From 59974884ba72d6e8fa008d07ee93bd228d30a99c Mon Sep 17 00:00:00 2001 From: Wilmer van der Gaast Date: Fri, 22 Sep 2006 14:04:35 +0200 Subject: Basic SASL (PLAIN only ATM) authentication code. Doesn't log in completely yet. --- protocols/jabber/sasl.c | 124 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 124 insertions(+) create mode 100644 protocols/jabber/sasl.c (limited to 'protocols/jabber/sasl.c') diff --git a/protocols/jabber/sasl.c b/protocols/jabber/sasl.c new file mode 100644 index 00000000..da577877 --- /dev/null +++ b/protocols/jabber/sasl.c @@ -0,0 +1,124 @@ +/***************************************************************************\ +* * +* BitlBee - An IRC to IM gateway * +* Jabber module - SASL authentication * +* * +* Copyright 2006 Wilmer van der Gaast * +* * +* This program is free software; you can redistribute it and/or modify * +* it under the terms of the GNU General Public License as published by * +* the Free Software Foundation; either version 2 of the License, or * +* (at your option) any later version. * +* * +* This program is distributed in the hope that it will be useful, * +* but WITHOUT ANY WARRANTY; without even the implied warranty of * +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * +* GNU General Public License for more details. * +* * +* You should have received a copy of the GNU General Public License along * +* with this program; if not, write to the Free Software Foundation, Inc., * +* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * +* * +\***************************************************************************/ + +#include "jabber.h" +#include "base64.h" + +#define SASL_NS "urn:ietf:params:xml:ns:xmpp-sasl" + +xt_status sasl_pkt_mechanisms( struct xt_node *node, gpointer data ) +{ + struct gaim_connection *gc = data; + struct jabber_data *jd = gc->proto_data; + struct xt_node *c, *reply; + char *s; + int sup_plain = 0, sup_digest = 0; + + s = xt_find_attr( node, "xmlns" ); + if( !s || strcmp( s, SASL_NS ) != 0 ) + { + signoff( gc ); + return XT_ABORT; + } + + c = node->children; + while( ( c = xt_find_node( c, "mechanism" ) ) ) + { + if( c->text && g_strcasecmp( c->text, "PLAIN" ) == 0 ) + sup_plain = 1; + if( c->text && g_strcasecmp( c->text, "DIGEST-MD5" ) == 0 ) + sup_digest = 1; + + c = c->next; + } + + if( !sup_plain && !sup_digest ) + { + signoff( gc ); + return XT_ABORT; + } + + reply = xt_new_node( "auth", NULL, NULL ); + xt_add_attr( reply, "xmlns", SASL_NS ); + + if( sup_plain ) + { + int len; + + xt_add_attr( reply, "mechanism", "PLAIN" ); + + /* With SASL PLAIN in XMPP, the text should be b64(\0user\0pass) */ + len = strlen( jd->username ) + strlen( gc->acc->pass ) + 2; + s = g_malloc( len + 1 ); + s[0] = 0; + strcpy( s + 1, jd->username ); + strcpy( s + 2 + strlen( jd->username ), gc->acc->pass ); + reply->text = base64_encode( s, len ); + reply->text_len = strlen( reply->text ); + g_free( s ); + } + + if( !jabber_write_packet( gc, reply ) ) + { + xt_free_node( reply ); + return XT_ABORT; + } + xt_free_node( reply ); + + /* To prevent classic authentication from happening. */ + jd->flags |= JFLAG_STREAM_STARTED; + + return XT_HANDLED; +} + +xt_status sasl_pkt_challenge( struct xt_node *node, gpointer data ) +{ +} + +xt_status sasl_pkt_result( struct xt_node *node, gpointer data ) +{ + struct gaim_connection *gc = data; + struct jabber_data *jd = gc->proto_data; + char *s; + + s = xt_find_attr( node, "xmlns" ); + if( !s || strcmp( s, SASL_NS ) != 0 ) + { + signoff( gc ); + return XT_ABORT; + } + + if( strcmp( node->name, "success" ) == 0 ) + { + set_login_progress( gc, 1, "Authentication finished" ); + jd->flags |= JFLAG_AUTHENTICATED | JFLAG_STREAM_RESTART; + } + else if( strcmp( node->name, "failure" ) == 0 ) + { + hide_login_progress( gc, "Authentication failure" ); + signoff( gc ); + return XT_ABORT; + } + + return XT_HANDLED; +} -- cgit v1.2.3 From 8d7429102adf8dce6844f2f3da2723d1f87c6442 Mon Sep 17 00:00:00 2001 From: Wilmer van der Gaast Date: Fri, 22 Sep 2006 18:56:58 +0200 Subject: Fixed return value on incomplete write()s in write handler, protection against write()ing to sockets that are closed already, hopefully sane detection for SASL support, and only sending type=unavailable presence tag to logged in sessions. --- protocols/jabber/sasl.c | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) (limited to 'protocols/jabber/sasl.c') diff --git a/protocols/jabber/sasl.c b/protocols/jabber/sasl.c index da577877..2f75e733 100644 --- a/protocols/jabber/sasl.c +++ b/protocols/jabber/sasl.c @@ -34,6 +34,15 @@ xt_status sasl_pkt_mechanisms( struct xt_node *node, gpointer data ) char *s; int sup_plain = 0, sup_digest = 0; + if( !sasl_supported( gc ) ) + { + /* Should abort this now, since we should already be doing + IQ authentication. Strange things happen when you try + to do both... */ + serv_got_crap( gc, "XMPP 1.0 non-compliant server seems to support SASL, please report this as a BitlBee bug!" ); + return XT_HANDLED; + } + s = xt_find_attr( node, "xmlns" ); if( !s || strcmp( s, SASL_NS ) != 0 ) { @@ -93,6 +102,7 @@ xt_status sasl_pkt_mechanisms( struct xt_node *node, gpointer data ) xt_status sasl_pkt_challenge( struct xt_node *node, gpointer data ) { + return XT_HANDLED; } xt_status sasl_pkt_result( struct xt_node *node, gpointer data ) @@ -122,3 +132,13 @@ xt_status sasl_pkt_result( struct xt_node *node, gpointer data ) return XT_HANDLED; } + +/* This one is needed to judge if we'll do authentication using IQ or SASL. + It's done by checking if the from the server has a + version attribute. I don't know if this is the right way though... */ +gboolean sasl_supported( struct gaim_connection *gc ) +{ + struct jabber_data *jd = gc->proto_data; + + return ( jd->xt && jd->xt->root && xt_find_attr( jd->xt->root, "version" ) ) != NULL; +} -- cgit v1.2.3 From fe7a55434385fd858453dffdbb425a21f41e3859 Mon Sep 17 00:00:00 2001 From: Wilmer van der Gaast Date: Fri, 22 Sep 2006 20:39:31 +0200 Subject: Better detection of successful IQ authentication (using packet caching), properly working SASL authentication (although only PLAIN so far). --- protocols/jabber/sasl.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) (limited to 'protocols/jabber/sasl.c') diff --git a/protocols/jabber/sasl.c b/protocols/jabber/sasl.c index 2f75e733..13ff9d26 100644 --- a/protocols/jabber/sasl.c +++ b/protocols/jabber/sasl.c @@ -70,7 +70,13 @@ xt_status sasl_pkt_mechanisms( struct xt_node *node, gpointer data ) reply = xt_new_node( "auth", NULL, NULL ); xt_add_attr( reply, "xmlns", SASL_NS ); - if( sup_plain ) + if( sup_digest && 0 ) + { + xt_add_attr( reply, "mechanism", "DIGEST-MD5" ); + + /* The rest will be done later, when we receive a . */ + } + else if( sup_plain ) { int len; @@ -140,5 +146,5 @@ gboolean sasl_supported( struct gaim_connection *gc ) { struct jabber_data *jd = gc->proto_data; - return ( jd->xt && jd->xt->root && xt_find_attr( jd->xt->root, "version" ) ) != NULL; + return ( (void*) ( jd->xt && jd->xt->root && xt_find_attr( jd->xt->root, "version" ) ) ) != NULL; } -- cgit v1.2.3 From d8e04849607d4a5ca590752dce37954f12179580 Mon Sep 17 00:00:00 2001 From: Wilmer van der Gaast Date: Sat, 23 Sep 2006 00:49:40 +0200 Subject: Implemented support for SASL DIGEST-MD5 authentication. --- protocols/jabber/sasl.c | 181 +++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 179 insertions(+), 2 deletions(-) (limited to 'protocols/jabber/sasl.c') diff --git a/protocols/jabber/sasl.c b/protocols/jabber/sasl.c index 13ff9d26..7a3ca112 100644 --- a/protocols/jabber/sasl.c +++ b/protocols/jabber/sasl.c @@ -70,7 +70,7 @@ xt_status sasl_pkt_mechanisms( struct xt_node *node, gpointer data ) reply = xt_new_node( "auth", NULL, NULL ); xt_add_attr( reply, "xmlns", SASL_NS ); - if( sup_digest && 0 ) + if( sup_digest ) { xt_add_attr( reply, "mechanism", "DIGEST-MD5" ); @@ -106,9 +106,186 @@ xt_status sasl_pkt_mechanisms( struct xt_node *node, gpointer data ) return XT_HANDLED; } +static char *sasl_get_part( char *data, char *field ) +{ + int i, len; + + len = strlen( field ); + + if( g_strncasecmp( data, field, len ) == 0 && data[len] == '=' ) + { + i = strlen( field ) + 1; + } + else + { + for( i = 0; data[i]; i ++ ) + { + /* If we have a ", skip until it's closed again. */ + if( data[i] == '"' ) + { + i ++; + while( data[i] != '"' || data[i-1] == '\\' ) + i ++; + } + + /* If we got a comma, we got a new field. Check it. */ + if( data[i] == ',' && + g_strncasecmp( data + i + 1, field, len ) == 0 && + data[i+len+1] == '=' ) + { + i += len + 2; + break; + } + } + } + + if( data[i] == '"' ) + { + int j; + char *ret; + + i ++; + len = 0; + while( data[i+len] != '"' || data[i+len-1] == '\\' ) + len ++; + + ret = g_strndup( data + i, len ); + for( i = j = 0; ret[i]; i ++ ) + { + if( ret[i] == '\\' ) + { + ret[j++] = ret[++i]; + } + else + { + ret[j++] = ret[i]; + } + } + ret[j] = 0; + + return ret; + } + else if( data[i] ) + { + len = 0; + while( data[i+len] && data[i+len] != ',' ) + len ++; + + return g_strndup( data + i, len ); + } + else + { + return NULL; + } +} + xt_status sasl_pkt_challenge( struct xt_node *node, gpointer data ) { - return XT_HANDLED; + struct gaim_connection *gc = data; + struct jabber_data *jd = gc->proto_data; + struct xt_node *reply = NULL; + char *nonce = NULL, *realm = NULL, *cnonce = NULL, cnonce_bin[30]; + char *digest_uri = NULL; + char *dec = NULL; + char *s = NULL; + xt_status ret = XT_ABORT; + + if( node->text_len == 0 ) + goto error; + + dec = frombase64( node->text ); + + if( !( s = sasl_get_part( dec, "rspauth" ) ) ) + { + /* See RFC 2831 for for information. */ + md5_state_t A1, A2, H; + md5_byte_t A1r[16], A2r[16], Hr[16]; + char A1h[33], A2h[33], Hh[33]; + int i; + + nonce = sasl_get_part( dec, "nonce" ); + realm = sasl_get_part( dec, "realm" ); + + if( !nonce || !realm ) + goto error; + + random_bytes( (unsigned char *) cnonce_bin, sizeof( cnonce_bin ) ); + cnonce = base64_encode( cnonce_bin, sizeof( cnonce_bin ) ); + digest_uri = g_strdup_printf( "%s/%s", "xmpp", jd->server ); + + /* Generate the MD5 hash of username:realm:password, + I decided to call it H. */ + md5_init( &H ); + s = g_strdup_printf( "%s:%s:%s", jd->username, realm, gc->acc->pass ); + md5_append( &H, (unsigned char *) s, strlen( s ) ); + g_free( s ); + md5_finish( &H, Hr ); + + /* Now generate the hex. MD5 hash of H:nonce:cnonce, called A1. */ + md5_init( &A1 ); + s = g_strdup_printf( ":%s:%s", nonce, cnonce ); + md5_append( &A1, Hr, 16 ); + md5_append( &A1, (unsigned char *) s, strlen( s ) ); + g_free( s ); + md5_finish( &A1, A1r ); + for( i = 0; i < 16; i ++ ) + sprintf( A1h + i * 2, "%02x", A1r[i] ); + + /* A2... */ + md5_init( &A2 ); + s = g_strdup_printf( "%s:%s", "AUTHENTICATE", digest_uri ); + md5_append( &A2, (unsigned char *) s, strlen( s ) ); + g_free( s ); + md5_finish( &A2, A2r ); + for( i = 0; i < 16; i ++ ) + sprintf( A2h + i * 2, "%02x", A2r[i] ); + + /* Final result: A1:nonce:00000001:cnonce:auth:A2. Let's reuse H for it. */ + md5_init( &H ); + s = g_strdup_printf( "%s:%s:%s:%s:%s:%s", A1h, nonce, "00000001", cnonce, "auth", A2h ); + md5_append( &H, (unsigned char *) s, strlen( s ) ); + g_free( s ); + md5_finish( &H, Hr ); + for( i = 0; i < 16; i ++ ) + sprintf( Hh + i * 2, "%02x", Hr[i] ); + + /* Now build the SASL response string: */ + g_free( dec ); + dec = g_strdup_printf( "username=\"%s\",realm=\"%s\",nonce=\"%s\",cnonce=\"%s\"," + "nc=%08x,qop=auth,digest-uri=\"%s\",response=%s,charset=%s", + jd->username, realm, nonce, cnonce, 1, digest_uri, Hh, "utf-8" ); + s = tobase64( dec ); + } + else + { + /* We found rspauth, but don't really care... */ + g_free( s ); + s = NULL; + } + + reply = xt_new_node( "response", s, NULL ); + xt_add_attr( reply, "xmlns", SASL_NS ); + + if( !jabber_write_packet( gc, reply ) ) + goto silent_error; + + ret = XT_HANDLED; + goto silent_error; + +error: + hide_login_progress( gc, "Incorrect SASL challenge received" ); + signoff( gc ); + +silent_error: + g_free( digest_uri ); + g_free( cnonce ); + g_free( nonce ); + g_free( realm ); + g_free( dec ); + g_free( s ); + xt_free_node( reply ); + + return ret; } xt_status sasl_pkt_result( struct xt_node *node, gpointer data ) -- cgit v1.2.3 From d9282b4b3a7a1264bf7952e5de4dbd10b6aa5e4e Mon Sep 17 00:00:00 2001 From: Wilmer van der Gaast Date: Mon, 2 Oct 2006 15:46:33 +0200 Subject: The SASL DIGEST-MD5 handler now doesn't barf on challenges without a realm (jabber.org likes to do this). --- protocols/jabber/sasl.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'protocols/jabber/sasl.c') diff --git a/protocols/jabber/sasl.c b/protocols/jabber/sasl.c index 7a3ca112..39d45c9b 100644 --- a/protocols/jabber/sasl.c +++ b/protocols/jabber/sasl.c @@ -206,9 +206,15 @@ xt_status sasl_pkt_challenge( struct xt_node *node, gpointer data ) nonce = sasl_get_part( dec, "nonce" ); realm = sasl_get_part( dec, "realm" ); - if( !nonce || !realm ) + if( !nonce ) goto error; + /* Jabber.Org considers the realm part optional and doesn't + specify one. Oh well, actually they're right, but still, + don't know if this is right... */ + if( !realm ) + realm = g_strdup( jd->server ); + random_bytes( (unsigned char *) cnonce_bin, sizeof( cnonce_bin ) ); cnonce = base64_encode( cnonce_bin, sizeof( cnonce_bin ) ); digest_uri = g_strdup_printf( "%s/%s", "xmpp", jd->server ); -- cgit v1.2.3 From 501b4e06244dbd333ee207ceade37592482e0fe7 Mon Sep 17 00:00:00 2001 From: Wilmer van der Gaast Date: Mon, 2 Oct 2006 18:42:32 +0200 Subject: Added a useful error message for SASL negotiation failures and turned off the little hack in jabber_write() for now because it breaks error handling. --- protocols/jabber/sasl.c | 1 + 1 file changed, 1 insertion(+) (limited to 'protocols/jabber/sasl.c') diff --git a/protocols/jabber/sasl.c b/protocols/jabber/sasl.c index 39d45c9b..a9676338 100644 --- a/protocols/jabber/sasl.c +++ b/protocols/jabber/sasl.c @@ -63,6 +63,7 @@ xt_status sasl_pkt_mechanisms( struct xt_node *node, gpointer data ) if( !sup_plain && !sup_digest ) { + hide_login_progress( gc, "No known SASL authentication schemes supported" ); signoff( gc ); return XT_ABORT; } -- cgit v1.2.3 From 47d3ac46306965e9db66096eef8c60c8e7985950 Mon Sep 17 00:00:00 2001 From: Wilmer van der Gaast Date: Tue, 31 Oct 2006 09:25:41 +0100 Subject: Added #defines for XML namespaces. --- protocols/jabber/sasl.c | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) (limited to 'protocols/jabber/sasl.c') diff --git a/protocols/jabber/sasl.c b/protocols/jabber/sasl.c index a9676338..68953ced 100644 --- a/protocols/jabber/sasl.c +++ b/protocols/jabber/sasl.c @@ -24,8 +24,6 @@ #include "jabber.h" #include "base64.h" -#define SASL_NS "urn:ietf:params:xml:ns:xmpp-sasl" - xt_status sasl_pkt_mechanisms( struct xt_node *node, gpointer data ) { struct gaim_connection *gc = data; @@ -44,7 +42,7 @@ xt_status sasl_pkt_mechanisms( struct xt_node *node, gpointer data ) } s = xt_find_attr( node, "xmlns" ); - if( !s || strcmp( s, SASL_NS ) != 0 ) + if( !s || strcmp( s, XMLNS_SASL ) != 0 ) { signoff( gc ); return XT_ABORT; @@ -69,7 +67,7 @@ xt_status sasl_pkt_mechanisms( struct xt_node *node, gpointer data ) } reply = xt_new_node( "auth", NULL, NULL ); - xt_add_attr( reply, "xmlns", SASL_NS ); + xt_add_attr( reply, "xmlns", XMLNS_SASL ); if( sup_digest ) { @@ -271,7 +269,7 @@ xt_status sasl_pkt_challenge( struct xt_node *node, gpointer data ) } reply = xt_new_node( "response", s, NULL ); - xt_add_attr( reply, "xmlns", SASL_NS ); + xt_add_attr( reply, "xmlns", XMLNS_SASL ); if( !jabber_write_packet( gc, reply ) ) goto silent_error; @@ -302,7 +300,7 @@ xt_status sasl_pkt_result( struct xt_node *node, gpointer data ) char *s; s = xt_find_attr( node, "xmlns" ); - if( !s || strcmp( s, SASL_NS ) != 0 ) + if( !s || strcmp( s, XMLNS_SASL ) != 0 ) { signoff( gc ); return XT_ABORT; -- cgit v1.2.3 From 0da65d5fb37691ed4d31f7ab4058732f1440db6b Mon Sep 17 00:00:00 2001 From: Wilmer van der Gaast Date: Fri, 30 Mar 2007 22:40:45 -0700 Subject: s/gaim_connection/im_connection/ and some other minor API changes. The rest will come tomorrow. It compiles, I'll leave the real testing up to someone else. ;-) --- protocols/jabber/sasl.c | 48 ++++++++++++++++++++++++------------------------ 1 file changed, 24 insertions(+), 24 deletions(-) (limited to 'protocols/jabber/sasl.c') diff --git a/protocols/jabber/sasl.c b/protocols/jabber/sasl.c index 68953ced..4943f59e 100644 --- a/protocols/jabber/sasl.c +++ b/protocols/jabber/sasl.c @@ -26,25 +26,25 @@ xt_status sasl_pkt_mechanisms( struct xt_node *node, gpointer data ) { - struct gaim_connection *gc = data; - struct jabber_data *jd = gc->proto_data; + struct im_connection *ic = data; + struct jabber_data *jd = ic->proto_data; struct xt_node *c, *reply; char *s; int sup_plain = 0, sup_digest = 0; - if( !sasl_supported( gc ) ) + if( !sasl_supported( ic ) ) { /* Should abort this now, since we should already be doing IQ authentication. Strange things happen when you try to do both... */ - serv_got_crap( gc, "XMPP 1.0 non-compliant server seems to support SASL, please report this as a BitlBee bug!" ); + serv_got_crap( ic, "XMPP 1.0 non-compliant server seems to support SASL, please report this as a BitlBee bug!" ); return XT_HANDLED; } s = xt_find_attr( node, "xmlns" ); if( !s || strcmp( s, XMLNS_SASL ) != 0 ) { - signoff( gc ); + signoff( ic ); return XT_ABORT; } @@ -61,8 +61,8 @@ xt_status sasl_pkt_mechanisms( struct xt_node *node, gpointer data ) if( !sup_plain && !sup_digest ) { - hide_login_progress( gc, "No known SASL authentication schemes supported" ); - signoff( gc ); + hide_login_progress( ic, "No known SASL authentication schemes supported" ); + signoff( ic ); return XT_ABORT; } @@ -82,17 +82,17 @@ xt_status sasl_pkt_mechanisms( struct xt_node *node, gpointer data ) xt_add_attr( reply, "mechanism", "PLAIN" ); /* With SASL PLAIN in XMPP, the text should be b64(\0user\0pass) */ - len = strlen( jd->username ) + strlen( gc->acc->pass ) + 2; + len = strlen( jd->username ) + strlen( ic->acc->pass ) + 2; s = g_malloc( len + 1 ); s[0] = 0; strcpy( s + 1, jd->username ); - strcpy( s + 2 + strlen( jd->username ), gc->acc->pass ); + strcpy( s + 2 + strlen( jd->username ), ic->acc->pass ); reply->text = base64_encode( s, len ); reply->text_len = strlen( reply->text ); g_free( s ); } - if( !jabber_write_packet( gc, reply ) ) + if( !jabber_write_packet( ic, reply ) ) { xt_free_node( reply ); return XT_ABORT; @@ -180,8 +180,8 @@ static char *sasl_get_part( char *data, char *field ) xt_status sasl_pkt_challenge( struct xt_node *node, gpointer data ) { - struct gaim_connection *gc = data; - struct jabber_data *jd = gc->proto_data; + struct im_connection *ic = data; + struct jabber_data *jd = ic->proto_data; struct xt_node *reply = NULL; char *nonce = NULL, *realm = NULL, *cnonce = NULL, cnonce_bin[30]; char *digest_uri = NULL; @@ -221,7 +221,7 @@ xt_status sasl_pkt_challenge( struct xt_node *node, gpointer data ) /* Generate the MD5 hash of username:realm:password, I decided to call it H. */ md5_init( &H ); - s = g_strdup_printf( "%s:%s:%s", jd->username, realm, gc->acc->pass ); + s = g_strdup_printf( "%s:%s:%s", jd->username, realm, ic->acc->pass ); md5_append( &H, (unsigned char *) s, strlen( s ) ); g_free( s ); md5_finish( &H, Hr ); @@ -271,15 +271,15 @@ xt_status sasl_pkt_challenge( struct xt_node *node, gpointer data ) reply = xt_new_node( "response", s, NULL ); xt_add_attr( reply, "xmlns", XMLNS_SASL ); - if( !jabber_write_packet( gc, reply ) ) + if( !jabber_write_packet( ic, reply ) ) goto silent_error; ret = XT_HANDLED; goto silent_error; error: - hide_login_progress( gc, "Incorrect SASL challenge received" ); - signoff( gc ); + hide_login_progress( ic, "Incorrect SASL challenge received" ); + signoff( ic ); silent_error: g_free( digest_uri ); @@ -295,26 +295,26 @@ silent_error: xt_status sasl_pkt_result( struct xt_node *node, gpointer data ) { - struct gaim_connection *gc = data; - struct jabber_data *jd = gc->proto_data; + struct im_connection *ic = data; + struct jabber_data *jd = ic->proto_data; char *s; s = xt_find_attr( node, "xmlns" ); if( !s || strcmp( s, XMLNS_SASL ) != 0 ) { - signoff( gc ); + signoff( ic ); return XT_ABORT; } if( strcmp( node->name, "success" ) == 0 ) { - set_login_progress( gc, 1, "Authentication finished" ); + set_login_progress( ic, 1, "Authentication finished" ); jd->flags |= JFLAG_AUTHENTICATED | JFLAG_STREAM_RESTART; } else if( strcmp( node->name, "failure" ) == 0 ) { - hide_login_progress( gc, "Authentication failure" ); - signoff( gc ); + hide_login_progress( ic, "Authentication failure" ); + signoff( ic ); return XT_ABORT; } @@ -324,9 +324,9 @@ xt_status sasl_pkt_result( struct xt_node *node, gpointer data ) /* This one is needed to judge if we'll do authentication using IQ or SASL. It's done by checking if the from the server has a version attribute. I don't know if this is the right way though... */ -gboolean sasl_supported( struct gaim_connection *gc ) +gboolean sasl_supported( struct im_connection *ic ) { - struct jabber_data *jd = gc->proto_data; + struct jabber_data *jd = ic->proto_data; return ( (void*) ( jd->xt && jd->xt->root && xt_find_attr( jd->xt->root, "version" ) ) ) != NULL; } -- cgit v1.2.3 From aef4828a1dc51de10a43bb7dd5d023de9971295b Mon Sep 17 00:00:00 2001 From: Wilmer van der Gaast Date: Thu, 5 Apr 2007 22:20:31 -0700 Subject: More cleanups, mainly in the callbacks. Replaced things like do_error_dialog() and (set|hide)_login_progress(_error)?() with things that hopefully make more sense. Although it's still not really great... --- protocols/jabber/sasl.c | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) (limited to 'protocols/jabber/sasl.c') diff --git a/protocols/jabber/sasl.c b/protocols/jabber/sasl.c index 4943f59e..ab6f6c00 100644 --- a/protocols/jabber/sasl.c +++ b/protocols/jabber/sasl.c @@ -37,14 +37,14 @@ xt_status sasl_pkt_mechanisms( struct xt_node *node, gpointer data ) /* Should abort this now, since we should already be doing IQ authentication. Strange things happen when you try to do both... */ - serv_got_crap( ic, "XMPP 1.0 non-compliant server seems to support SASL, please report this as a BitlBee bug!" ); + imc_log( ic, "XMPP 1.0 non-compliant server seems to support SASL, please report this as a BitlBee bug!" ); return XT_HANDLED; } s = xt_find_attr( node, "xmlns" ); if( !s || strcmp( s, XMLNS_SASL ) != 0 ) { - signoff( ic ); + imc_logout( ic ); return XT_ABORT; } @@ -61,8 +61,8 @@ xt_status sasl_pkt_mechanisms( struct xt_node *node, gpointer data ) if( !sup_plain && !sup_digest ) { - hide_login_progress( ic, "No known SASL authentication schemes supported" ); - signoff( ic ); + imc_error( ic, "No known SASL authentication schemes supported" ); + imc_logout( ic ); return XT_ABORT; } @@ -278,8 +278,8 @@ xt_status sasl_pkt_challenge( struct xt_node *node, gpointer data ) goto silent_error; error: - hide_login_progress( ic, "Incorrect SASL challenge received" ); - signoff( ic ); + imc_error( ic, "Incorrect SASL challenge received" ); + imc_logout( ic ); silent_error: g_free( digest_uri ); @@ -302,19 +302,19 @@ xt_status sasl_pkt_result( struct xt_node *node, gpointer data ) s = xt_find_attr( node, "xmlns" ); if( !s || strcmp( s, XMLNS_SASL ) != 0 ) { - signoff( ic ); + imc_logout( ic ); return XT_ABORT; } if( strcmp( node->name, "success" ) == 0 ) { - set_login_progress( ic, 1, "Authentication finished" ); + imc_log( ic, "Authentication finished" ); jd->flags |= JFLAG_AUTHENTICATED | JFLAG_STREAM_RESTART; } else if( strcmp( node->name, "failure" ) == 0 ) { - hide_login_progress( ic, "Authentication failure" ); - signoff( ic ); + imc_error( ic, "Authentication failure" ); + imc_logout( ic ); return XT_ABORT; } -- cgit v1.2.3 From c2fb38096ea4e75a680e57e103d4a4986aa84c75 Mon Sep 17 00:00:00 2001 From: Wilmer van der Gaast Date: Sun, 15 Apr 2007 15:39:35 -0700 Subject: Cleaned up struct im_connection. No more username/password stuff since it's in acc too. wants_to_die is now an argument to imc_logout(). --- protocols/jabber/sasl.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) (limited to 'protocols/jabber/sasl.c') diff --git a/protocols/jabber/sasl.c b/protocols/jabber/sasl.c index ab6f6c00..cbd40fb1 100644 --- a/protocols/jabber/sasl.c +++ b/protocols/jabber/sasl.c @@ -44,7 +44,8 @@ xt_status sasl_pkt_mechanisms( struct xt_node *node, gpointer data ) s = xt_find_attr( node, "xmlns" ); if( !s || strcmp( s, XMLNS_SASL ) != 0 ) { - imc_logout( ic ); + imc_log( ic, "Stream error while authenticating" ); + imc_logout( ic, FALSE ); return XT_ABORT; } @@ -62,7 +63,7 @@ xt_status sasl_pkt_mechanisms( struct xt_node *node, gpointer data ) if( !sup_plain && !sup_digest ) { imc_error( ic, "No known SASL authentication schemes supported" ); - imc_logout( ic ); + imc_logout( ic, FALSE ); return XT_ABORT; } @@ -279,7 +280,7 @@ xt_status sasl_pkt_challenge( struct xt_node *node, gpointer data ) error: imc_error( ic, "Incorrect SASL challenge received" ); - imc_logout( ic ); + imc_logout( ic, FALSE ); silent_error: g_free( digest_uri ); @@ -302,7 +303,8 @@ xt_status sasl_pkt_result( struct xt_node *node, gpointer data ) s = xt_find_attr( node, "xmlns" ); if( !s || strcmp( s, XMLNS_SASL ) != 0 ) { - imc_logout( ic ); + imc_log( ic, "Stream error while authenticating" ); + imc_logout( ic, FALSE ); return XT_ABORT; } @@ -314,7 +316,7 @@ xt_status sasl_pkt_result( struct xt_node *node, gpointer data ) else if( strcmp( node->name, "failure" ) == 0 ) { imc_error( ic, "Authentication failure" ); - imc_logout( ic ); + imc_logout( ic, FALSE ); return XT_ABORT; } -- cgit v1.2.3 From 84b045d409f1e8da6d8bf379c6fef7236dcd9bcd Mon Sep 17 00:00:00 2001 From: Wilmer van der Gaast Date: Sun, 15 Apr 2007 18:03:08 -0700 Subject: s/imc/imcb/ for callback functions. Moved things aroundin nogaim.h a little bit, grouping things by category instead of original Gaim 0.58 filename. --- protocols/jabber/sasl.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) (limited to 'protocols/jabber/sasl.c') diff --git a/protocols/jabber/sasl.c b/protocols/jabber/sasl.c index cbd40fb1..69199a8b 100644 --- a/protocols/jabber/sasl.c +++ b/protocols/jabber/sasl.c @@ -37,14 +37,14 @@ xt_status sasl_pkt_mechanisms( struct xt_node *node, gpointer data ) /* Should abort this now, since we should already be doing IQ authentication. Strange things happen when you try to do both... */ - imc_log( ic, "XMPP 1.0 non-compliant server seems to support SASL, please report this as a BitlBee bug!" ); + imcb_log( ic, "XMPP 1.0 non-compliant server seems to support SASL, please report this as a BitlBee bug!" ); return XT_HANDLED; } s = xt_find_attr( node, "xmlns" ); if( !s || strcmp( s, XMLNS_SASL ) != 0 ) { - imc_log( ic, "Stream error while authenticating" ); + imcb_log( ic, "Stream error while authenticating" ); imc_logout( ic, FALSE ); return XT_ABORT; } @@ -62,7 +62,7 @@ xt_status sasl_pkt_mechanisms( struct xt_node *node, gpointer data ) if( !sup_plain && !sup_digest ) { - imc_error( ic, "No known SASL authentication schemes supported" ); + imcb_error( ic, "No known SASL authentication schemes supported" ); imc_logout( ic, FALSE ); return XT_ABORT; } @@ -279,7 +279,7 @@ xt_status sasl_pkt_challenge( struct xt_node *node, gpointer data ) goto silent_error; error: - imc_error( ic, "Incorrect SASL challenge received" ); + imcb_error( ic, "Incorrect SASL challenge received" ); imc_logout( ic, FALSE ); silent_error: @@ -303,19 +303,19 @@ xt_status sasl_pkt_result( struct xt_node *node, gpointer data ) s = xt_find_attr( node, "xmlns" ); if( !s || strcmp( s, XMLNS_SASL ) != 0 ) { - imc_log( ic, "Stream error while authenticating" ); + imcb_log( ic, "Stream error while authenticating" ); imc_logout( ic, FALSE ); return XT_ABORT; } if( strcmp( node->name, "success" ) == 0 ) { - imc_log( ic, "Authentication finished" ); + imcb_log( ic, "Authentication finished" ); jd->flags |= JFLAG_AUTHENTICATED | JFLAG_STREAM_RESTART; } else if( strcmp( node->name, "failure" ) == 0 ) { - imc_error( ic, "Authentication failure" ); + imcb_error( ic, "Authentication failure" ); imc_logout( ic, FALSE ); return XT_ABORT; } -- cgit v1.2.3 From 3b6eadc990664f9929bceb4f7d14498cf672f0d1 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Sat, 7 Jul 2007 19:19:28 +0200 Subject: Fix some warnings in storage.c. --- protocols/jabber/sasl.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'protocols/jabber/sasl.c') diff --git a/protocols/jabber/sasl.c b/protocols/jabber/sasl.c index 69199a8b..6eee37b3 100644 --- a/protocols/jabber/sasl.c +++ b/protocols/jabber/sasl.c @@ -88,7 +88,7 @@ xt_status sasl_pkt_mechanisms( struct xt_node *node, gpointer data ) s[0] = 0; strcpy( s + 1, jd->username ); strcpy( s + 2 + strlen( jd->username ), ic->acc->pass ); - reply->text = base64_encode( s, len ); + reply->text = base64_encode( (unsigned char *)s, len ); reply->text_len = strlen( reply->text ); g_free( s ); } @@ -184,7 +184,8 @@ xt_status sasl_pkt_challenge( struct xt_node *node, gpointer data ) struct im_connection *ic = data; struct jabber_data *jd = ic->proto_data; struct xt_node *reply = NULL; - char *nonce = NULL, *realm = NULL, *cnonce = NULL, cnonce_bin[30]; + char *nonce = NULL, *realm = NULL, *cnonce = NULL; + unsigned char cnonce_bin[30]; char *digest_uri = NULL; char *dec = NULL; char *s = NULL; @@ -215,7 +216,7 @@ xt_status sasl_pkt_challenge( struct xt_node *node, gpointer data ) if( !realm ) realm = g_strdup( jd->server ); - random_bytes( (unsigned char *) cnonce_bin, sizeof( cnonce_bin ) ); + random_bytes( cnonce_bin, sizeof( cnonce_bin ) ); cnonce = base64_encode( cnonce_bin, sizeof( cnonce_bin ) ); digest_uri = g_strdup_printf( "%s/%s", "xmpp", jd->server ); -- cgit v1.2.3 From ef5c1855b406e462fb8b90b517f1672a47bcc4b5 Mon Sep 17 00:00:00 2001 From: Wilmer van der Gaast Date: Mon, 19 Nov 2007 23:14:39 +0000 Subject: Added Jabber groupchat topic support. --- protocols/jabber/sasl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'protocols/jabber/sasl.c') diff --git a/protocols/jabber/sasl.c b/protocols/jabber/sasl.c index 6eee37b3..87059051 100644 --- a/protocols/jabber/sasl.c +++ b/protocols/jabber/sasl.c @@ -331,5 +331,5 @@ gboolean sasl_supported( struct im_connection *ic ) { struct jabber_data *jd = ic->proto_data; - return ( (void*) ( jd->xt && jd->xt->root && xt_find_attr( jd->xt->root, "version" ) ) ) != NULL; + return ( jd->xt && jd->xt->root && xt_find_attr( jd->xt->root, "version" ) ) != 0; } -- cgit v1.2.3 From af97b234ad86fb9d69aa744af426591e4b1eaf97 Mon Sep 17 00:00:00 2001 From: Wilmer van der Gaast Date: Sat, 16 Feb 2008 13:17:52 +0000 Subject: Improved sasl_get_part() to deal with whitespace in challenge strings, as described in RFC 2831 secion 7.1 (the #rule description). Closes bug #362. --- protocols/jabber/sasl.c | 27 ++++++++++++++++++++------- 1 file changed, 20 insertions(+), 7 deletions(-) (limited to 'protocols/jabber/sasl.c') diff --git a/protocols/jabber/sasl.c b/protocols/jabber/sasl.c index 87059051..53248ef3 100644 --- a/protocols/jabber/sasl.c +++ b/protocols/jabber/sasl.c @@ -21,6 +21,8 @@ * * \***************************************************************************/ +#include + #include "jabber.h" #include "base64.h" @@ -106,12 +108,17 @@ xt_status sasl_pkt_mechanisms( struct xt_node *node, gpointer data ) return XT_HANDLED; } -static char *sasl_get_part( char *data, char *field ) +/* Non-static function, but not mentioned in jabber.h because it's for internal + use, just that the unittest should be able to reach it... */ +char *sasl_get_part( char *data, char *field ) { int i, len; len = strlen( field ); + while( isspace( *data ) || *data == ',' ) + data ++; + if( g_strncasecmp( data, field, len ) == 0 && data[len] == '=' ) { i = strlen( field ) + 1; @@ -128,13 +135,19 @@ static char *sasl_get_part( char *data, char *field ) i ++; } - /* If we got a comma, we got a new field. Check it. */ - if( data[i] == ',' && - g_strncasecmp( data + i + 1, field, len ) == 0 && - data[i+len+1] == '=' ) + /* If we got a comma, we got a new field. Check it, + find the next key after it. */ + if( data[i] == ',' ) { - i += len + 2; - break; + while( isspace( data[i] ) || data[i] == ',' ) + i ++; + + if( g_strncasecmp( data + i, field, len ) == 0 && + data[i+len] == '=' ) + { + i += len + 1; + break; + } } } } -- cgit v1.2.3