth2_service oauth2_service_facebook; +extern const struct oauth2_service oauth2_service_mslive; /* conference.c */ struct groupchat *jabber_chat_join( struct im_connection *ic, const char *room, const char *nick, const char *password ); diff --git a/protocols/jabber/jabber_util.c b/protocols/jabber/jabber_util.c index e6b13659..d181b904 100644 --- a/protocols/jabber/jabber_util.c +++ b/protocols/jabber/jabber_util.c @@ -760,3 +760,21 @@ void jabber_error_free( struct jabber_error *err ) { g_free( err ); } + +gboolean jabber_set_me( struct im_connection *ic, const char *me ) +{ + struct jabber_data *jd = ic->proto_data; + + if( strchr( me, '@' ) == NULL ) + return FALSE; + + g_free( jd->username ); + g_free( jd->me ); + + jd->me = jabber_normalize( me ); + jd->server = strchr( jd->me, '@' ); + jd->username = g_strndup( jd->me, jd->server - jd->me ); + jd->server ++; + + return TRUE; +} diff --git a/protocols/jabber/sasl.c b/protocols/jabber/sasl.c index 53248ef3..2f45eb20 100644 --- a/protocols/jabber/sasl.c +++ b/protocols/jabber/sasl.c @@ -25,6 +25,36 @@ #include "jabber.h" #include "base64.h" +#include "oauth2.h" +#include "oauth.h" + +const struct oauth2_service oauth2_service_google = +{ + "https://accounts.google.com/o/oauth2/auth", + "https://accounts.google.com/o/oauth2/token", + "urn:ietf:wg:oauth:2.0:oob", + "https://www.googleapis.com/auth/googletalk", + "783993391592.apps.googleusercontent.com", + "6C-Zgf7Tr7gEQTPlBhMUgo7R", +}; +const struct oauth2_service oauth2_service_facebook = +{ + "https://www.facebook.com/dialog/oauth", + "https://graph.facebook.com/oauth/access_token", + "http://www.bitlbee.org/main.php/Facebook/oauth2.html", + "offline_access,xmpp_login", + "126828914005625", + "4b100f0f244d620bf3f15f8b217d4c32", +}; +const struct oauth2_service oauth2_service_mslive = +{ + "https://oauth.live.com/authorize", + "https://oauth.live.com/token", + "http://www.bitlbee.org/main.php/Messenger/oauth2.html", + "wl.offline_access%20wl.messenger", + "000000004C06FCD1", + "IRKlBPzJJAWcY-TbZjiTEJu9tn7XCFaV", +}; xt_status sasl_pkt_mechanisms( struct xt_node *node, gpointer data ) { @@ -32,7 +62,9 @@ xt_status sasl_pkt_mechanisms( struct xt_node *node, gpointer data ) struct jabber_data *jd = ic->proto_data; struct xt_node *c, *reply; char *s; - int sup_plain = 0, sup_digest = 0; + int sup_plain = 0, sup_digest = 0, sup_gtalk = 0, sup_fb = 0, sup_ms = 0; + int want_oauth = FALSE; + GString *mechs; if( !sasl_supported( ic ) ) { @@ -51,28 +83,78 @@ xt_status sasl_pkt_mechanisms( struct xt_node *node, gpointer data ) return XT_ABORT; } + mechs = g_string_new( "" ); c = node->children; while( ( c = xt_find_node( c, "mechanism" ) ) ) { if( c->text && g_strcasecmp( c->text, "PLAIN" ) == 0 ) sup_plain = 1; - if( c->text && g_strcasecmp( c->text, "DIGEST-MD5" ) == 0 ) + else if( c->text && g_strcasecmp( c->text, "DIGEST-MD5" ) == 0 ) sup_digest = 1; + else if( c->text && g_strcasecmp( c->text, "X-OAUTH2" ) == 0 ) + sup_gtalk = 1; + else if( c->text && g_strcasecmp( c->text, "X-FACEBOOK-PLATFORM" ) == 0 ) + sup_fb = 1; + else if( c->text && g_strcasecmp( c->text, "X-MESSENGER-OAUTH2" ) == 0 ) + sup_ms = 1; + + if( c->text ) + g_string_append_printf( mechs, " %s", c->text ); c = c->next; } - if( !sup_plain && !sup_digest ) + if( !sup_plain && !sup_digest && !sup_gtalk && !sup_fb && !sup_ms ) { - imcb_error( ic, "No known SASL authentication schemes supported" ); + imcb_error( ic, "BitlBee does not support any of the offered SASL " + "authentication schemes:%s", mechs->str ); imc_logout( ic, FALSE ); + g_string_free( mechs, TRUE ); return XT_ABORT; } + g_string_free( mechs, TRUE ); reply = xt_new_node( "auth", NULL, NULL ); xt_add_attr( reply, "xmlns", XMLNS_SASL ); + want_oauth = set_getbool( &ic->acc->set, "oauth" ); - if( sup_digest ) + if( sup_gtalk && want_oauth ) + { + int len; + + /* X-OAUTH2 is, not *the* standard OAuth2 SASL/XMPP implementation. + It's currently used by GTalk and vaguely documented on + http://code.google.com/apis/cloudprint/docs/rawxmpp.html . */ + xt_add_attr( reply, "mechanism", "X-OAUTH2" ); + + len = strlen( jd->username ) + strlen( jd->oauth2_access_token ) + 2; + s = g_malloc( len + 1 ); + s[0] = 0; + strcpy( s + 1, jd->username ); + strcpy( s + 2 + strlen( jd->username ), jd->oauth2_access_token ); + reply->text = base64_encode( (unsigned char *)s, len ); + reply->text_len = strlen( reply->text ); + g_free( s ); + } + else if( sup_ms && want_oauth ) + { + xt_add_attr( reply, "mechanism", "X-MESSENGER-OAUTH2" ); + reply->text = g_strdup( jd->oauth2_access_token ); + reply->text_len = strlen( jd->oauth2_access_token ); + } + else if( sup_fb && want_oauth ) + { + xt_add_attr( reply, "mechanism", "X-FACEBOOK-PLATFORM" ); + jd->flags |= JFLAG_SASL_FB; + } + else if( want_oauth ) + { + imcb_error( ic, "OAuth requested, but not supported by server" ); + imc_logout( ic, FALSE ); + xt_free_node( reply ); + return XT_ABORT; + } + else if( sup_digest ) { xt_add_attr( reply, "mechanism", "DIGEST-MD5" ); @@ -95,7 +177,7 @@ xt_status sasl_pkt_mechanisms( struct xt_node *node, gpointer data ) g_free( s ); } - if( !jabber_write_packet( ic, reply ) ) + if( reply && !jabber_write_packet( ic, reply ) ) { xt_free_node( reply ); return XT_ABORT; @@ -196,12 +278,12 @@ xt_status sasl_pkt_challenge( struct xt_node *node, gpointer data ) { struct im_connection *ic = data; struct jabber_data *jd = ic->proto_data; - struct xt_node *reply = NULL; + struct xt_node *reply_pkt = NULL; char *nonce = NULL, *realm = NULL, *cnonce = NULL; unsigned char cnonce_bin[30]; char *digest_uri = NULL; char *dec = NULL; - char *s = NULL; + char *s = NULL, *reply = NULL; xt_status ret = XT_ABORT; if( node->text_len == 0 ) @@ -209,7 +291,33 @@ xt_status sasl_pkt_challenge( struct xt_node *node, gpointer data ) dec = frombase64( node->text ); - if( !( s = sasl_get_part( dec, "rspauth" ) ) ) + if( jd->flags & JFLAG_SASL_FB ) + { + /* Facebook proprietary authentication. Not as useful as it seemed, but + the code's written now, may as well keep it.. + + Mechanism is described on http://developers.facebook.com/docs/chat/ + and in their Python module. It's all mostly useless because the tokens + expire after 24h. */ + GSList *p_in = NULL, *p_out = NULL; + char time[33]; + + oauth_params_parse( &p_in, dec ); + oauth_params_add( &p_out, "nonce", oauth_params_get( &p_in, "nonce" ) ); + oauth_params_add( &p_out, "method", oauth_params_get( &p_in, "method" ) ); + oauth_params_free( &p_in ); + + g_snprintf( time, sizeof( time ), "%lld", (long long) ( gettime() * 1000 ) ); + oauth_params_add( &p_out, "call_id", time ); + oauth_params_add( &p_out, "api_key", oauth2_service_facebook.consumer_key ); + oauth_params_add( &p_out, "v", "1.0" ); + oauth_params_add( &p_out, "format", "XML" ); + oauth_params_add( &p_out, "access_token", jd->oauth2_access_token ); + + reply = oauth_params_string( p_out ); + oauth_params_free( &p_out ); + } + else if( !( s = sasl_get_part( dec, "rspauth" ) ) ) { /* See RFC 2831 for for information. */ md5_state_t A1, A2, H; @@ -270,23 +378,20 @@ xt_status sasl_pkt_challenge( struct xt_node *node, gpointer data ) sprintf( Hh + i * 2, "%02x", Hr[i] ); /* Now build the SASL response string: */ - g_free( dec ); - dec = g_strdup_printf( "username=\"%s\",realm=\"%s\",nonce=\"%s\",cnonce=\"%s\"," - "nc=%08x,qop=auth,digest-uri=\"%s\",response=%s,charset=%s", - jd->username, realm, nonce, cnonce, 1, digest_uri, Hh, "utf-8" ); - s = tobase64( dec ); + reply = g_strdup_printf( "username=\"%s\",realm=\"%s\",nonce=\"%s\",cnonce=\"%s\"," + "nc=%08x,qop=auth,digest-uri=\"%s\",response=%s,charset=%s", + jd->username, realm, nonce, cnonce, 1, digest_uri, Hh, "utf-8" ); } else { /* We found rspauth, but don't really care... */ - g_free( s ); - s = NULL; } - reply = xt_new_node( "response", s, NULL ); - xt_add_attr( reply, "xmlns", XMLNS_SASL ); + s = reply ? tobase64( reply ) : NULL; + reply_pkt = xt_new_node( "response", s, NULL ); + xt_add_attr( reply_pkt, "xmlns", XMLNS_SASL ); - if( !jabber_write_packet( ic, reply ) ) + if( !jabber_write_packet( ic, reply_pkt ) ) goto silent_error; ret = XT_HANDLED; @@ -300,10 +405,11 @@ silent_error: g_free( digest_uri ); g_free( cnonce ); g_free( nonce ); + g_free( reply ); g_free( realm ); g_free( dec ); g_free( s ); - xt_free_node( reply ); + xt_free_node( reply_pkt ); return ret; } @@ -346,3 +452,95 @@ gboolean sasl_supported( struct im_connection *ic ) return ( jd->xt && jd->xt->root && xt_find_attr( jd->xt->root, "version" ) ) != 0; } + +void sasl_oauth2_init( struct im_connection *ic ) +{ + struct jabber_data *jd = ic->proto_data; + char *msg, *url; + + imcb_log( ic, "Starting OAuth authentication" ); + + /* Temporary contact, just used to receive the OAuth response. */ + imcb_add_buddy( ic, "jabber_oauth", NULL ); + url = oauth2_url( jd->oauth2_service ); + msg = g_strdup_printf( "Open this URL in your browser to authenticate: %s", url ); + imcb_buddy_msg( ic, "jabber_oauth", msg, 0, 0 ); + imcb_buddy_msg( ic, "jabber_oauth", "Respond to this message with the returned " + "authorization token.", 0, 0 ); + + g_free( msg ); + g_free( url ); +} + +static gboolean sasl_oauth2_remove_contact( gpointer data, gint fd, b_input_condition cond ) +{ + struct im_connection *ic = data; + if( g_slist_find( jabber_connections, ic ) ) + imcb_remove_buddy( ic, "jabber_oauth", NULL ); + return FALSE; +} + +static void sasl_oauth2_got_token( gpointer data, const char *access_token, const char *refresh_token ); + +int sasl_oauth2_get_refresh_token( struct im_connection *ic, const char *msg ) +{ + struct jabber_data *jd = ic->proto_data; + char *code; + int ret; + + imcb_log( ic, "Requesting OAuth access token" ); + + /* Don't do it here because the caller may get confused if the contact + we're currently sending a message to is deleted. */ + b_timeout_add( 1, sasl_oauth2_remove_contact, ic ); + + code = g_strdup( msg ); + g_strstrip( code ); + ret = oauth2_access_token( jd->oauth2_service, OAUTH2_AUTH_CODE, + code, sasl_oauth2_got_token, ic ); + + g_free( code ); + return ret; +} + +int sasl_oauth2_refresh( struct im_connection *ic, const char *refresh_token ) +{ + struct jabber_data *jd = ic->proto_data; + + return oauth2_access_token( jd->oauth2_service, OAUTH2_AUTH_REFRESH, + refresh_token, sasl_oauth2_got_token, ic ); +} + +static void sasl_oauth2_got_token( gpointer data, const char *access_token, const char *refresh_token ) +{ + struct im_connection *ic = data; + struct jabber_data *jd; + GSList *auth = NULL; + + if( g_slist_find( jabber_connections, ic ) == NULL ) + return; + + jd = ic->proto_data; + + if( access_token == NULL ) + { + imcb_error( ic, "OAuth failure (missing access token)" ); + imc_logout( ic, TRUE ); + return; + } + + oauth_params_parse( &auth, ic->acc->pass ); + if( refresh_token ) + oauth_params_set( &auth, "refresh_token", refresh_token ); + if( access_token ) + oauth_params_set( &auth, "access_token", access_token ); + + g_free( ic->acc->pass ); + ic->acc->pass = oauth_params_string( auth ); + oauth_params_free( &auth ); + + g_free( jd->oauth2_access_token ); + jd->oauth2_access_token = g_strdup( access_token ); + + jabber_connect( ic ); +} diff --git a/protocols/msn/msn.h b/protocols/msn/msn.h index da9430ab..bf7cdfa8 100644 --- a/protocols/msn/msn.h +++ b/protocols/msn/msn.h @@ -233,7 +233,6 @@ int msn_logged_in( struct im_connection *ic ); int msn_buddy_list_add( struct im_connection *ic, msn_buddy_flags_t list, const char *who, const char *realname_, const char *group ); int msn_buddy_list_remove( struct im_connection *ic, msn_buddy_flags_t list, const char *who, const char *group ); void msn_buddy_ask( bee_user_t *bu ); -char *msn_findheader( char *text, char *header, int len ); char **msn_linesplit( char *line ); int msn_handler( struct msn_handler_data *h ); void msn_msgq_purge( struct im_connection *ic, GSList **list ); diff --git a/protocols/msn/msn_util.c b/protocols/msn/msn_util.c index 7fa68915..d5a74a47 100644 --- a/protocols/msn/msn_util.c +++ b/protocols/msn/msn_util.c @@ -227,58 +227,6 @@ void msn_buddy_ask( bee_user_t *bu ) imcb_ask( bu->ic, buf, bla, msn_buddy_ask_yes, msn_buddy_ask_no ); } -char *msn_findheader( char *text, char *header, int len ) -{ - int hlen = strlen( header ), i; - char *ret; - - if( len == 0 ) - len = strlen( text ); - - i = 0; - while( ( i + hlen ) < len ) - { - /* Maybe this is a bit over-commented, but I just hate this part... */ - if( g_strncasecmp( text + i, header, hlen ) == 0 ) - { - /* Skip to the (probable) end of the header */ - i += hlen; - - /* Find the first non-[: \t] character */ - while( i < len && ( text[i] == ':' || text[i] == ' ' || text[i] == '\t' ) ) i ++; - - /* Make sure we're still inside the string */ - if( i >= len ) return( NULL ); - - /* Save the position */ - ret = text + i; - - /* Search for the end of this line */ - while( i < len && text[i] != '\r' && text[i] != '\n' ) i ++; - - /* Make sure we're still inside the string */ - if( i >= len ) return( NULL ); - - /* Copy the found data */ - return( g_strndup( ret, text + i - ret ) ); - } - - /* This wasn't the header we were looking for, skip to the next line. */ - while( i < len && ( text[i] != '\r' && text[i] != '\n' ) ) i ++; - while( i < len && ( text[i] == '\r' || text[i] == '\n' ) ) i ++; - - /* End of headers? */ - if( ( i >= 4 && strncmp( text + i - 4, "\r\n\r\n", 4 ) == 0 ) || - ( i >= 2 && ( strncmp( text + i - 2, "\n\n", 2 ) == 0 || - strncmp( text + i - 2, "\r\r", 2 ) == 0 ) ) ) - { - break; - } - } - - return( NULL ); -} - /* *NOT* thread-safe, but that's not a problem for now... */ char **msn_linesplit( char *line ) { diff --git a/protocols/msn/ns.c b/protocols/msn/ns.c index e144a8d2..0fa49ecb 100644 --- a/protocols/msn/ns.c +++ b/protocols/msn/ns.c @@ -608,7 +608,7 @@ static int msn_ns_message( struct msn_handler_data *handler, char *msg, int msgl { if( g_strcasecmp( cmd[1], "Hotmail" ) == 0 ) { - char *ct = msn_findheader( msg, "Content-Type:", msglen ); + char *ct = get_rfc822_header( msg, "Content-Type:", msglen ); if( !ct ) return( 1 ); @@ -621,8 +621,8 @@ static int msn_ns_message( struct msn_handler_data *handler, char *msg, int msgl if( !body ) return( 1 ); - mtype = msn_findheader( body, "Type:", blen ); - arg1 = msn_findheader( body, "Arg1:", blen ); + mtype = get_rfc822_header( body, "Type:", blen ); + arg1 = get_rfc822_header( body, "Arg1:", blen ); if( mtype && strcmp( mtype, "1" ) == 0 ) { @@ -641,8 +641,8 @@ static int msn_ns_message( struct msn_handler_data *handler, char *msg, int msgl { if( set_getbool( &ic->acc->set, "mail_notifications" ) ) { - char *inbox = msn_findheader( body, "Inbox-Unread:", blen ); - char *folders = msn_findheader( body, "Folders-Unread:", blen ); + char *inbox = get_rfc822_header( body, "Inbox-Unread:", blen ); + char *folders = get_rfc822_header( body, "Folders-Unread:", blen ); if( inbox && folders ) imcb_log( ic, "INBOX contains %s new messages, plus %s messages in other folders.", inbox, folders ); @@ -655,8 +655,8 @@ static int msn_ns_message( struct msn_handler_data *handler, char *msg, int msgl { if( set_getbool( &ic->acc->set, "mail_notifications" ) ) { - char *from = msn_findheader( body, "From-Addr:", blen ); - char *fromname = msn_findheader( body, "From:", blen ); + char *from = get_rfc822_header( body, "From-Addr:", blen ); + char *fromname = get_rfc822_header( body, "From:", blen ); if( from && fromname ) imcb_log( ic, "Received an e-mail message from %s <%s>.", fromname, from ); diff --git a/protocols/msn/sb.c b/protocols/msn/sb.c index 69114469..ccd65e49 100644 --- a/protocols/msn/sb.c +++ b/protocols/msn/sb.c @@ -681,7 +681,7 @@ static int msn_sb_message( struct msn_handler_data *handler, char *msg, int msgl if( strcmp( cmd[0], "MSG" ) == 0 ) { - char *ct = msn_findheader( msg, "Content-Type:", msglen ); + char *ct = get_rfc822_header( msg, "Content-Type:", msglen ); if( !ct ) return( 1 ); @@ -710,8 +710,8 @@ static int msn_sb_message( struct msn_handler_data *handler, char *msg, int msgl // Disable MSN ft support for now. else if( g_strncasecmp( ct, "text/x-msmsgsinvite", 19 ) == 0 ) { - char *command = msn_findheader( body, "Invitation-Command:", blen ); - char *cookie = msn_findheader( body, "Invitation-Cookie:", blen ); + char *command = get_rfc822_header( body, "Invitation-Command:", blen ); + char *cookie = get_rfc822_header( body, "Invitation-Cookie:", blen ); unsigned int icookie; g_free( ct ); @@ -749,7 +749,7 @@ static int msn_sb_message( struct msn_handler_data *handler, char *msg, int msgl } else if( g_strncasecmp( ct, "text/x-msmsgscontrol", 20 ) == 0 ) { - char *who = msn_findheader( msg, "TypingUser:", msglen ); + char *who = get_rfc822_header( msg, "TypingUser:", msglen ); if( who ) { diff --git a/protocols/nogaim.c b/protocols/nogaim.c index a47e0e84..773e3877 100644 --- a/protocols/nogaim.c +++ b/protocols/nogaim.c @@ -326,6 +326,21 @@ void imc_logout( struct im_connection *ic, int allow_reconnect ) imcb_log( ic, "Signing off.." ); + /* TBH I don't remember anymore why I didn't just use ic->acc... */ + for( a = bee->accounts; a; a = a->next ) + if( a->ic == ic ) + break; + + if( a && !allow_reconnect && !( ic->flags & OPT_LOGGED_IN ) && + set_getbool( &a->set, "oauth" ) ) + { + /* If this account supports OAuth, we're not logged in yet and + not allowed to retry, assume there were auth issues. Give a + helpful message on what might be necessary to fix this. */ + imcb_log( ic, "If you're having problems logging in, try re-requesting " + "an OAuth token: account %s set password \"\"", a->tag ); + } + for( l = bee->users; l; ) { bee_user_t *bu = l->data; @@ -347,10 +362,6 @@ void imc_logout( struct im_connection *ic, int allow_reconnect ) query_del_by_conn( (irc_t*) ic->bee->ui_data, ic ); - for( a = bee->accounts; a; a = a->next ) - if( a->ic == ic ) - break; - if( !a ) { /* Uhm... This is very sick. */ diff --git a/protocols/twitter/twitter.c b/protocols/twitter/twitter.c index 76ccc3eb..ef49e83a 100644 --- a/protocols/twitter/twitter.c +++ b/protocols/twitter/twitter.c @@ -219,7 +219,7 @@ static void twitter_init(account_t * acc) def_oauth = "true"; } else { /* if( strcmp( acc->prpl->name, "identica" ) == 0 ) */ def_url = IDENTICA_API_URL; - def_oauth = "false"; + def_oauth = "true"; } s = set_add(&acc->set, "auto_reply_timeout", "10800", set_eval_int, acc); @@ -239,12 +239,12 @@ static void twitter_init(account_t * acc) s = set_add(&acc->set, "mode", "chat", set_eval_mode, acc); s->flags |= ACC_SET_OFFLINE_ONLY; + s = set_add(&acc->set, "oauth", def_oauth, set_eval_oauth, acc); + s = set_add(&acc->set, "show_ids", "false", set_eval_bool, acc); s->flags |= ACC_SET_OFFLINE_ONLY; s = set_add(&acc->set, "show_old_mentions", "true", set_eval_bool, acc); - - s = set_add(&acc->set, "oauth", def_oauth, set_eval_bool, acc); } /** diff --git a/root_commands.c b/root_commands.c index 734cb0e8..f8f2e578 100644 --- a/root_commands.c +++ b/root_commands.c @@ -442,9 +442,27 @@ static void cmd_account( irc_t *irc, char **cmd ) set_setstr( &a->set, "server", cmd[5] ); } - irc_rootmsg( irc, "Account successfully added with tag %s%s", - a->tag, cmd[4] ? "" : - ", now use /OPER to enter the password" ); + irc_rootmsg( irc, "Account successfully added with tag %s", a->tag ); + + if( cmd[4] == NULL ) + { + set_t *oauth = set_find( &a->set, "oauth" ); + if( oauth && bool2int( set_value( oauth ) ) ) + { + *a->pass = '\0'; + irc_rootmsg( irc, "No need to enter a password for this " + "account since it's using OAuth" ); + } + else + { + irc_rootmsg( irc, "You can now use the /OPER command to " + "enter the password" ); + if( oauth ) + irc_rootmsg( irc, "Alternatively, enable oauth if " + "the account supports it: account %s " + "set oauth on", a->tag ); + } + } return; } @@ -84,7 +84,7 @@ char *set_getstr( set_t **head, const char *key ) if( !s || ( !s->value && !s->def ) ) return NULL; - return s->value ? s->value : s->def; + return set_value( s ); } int set_getint( set_t **head, const char *key ) @@ -249,26 +249,12 @@ char *set_eval_to_char( set_t *set, char *value ) return s; } -/* -char *set_eval_ops( set_t *set, char *value ) +char *set_eval_oauth( set_t *set, char *value ) { - irc_t *irc = set->data; - - if( g_strcasecmp( value, "user" ) == 0 ) - irc_write( irc, ":%s!%s@%s MODE %s %s %s %s", irc->mynick, irc->mynick, irc->myhost, - irc->channel, "+o-o", irc->nick, irc->mynick ); - else if( g_strcasecmp( value, "root" ) == 0 ) - irc_write( irc, ":%s!%s@%s MODE %s %s %s %s", irc->mynick, irc->mynick, irc->myhost, - irc->channel, "-o+o", irc->nick, irc->mynick ); - else if( g_strcasecmp( value, "both" ) == 0 ) - irc_write( irc, ":%s!%s@%s MODE %s %s %s %s", irc->mynick, irc->mynick, irc->myhost, - irc->channel, "+oo", irc->nick, irc->mynick ); - else if( g_strcasecmp( value, "none" ) == 0 ) - irc_write( irc, ":%s!%s@%s MODE %s %s %s %s", irc->mynick, irc->mynick, irc->myhost, - irc->channel, "-oo", irc->nick, irc->mynick ); - else - return SET_INVALID; + account_t *acc = set->data; - return value; + if( bool2int( value ) && strcmp( acc->pass, PASSWORD_PENDING ) == 0 ) + *acc->pass = '\0'; + + return set_eval_bool( set, value ); } -*/ @@ -76,6 +76,8 @@ typedef struct set struct set *next; } set_t; +#define set_value( set ) ((set)->value) ? ((set)->value) : ((set)->def) + /* Should be pretty clear. */ set_t *set_add( set_t **head, const char *key, const char *def, set_eval eval, void *data ); @@ -110,6 +112,6 @@ char *set_eval_list( set_t *set, char *value ); /* Some not very generic evaluators that really shouldn't be here... */ char *set_eval_to_char( set_t *set, char *value ); -char *set_eval_ops( set_t *set, char *value ); +char *set_eval_oauth( set_t *set, char *value ); #endif /* __SET_H__ */ |