Mercurial > pidgin.yaz
comparison libpurple/protocols/jabber/auth.c @ 15823:32c366eeeb99
sed -ie 's/gaim/purple/g'
author | Sean Egan <seanegan@gmail.com> |
---|---|
date | Mon, 19 Mar 2007 07:01:17 +0000 |
parents | 51dd9ae01585 |
children | 87ea711b9781 |
comparison
equal
deleted
inserted
replaced
15822:84b0f9b23ede | 15823:32c366eeeb99 |
---|---|
1 /* | 1 /* |
2 * gaim - Jabber Protocol Plugin | 2 * purple - Jabber Protocol Plugin |
3 * | 3 * |
4 * Copyright (C) 2003, Nathan Walp <faceprint@faceprint.com> | 4 * Copyright (C) 2003, Nathan Walp <faceprint@faceprint.com> |
5 * | 5 * |
6 * This program is free software; you can redistribute it and/or modify | 6 * This program is free software; you can redistribute it and/or modify |
7 * it under the terms of the GNU General Public License as published by | 7 * it under the terms of the GNU General Public License as published by |
39 jabber_process_starttls(JabberStream *js, xmlnode *packet) | 39 jabber_process_starttls(JabberStream *js, xmlnode *packet) |
40 { | 40 { |
41 xmlnode *starttls; | 41 xmlnode *starttls; |
42 | 42 |
43 if((starttls = xmlnode_get_child(packet, "starttls"))) { | 43 if((starttls = xmlnode_get_child(packet, "starttls"))) { |
44 if(gaim_ssl_is_supported()) { | 44 if(purple_ssl_is_supported()) { |
45 jabber_send_raw(js, | 45 jabber_send_raw(js, |
46 "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>", -1); | 46 "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>", -1); |
47 return TRUE; | 47 return TRUE; |
48 } else if(xmlnode_get_child(starttls, "required")) { | 48 } else if(xmlnode_get_child(starttls, "required")) { |
49 gaim_connection_error(js->gc, _("Server requires TLS/SSL for login. No TLS/SSL support found.")); | 49 purple_connection_error(js->gc, _("Server requires TLS/SSL for login. No TLS/SSL support found.")); |
50 return TRUE; | 50 return TRUE; |
51 } | 51 } |
52 } | 52 } |
53 | 53 |
54 return FALSE; | 54 return FALSE; |
70 response = g_string_new(""); | 70 response = g_string_new(""); |
71 response = g_string_append_len(response, "\0", 1); | 71 response = g_string_append_len(response, "\0", 1); |
72 response = g_string_append(response, js->user->node); | 72 response = g_string_append(response, js->user->node); |
73 response = g_string_append_len(response, "\0", 1); | 73 response = g_string_append_len(response, "\0", 1); |
74 response = g_string_append(response, | 74 response = g_string_append(response, |
75 gaim_connection_get_password(js->gc)); | 75 purple_connection_get_password(js->gc)); |
76 | 76 |
77 enc_out = gaim_base64_encode((guchar *)response->str, response->len); | 77 enc_out = purple_base64_encode((guchar *)response->str, response->len); |
78 | 78 |
79 xmlnode_set_attrib(auth, "mechanism", "PLAIN"); | 79 xmlnode_set_attrib(auth, "mechanism", "PLAIN"); |
80 xmlnode_insert_data(auth, enc_out, -1); | 80 xmlnode_insert_data(auth, enc_out, -1); |
81 g_free(enc_out); | 81 g_free(enc_out); |
82 g_string_free(response, TRUE); | 82 g_string_free(response, TRUE); |
92 x = xmlnode_new_child(query, "username"); | 92 x = xmlnode_new_child(query, "username"); |
93 xmlnode_insert_data(x, js->user->node, -1); | 93 xmlnode_insert_data(x, js->user->node, -1); |
94 x = xmlnode_new_child(query, "resource"); | 94 x = xmlnode_new_child(query, "resource"); |
95 xmlnode_insert_data(x, js->user->resource, -1); | 95 xmlnode_insert_data(x, js->user->resource, -1); |
96 x = xmlnode_new_child(query, "password"); | 96 x = xmlnode_new_child(query, "password"); |
97 xmlnode_insert_data(x, gaim_connection_get_password(js->gc), -1); | 97 xmlnode_insert_data(x, purple_connection_get_password(js->gc), -1); |
98 jabber_iq_set_callback(iq, auth_old_result_cb, NULL); | 98 jabber_iq_set_callback(iq, auth_old_result_cb, NULL); |
99 jabber_iq_send(iq); | 99 jabber_iq_send(iq); |
100 } | 100 } |
101 } | 101 } |
102 | 102 |
103 static void allow_plaintext_auth(GaimAccount *account) | 103 static void allow_plaintext_auth(PurpleAccount *account) |
104 { | 104 { |
105 gaim_account_set_bool(account, "auth_plain_in_clear", TRUE); | 105 purple_account_set_bool(account, "auth_plain_in_clear", TRUE); |
106 | 106 |
107 finish_plaintext_authentication(account->gc->proto_data); | 107 finish_plaintext_authentication(account->gc->proto_data); |
108 } | 108 } |
109 | 109 |
110 static void disallow_plaintext_auth(GaimAccount *account) | 110 static void disallow_plaintext_auth(PurpleAccount *account) |
111 { | 111 { |
112 gaim_connection_error(account->gc, _("Server requires plaintext authentication over an unencrypted stream")); | 112 purple_connection_error(account->gc, _("Server requires plaintext authentication over an unencrypted stream")); |
113 } | 113 } |
114 | 114 |
115 #ifdef HAVE_CYRUS_SASL | 115 #ifdef HAVE_CYRUS_SASL |
116 | 116 |
117 static void jabber_auth_start_cyrus(JabberStream *); | 117 static void jabber_auth_start_cyrus(JabberStream *); |
148 } | 148 } |
149 | 149 |
150 static int jabber_sasl_cb_secret(sasl_conn_t *conn, void *ctx, int id, sasl_secret_t **secret) | 150 static int jabber_sasl_cb_secret(sasl_conn_t *conn, void *ctx, int id, sasl_secret_t **secret) |
151 { | 151 { |
152 JabberStream *js = (JabberStream *)ctx; | 152 JabberStream *js = (JabberStream *)ctx; |
153 const char *pw = gaim_account_get_password(js->gc->account); | 153 const char *pw = purple_account_get_password(js->gc->account); |
154 size_t len; | 154 size_t len; |
155 static sasl_secret_t *x = NULL; | 155 static sasl_secret_t *x = NULL; |
156 | 156 |
157 if (!conn || !secret || id != SASL_CB_PASS) | 157 if (!conn || !secret || id != SASL_CB_PASS) |
158 return SASL_BADPARAM; | 158 return SASL_BADPARAM; |
168 | 168 |
169 *secret = x; | 169 *secret = x; |
170 return SASL_OK; | 170 return SASL_OK; |
171 } | 171 } |
172 | 172 |
173 static void allow_cyrus_plaintext_auth(GaimAccount *account) | 173 static void allow_cyrus_plaintext_auth(PurpleAccount *account) |
174 { | 174 { |
175 gaim_account_set_bool(account, "auth_plain_in_clear", TRUE); | 175 purple_account_set_bool(account, "auth_plain_in_clear", TRUE); |
176 | 176 |
177 jabber_auth_start_cyrus(account->gc->proto_data); | 177 jabber_auth_start_cyrus(account->gc->proto_data); |
178 } | 178 } |
179 | 179 |
180 static void jabber_auth_start_cyrus(JabberStream *js) | 180 static void jabber_auth_start_cyrus(JabberStream *js) |
192 secprops.security_flags = SASL_SEC_NOANONYMOUS; | 192 secprops.security_flags = SASL_SEC_NOANONYMOUS; |
193 | 193 |
194 if (!js->gsc) { | 194 if (!js->gsc) { |
195 secprops.max_ssf = -1; | 195 secprops.max_ssf = -1; |
196 secprops.maxbufsize = 4096; | 196 secprops.maxbufsize = 4096; |
197 plaintext = gaim_account_get_bool(js->gc->account, "auth_plain_in_clear", FALSE); | 197 plaintext = purple_account_get_bool(js->gc->account, "auth_plain_in_clear", FALSE); |
198 if (!plaintext) | 198 if (!plaintext) |
199 secprops.security_flags |= SASL_SEC_NOPLAINTEXT; | 199 secprops.security_flags |= SASL_SEC_NOPLAINTEXT; |
200 } else { | 200 } else { |
201 secprops.max_ssf = 0; | 201 secprops.max_ssf = 0; |
202 secprops.maxbufsize = 0; | 202 secprops.maxbufsize = 0; |
209 again = FALSE; | 209 again = FALSE; |
210 | 210 |
211 js->sasl_state = sasl_client_new("xmpp", js->serverFQDN, NULL, NULL, js->sasl_cb, 0, &js->sasl); | 211 js->sasl_state = sasl_client_new("xmpp", js->serverFQDN, NULL, NULL, js->sasl_cb, 0, &js->sasl); |
212 if (js->sasl_state==SASL_OK) { | 212 if (js->sasl_state==SASL_OK) { |
213 sasl_setprop(js->sasl, SASL_SEC_PROPS, &secprops); | 213 sasl_setprop(js->sasl, SASL_SEC_PROPS, &secprops); |
214 gaim_debug_info("sasl", "Mechs found: %s\n", js->sasl_mechs->str); | 214 purple_debug_info("sasl", "Mechs found: %s\n", js->sasl_mechs->str); |
215 js->sasl_state = sasl_client_start(js->sasl, js->sasl_mechs->str, NULL, &clientout, &coutlen, &mech); | 215 js->sasl_state = sasl_client_start(js->sasl, js->sasl_mechs->str, NULL, &clientout, &coutlen, &mech); |
216 } | 216 } |
217 switch (js->sasl_state) { | 217 switch (js->sasl_state) { |
218 /* Success */ | 218 /* Success */ |
219 case SASL_OK: | 219 case SASL_OK: |
221 break; | 221 break; |
222 case SASL_NOMECH: | 222 case SASL_NOMECH: |
223 /* No mechanisms do what we want. See if we can add | 223 /* No mechanisms do what we want. See if we can add |
224 * plaintext ones to the list. */ | 224 * plaintext ones to the list. */ |
225 | 225 |
226 if (!gaim_account_get_password(js->gc->account)) { | 226 if (!purple_account_get_password(js->gc->account)) { |
227 gaim_connection_error(js->gc, _("Server couldn't authenticate you without a password")); | 227 purple_connection_error(js->gc, _("Server couldn't authenticate you without a password")); |
228 return; | 228 return; |
229 } else if (!plaintext) { | 229 } else if (!plaintext) { |
230 gaim_request_yes_no(js->gc, _("Plaintext Authentication"), | 230 purple_request_yes_no(js->gc, _("Plaintext Authentication"), |
231 _("Plaintext Authentication"), | 231 _("Plaintext Authentication"), |
232 _("This server requires plaintext authentication over an unencrypted connection. Allow this and continue authentication?"), | 232 _("This server requires plaintext authentication over an unencrypted connection. Allow this and continue authentication?"), |
233 2, js->gc->account, | 233 2, js->gc->account, |
234 allow_cyrus_plaintext_auth, | 234 allow_cyrus_plaintext_auth, |
235 disallow_plaintext_auth); | 235 disallow_plaintext_auth); |
236 return; | 236 return; |
237 } else { | 237 } else { |
238 gaim_connection_error(js->gc, _("Server does not use any supported authentication method")); | 238 purple_connection_error(js->gc, _("Server does not use any supported authentication method")); |
239 return; | 239 return; |
240 } | 240 } |
241 /* not reached */ | 241 /* not reached */ |
242 break; | 242 break; |
243 | 243 |
246 case SASL_NOMEM: | 246 case SASL_NOMEM: |
247 break; | 247 break; |
248 | 248 |
249 /* For everything else, fail the mechanism and try again */ | 249 /* For everything else, fail the mechanism and try again */ |
250 default: | 250 default: |
251 gaim_debug_info("sasl", "sasl_state is %d, failing the mech and trying again\n", js->sasl_state); | 251 purple_debug_info("sasl", "sasl_state is %d, failing the mech and trying again\n", js->sasl_state); |
252 | 252 |
253 /* | 253 /* |
254 * DAA: is this right? | 254 * DAA: is this right? |
255 * The manpage says that "mech" will contain the chosen mechanism on success. | 255 * The manpage says that "mech" will contain the chosen mechanism on success. |
256 * Presumably, if we get here that isn't the case and we shouldn't try again? | 256 * Presumably, if we get here that isn't the case and we shouldn't try again? |
280 xmlnode_set_attrib(auth, "mechanism", mech); | 280 xmlnode_set_attrib(auth, "mechanism", mech); |
281 if (clientout) { | 281 if (clientout) { |
282 if (coutlen == 0) { | 282 if (coutlen == 0) { |
283 xmlnode_insert_data(auth, "=", -1); | 283 xmlnode_insert_data(auth, "=", -1); |
284 } else { | 284 } else { |
285 enc_out = gaim_base64_encode((unsigned char*)clientout, coutlen); | 285 enc_out = purple_base64_encode((unsigned char*)clientout, coutlen); |
286 xmlnode_insert_data(auth, enc_out, -1); | 286 xmlnode_insert_data(auth, enc_out, -1); |
287 g_free(enc_out); | 287 g_free(enc_out); |
288 } | 288 } |
289 } | 289 } |
290 jabber_send(js, auth); | 290 jabber_send(js, auth); |
291 xmlnode_free(auth); | 291 xmlnode_free(auth); |
292 } else { | 292 } else { |
293 gaim_connection_error(js->gc, "SASL authentication failed\n"); | 293 purple_connection_error(js->gc, "SASL authentication failed\n"); |
294 } | 294 } |
295 } | 295 } |
296 | 296 |
297 static int | 297 static int |
298 jabber_sasl_cb_log(void *context, int level, const char *message) | 298 jabber_sasl_cb_log(void *context, int level, const char *message) |
299 { | 299 { |
300 if(level <= SASL_LOG_TRACE) | 300 if(level <= SASL_LOG_TRACE) |
301 gaim_debug_info("sasl", "%s\n", message); | 301 purple_debug_info("sasl", "%s\n", message); |
302 | 302 |
303 return SASL_OK; | 303 return SASL_OK; |
304 } | 304 } |
305 | 305 |
306 #endif | 306 #endif |
323 } | 323 } |
324 | 324 |
325 mechs = xmlnode_get_child(packet, "mechanisms"); | 325 mechs = xmlnode_get_child(packet, "mechanisms"); |
326 | 326 |
327 if(!mechs) { | 327 if(!mechs) { |
328 gaim_connection_error(js->gc, _("Invalid response from server.")); | 328 purple_connection_error(js->gc, _("Invalid response from server.")); |
329 return; | 329 return; |
330 } | 330 } |
331 | 331 |
332 #ifdef HAVE_CYRUS_SASL | 332 #ifdef HAVE_CYRUS_SASL |
333 js->sasl_mechs = g_string_new(""); | 333 js->sasl_mechs = g_string_new(""); |
369 js->sasl_cb[id].id = SASL_CB_USER; | 369 js->sasl_cb[id].id = SASL_CB_USER; |
370 js->sasl_cb[id].proc = jabber_sasl_cb_simple; | 370 js->sasl_cb[id].proc = jabber_sasl_cb_simple; |
371 js->sasl_cb[id].context = (void *)js; | 371 js->sasl_cb[id].context = (void *)js; |
372 id++; | 372 id++; |
373 | 373 |
374 if (gaim_account_get_password(js->gc->account)) { | 374 if (purple_account_get_password(js->gc->account)) { |
375 js->sasl_cb[id].id = SASL_CB_PASS; | 375 js->sasl_cb[id].id = SASL_CB_PASS; |
376 js->sasl_cb[id].proc = jabber_sasl_cb_secret; | 376 js->sasl_cb[id].proc = jabber_sasl_cb_secret; |
377 js->sasl_cb[id].context = (void *)js; | 377 js->sasl_cb[id].context = (void *)js; |
378 id++; | 378 id++; |
379 } | 379 } |
399 jabber_send(js, auth); | 399 jabber_send(js, auth); |
400 xmlnode_free(auth); | 400 xmlnode_free(auth); |
401 } else if(plain) { | 401 } else if(plain) { |
402 js->auth_type = JABBER_AUTH_PLAIN; | 402 js->auth_type = JABBER_AUTH_PLAIN; |
403 | 403 |
404 if(js->gsc == NULL && !gaim_account_get_bool(js->gc->account, "auth_plain_in_clear", FALSE)) { | 404 if(js->gsc == NULL && !purple_account_get_bool(js->gc->account, "auth_plain_in_clear", FALSE)) { |
405 gaim_request_yes_no(js->gc, _("Plaintext Authentication"), | 405 purple_request_yes_no(js->gc, _("Plaintext Authentication"), |
406 _("Plaintext Authentication"), | 406 _("Plaintext Authentication"), |
407 _("This server requires plaintext authentication over an unencrypted connection. Allow this and continue authentication?"), | 407 _("This server requires plaintext authentication over an unencrypted connection. Allow this and continue authentication?"), |
408 2, js->gc->account, allow_plaintext_auth, | 408 2, js->gc->account, allow_plaintext_auth, |
409 disallow_plaintext_auth); | 409 disallow_plaintext_auth); |
410 return; | 410 return; |
411 } | 411 } |
412 finish_plaintext_authentication(js); | 412 finish_plaintext_authentication(js); |
413 } else { | 413 } else { |
414 gaim_connection_error(js->gc, | 414 purple_connection_error(js->gc, |
415 _("Server does not use any supported authentication method")); | 415 _("Server does not use any supported authentication method")); |
416 } | 416 } |
417 #endif | 417 #endif |
418 } | 418 } |
419 | 419 |
432 (err_code = xmlnode_get_attrib(error, "code")) && | 432 (err_code = xmlnode_get_attrib(error, "code")) && |
433 !strcmp(err_code, "401")) { | 433 !strcmp(err_code, "401")) { |
434 js->gc->wants_to_die = TRUE; | 434 js->gc->wants_to_die = TRUE; |
435 } | 435 } |
436 | 436 |
437 gaim_connection_error(js->gc, msg); | 437 purple_connection_error(js->gc, msg); |
438 g_free(msg); | 438 g_free(msg); |
439 } | 439 } |
440 } | 440 } |
441 | 441 |
442 static void auth_old_cb(JabberStream *js, xmlnode *packet, gpointer data) | 442 static void auth_old_cb(JabberStream *js, xmlnode *packet, gpointer data) |
443 { | 443 { |
444 JabberIq *iq; | 444 JabberIq *iq; |
445 xmlnode *query, *x; | 445 xmlnode *query, *x; |
446 const char *type = xmlnode_get_attrib(packet, "type"); | 446 const char *type = xmlnode_get_attrib(packet, "type"); |
447 const char *pw = gaim_connection_get_password(js->gc); | 447 const char *pw = purple_connection_get_password(js->gc); |
448 | 448 |
449 if(!type) { | 449 if(!type) { |
450 gaim_connection_error(js->gc, _("Invalid response from server.")); | 450 purple_connection_error(js->gc, _("Invalid response from server.")); |
451 return; | 451 return; |
452 } else if(!strcmp(type, "error")) { | 452 } else if(!strcmp(type, "error")) { |
453 char *msg = jabber_parse_error(js, packet); | 453 char *msg = jabber_parse_error(js, packet); |
454 gaim_connection_error(js->gc, msg); | 454 purple_connection_error(js->gc, msg); |
455 g_free(msg); | 455 g_free(msg); |
456 } else if(!strcmp(type, "result")) { | 456 } else if(!strcmp(type, "result")) { |
457 query = xmlnode_get_child(packet, "query"); | 457 query = xmlnode_get_child(packet, "query"); |
458 if(js->stream_id && xmlnode_get_child(query, "digest")) { | 458 if(js->stream_id && xmlnode_get_child(query, "digest")) { |
459 unsigned char hashval[20]; | 459 unsigned char hashval[20]; |
468 xmlnode_insert_data(x, js->user->resource, -1); | 468 xmlnode_insert_data(x, js->user->resource, -1); |
469 | 469 |
470 x = xmlnode_new_child(query, "digest"); | 470 x = xmlnode_new_child(query, "digest"); |
471 s = g_strdup_printf("%s%s", js->stream_id, pw); | 471 s = g_strdup_printf("%s%s", js->stream_id, pw); |
472 | 472 |
473 gaim_cipher_digest_region("sha1", (guchar *)s, strlen(s), | 473 purple_cipher_digest_region("sha1", (guchar *)s, strlen(s), |
474 sizeof(hashval), hashval, NULL); | 474 sizeof(hashval), hashval, NULL); |
475 | 475 |
476 p = h; | 476 p = h; |
477 for(i=0; i<20; i++, p+=2) | 477 for(i=0; i<20; i++, p+=2) |
478 snprintf(p, 3, "%02x", hashval[i]); | 478 snprintf(p, 3, "%02x", hashval[i]); |
480 g_free(s); | 480 g_free(s); |
481 jabber_iq_set_callback(iq, auth_old_result_cb, NULL); | 481 jabber_iq_set_callback(iq, auth_old_result_cb, NULL); |
482 jabber_iq_send(iq); | 482 jabber_iq_send(iq); |
483 | 483 |
484 } else if(xmlnode_get_child(query, "password")) { | 484 } else if(xmlnode_get_child(query, "password")) { |
485 if(js->gsc == NULL && !gaim_account_get_bool(js->gc->account, | 485 if(js->gsc == NULL && !purple_account_get_bool(js->gc->account, |
486 "auth_plain_in_clear", FALSE)) { | 486 "auth_plain_in_clear", FALSE)) { |
487 gaim_request_yes_no(js->gc, _("Plaintext Authentication"), | 487 purple_request_yes_no(js->gc, _("Plaintext Authentication"), |
488 _("Plaintext Authentication"), | 488 _("Plaintext Authentication"), |
489 _("This server requires plaintext authentication over an unencrypted connection. Allow this and continue authentication?"), | 489 _("This server requires plaintext authentication over an unencrypted connection. Allow this and continue authentication?"), |
490 2, js->gc->account, allow_plaintext_auth, | 490 2, js->gc->account, allow_plaintext_auth, |
491 disallow_plaintext_auth); | 491 disallow_plaintext_auth); |
492 return; | 492 return; |
493 } | 493 } |
494 finish_plaintext_authentication(js); | 494 finish_plaintext_authentication(js); |
495 } else { | 495 } else { |
496 gaim_connection_error(js->gc, | 496 purple_connection_error(js->gc, |
497 _("Server does not use any supported authentication method")); | 497 _("Server does not use any supported authentication method")); |
498 return; | 498 return; |
499 } | 499 } |
500 } | 500 } |
501 } | 501 } |
543 | 543 |
544 static char * | 544 static char * |
545 generate_response_value(JabberID *jid, const char *passwd, const char *nonce, | 545 generate_response_value(JabberID *jid, const char *passwd, const char *nonce, |
546 const char *cnonce, const char *a2, const char *realm) | 546 const char *cnonce, const char *a2, const char *realm) |
547 { | 547 { |
548 GaimCipher *cipher; | 548 PurpleCipher *cipher; |
549 GaimCipherContext *context; | 549 PurpleCipherContext *context; |
550 guchar result[16]; | 550 guchar result[16]; |
551 size_t a1len; | 551 size_t a1len; |
552 | 552 |
553 gchar *a1, *convnode=NULL, *convpasswd = NULL, *ha1, *ha2, *kd, *x, *z; | 553 gchar *a1, *convnode=NULL, *convpasswd = NULL, *ha1, *ha2, *kd, *x, *z; |
554 | 554 |
559 if(passwd && ((convpasswd = g_convert(passwd, strlen(passwd), "iso-8859-1", | 559 if(passwd && ((convpasswd = g_convert(passwd, strlen(passwd), "iso-8859-1", |
560 "utf-8", NULL, NULL, NULL)) == NULL)) { | 560 "utf-8", NULL, NULL, NULL)) == NULL)) { |
561 convpasswd = g_strdup(passwd); | 561 convpasswd = g_strdup(passwd); |
562 } | 562 } |
563 | 563 |
564 cipher = gaim_ciphers_find_cipher("md5"); | 564 cipher = purple_ciphers_find_cipher("md5"); |
565 context = gaim_cipher_context_new(cipher, NULL); | 565 context = purple_cipher_context_new(cipher, NULL); |
566 | 566 |
567 x = g_strdup_printf("%s:%s:%s", convnode, realm, convpasswd ? convpasswd : ""); | 567 x = g_strdup_printf("%s:%s:%s", convnode, realm, convpasswd ? convpasswd : ""); |
568 gaim_cipher_context_append(context, (const guchar *)x, strlen(x)); | 568 purple_cipher_context_append(context, (const guchar *)x, strlen(x)); |
569 gaim_cipher_context_digest(context, sizeof(result), result, NULL); | 569 purple_cipher_context_digest(context, sizeof(result), result, NULL); |
570 | 570 |
571 a1 = g_strdup_printf("xxxxxxxxxxxxxxxx:%s:%s", nonce, cnonce); | 571 a1 = g_strdup_printf("xxxxxxxxxxxxxxxx:%s:%s", nonce, cnonce); |
572 a1len = strlen(a1); | 572 a1len = strlen(a1); |
573 g_memmove(a1, result, 16); | 573 g_memmove(a1, result, 16); |
574 | 574 |
575 gaim_cipher_context_reset(context, NULL); | 575 purple_cipher_context_reset(context, NULL); |
576 gaim_cipher_context_append(context, (const guchar *)a1, a1len); | 576 purple_cipher_context_append(context, (const guchar *)a1, a1len); |
577 gaim_cipher_context_digest(context, sizeof(result), result, NULL); | 577 purple_cipher_context_digest(context, sizeof(result), result, NULL); |
578 | 578 |
579 ha1 = gaim_base16_encode(result, 16); | 579 ha1 = purple_base16_encode(result, 16); |
580 | 580 |
581 gaim_cipher_context_reset(context, NULL); | 581 purple_cipher_context_reset(context, NULL); |
582 gaim_cipher_context_append(context, (const guchar *)a2, strlen(a2)); | 582 purple_cipher_context_append(context, (const guchar *)a2, strlen(a2)); |
583 gaim_cipher_context_digest(context, sizeof(result), result, NULL); | 583 purple_cipher_context_digest(context, sizeof(result), result, NULL); |
584 | 584 |
585 ha2 = gaim_base16_encode(result, 16); | 585 ha2 = purple_base16_encode(result, 16); |
586 | 586 |
587 kd = g_strdup_printf("%s:%s:00000001:%s:auth:%s", ha1, nonce, cnonce, ha2); | 587 kd = g_strdup_printf("%s:%s:00000001:%s:auth:%s", ha1, nonce, cnonce, ha2); |
588 | 588 |
589 gaim_cipher_context_reset(context, NULL); | 589 purple_cipher_context_reset(context, NULL); |
590 gaim_cipher_context_append(context, (const guchar *)kd, strlen(kd)); | 590 purple_cipher_context_append(context, (const guchar *)kd, strlen(kd)); |
591 gaim_cipher_context_digest(context, sizeof(result), result, NULL); | 591 purple_cipher_context_digest(context, sizeof(result), result, NULL); |
592 gaim_cipher_context_destroy(context); | 592 purple_cipher_context_destroy(context); |
593 | 593 |
594 z = gaim_base16_encode(result, 16); | 594 z = purple_base16_encode(result, 16); |
595 | 595 |
596 g_free(convnode); | 596 g_free(convnode); |
597 g_free(convpasswd); | 597 g_free(convpasswd); |
598 g_free(x); | 598 g_free(x); |
599 g_free(a1); | 599 g_free(a1); |
613 char *dec_in; | 613 char *dec_in; |
614 char *enc_out; | 614 char *enc_out; |
615 GHashTable *parts; | 615 GHashTable *parts; |
616 | 616 |
617 if(!enc_in) { | 617 if(!enc_in) { |
618 gaim_connection_error(js->gc, _("Invalid response from server.")); | 618 purple_connection_error(js->gc, _("Invalid response from server.")); |
619 return; | 619 return; |
620 } | 620 } |
621 | 621 |
622 dec_in = (char *)gaim_base64_decode(enc_in, NULL); | 622 dec_in = (char *)purple_base64_decode(enc_in, NULL); |
623 gaim_debug(GAIM_DEBUG_MISC, "jabber", "decoded challenge (%d): %s\n", | 623 purple_debug(PURPLE_DEBUG_MISC, "jabber", "decoded challenge (%d): %s\n", |
624 strlen(dec_in), dec_in); | 624 strlen(dec_in), dec_in); |
625 | 625 |
626 parts = parse_challenge(dec_in); | 626 parts = parse_challenge(dec_in); |
627 | 627 |
628 | 628 |
634 !strcmp(rspauth, js->expected_rspauth)) { | 634 !strcmp(rspauth, js->expected_rspauth)) { |
635 jabber_send_raw(js, | 635 jabber_send_raw(js, |
636 "<response xmlns='urn:ietf:params:xml:ns:xmpp-sasl' />", | 636 "<response xmlns='urn:ietf:params:xml:ns:xmpp-sasl' />", |
637 -1); | 637 -1); |
638 } else { | 638 } else { |
639 gaim_connection_error(js->gc, _("Invalid challenge from server")); | 639 purple_connection_error(js->gc, _("Invalid challenge from server")); |
640 } | 640 } |
641 g_free(js->expected_rspauth); | 641 g_free(js->expected_rspauth); |
642 } else { | 642 } else { |
643 /* assemble a response, and send it */ | 643 /* assemble a response, and send it */ |
644 /* see RFC 2831 */ | 644 /* see RFC 2831 */ |
663 nonce = g_hash_table_lookup(parts, "nonce"); | 663 nonce = g_hash_table_lookup(parts, "nonce"); |
664 | 664 |
665 | 665 |
666 a2 = g_strdup_printf("AUTHENTICATE:xmpp/%s", realm); | 666 a2 = g_strdup_printf("AUTHENTICATE:xmpp/%s", realm); |
667 auth_resp = generate_response_value(js->user, | 667 auth_resp = generate_response_value(js->user, |
668 gaim_connection_get_password(js->gc), nonce, cnonce, a2, realm); | 668 purple_connection_get_password(js->gc), nonce, cnonce, a2, realm); |
669 g_free(a2); | 669 g_free(a2); |
670 | 670 |
671 a2 = g_strdup_printf(":xmpp/%s", realm); | 671 a2 = g_strdup_printf(":xmpp/%s", realm); |
672 js->expected_rspauth = generate_response_value(js->user, | 672 js->expected_rspauth = generate_response_value(js->user, |
673 gaim_connection_get_password(js->gc), nonce, cnonce, a2, realm); | 673 purple_connection_get_password(js->gc), nonce, cnonce, a2, realm); |
674 g_free(a2); | 674 g_free(a2); |
675 | 675 |
676 | 676 |
677 g_string_append_printf(response, "username=\"%s\"", js->user->node); | 677 g_string_append_printf(response, "username=\"%s\"", js->user->node); |
678 g_string_append_printf(response, ",realm=\"%s\"", realm); | 678 g_string_append_printf(response, ",realm=\"%s\"", realm); |
685 g_string_append_printf(response, ",charset=utf-8"); | 685 g_string_append_printf(response, ",charset=utf-8"); |
686 | 686 |
687 g_free(auth_resp); | 687 g_free(auth_resp); |
688 g_free(cnonce); | 688 g_free(cnonce); |
689 | 689 |
690 enc_out = gaim_base64_encode((guchar *)response->str, response->len); | 690 enc_out = purple_base64_encode((guchar *)response->str, response->len); |
691 | 691 |
692 gaim_debug(GAIM_DEBUG_MISC, "jabber", "decoded response (%d): %s\n", response->len, response->str); | 692 purple_debug(PURPLE_DEBUG_MISC, "jabber", "decoded response (%d): %s\n", response->len, response->str); |
693 | 693 |
694 buf = g_strdup_printf("<response xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>%s</response>", enc_out); | 694 buf = g_strdup_printf("<response xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>%s</response>", enc_out); |
695 | 695 |
696 jabber_send_raw(js, buf, -1); | 696 jabber_send_raw(js, buf, -1); |
697 | 697 |
714 const char *c_out; | 714 const char *c_out; |
715 unsigned int clen; | 715 unsigned int clen; |
716 gsize declen; | 716 gsize declen; |
717 xmlnode *response; | 717 xmlnode *response; |
718 | 718 |
719 dec_in = gaim_base64_decode(enc_in, &declen); | 719 dec_in = purple_base64_decode(enc_in, &declen); |
720 | 720 |
721 js->sasl_state = sasl_client_step(js->sasl, (char*)dec_in, declen, | 721 js->sasl_state = sasl_client_step(js->sasl, (char*)dec_in, declen, |
722 NULL, &c_out, &clen); | 722 NULL, &c_out, &clen); |
723 g_free(enc_in); | 723 g_free(enc_in); |
724 g_free(dec_in); | 724 g_free(dec_in); |
725 if (js->sasl_state != SASL_CONTINUE && js->sasl_state != SASL_OK) { | 725 if (js->sasl_state != SASL_CONTINUE && js->sasl_state != SASL_OK) { |
726 gaim_debug_error("jabber", "Error is %d : %s\n",js->sasl_state,sasl_errdetail(js->sasl)); | 726 purple_debug_error("jabber", "Error is %d : %s\n",js->sasl_state,sasl_errdetail(js->sasl)); |
727 gaim_connection_error(js->gc, _("SASL error")); | 727 purple_connection_error(js->gc, _("SASL error")); |
728 return; | 728 return; |
729 } else { | 729 } else { |
730 response = xmlnode_new("response"); | 730 response = xmlnode_new("response"); |
731 xmlnode_set_namespace(response, "urn:ietf:params:xml:ns:xmpp-sasl"); | 731 xmlnode_set_namespace(response, "urn:ietf:params:xml:ns:xmpp-sasl"); |
732 if (c_out) { | 732 if (c_out) { |
733 enc_out = gaim_base64_encode((unsigned char*)c_out, clen); | 733 enc_out = purple_base64_encode((unsigned char*)c_out, clen); |
734 xmlnode_insert_data(response, enc_out, -1); | 734 xmlnode_insert_data(response, enc_out, -1); |
735 g_free(enc_out); | 735 g_free(enc_out); |
736 } | 736 } |
737 jabber_send(js, response); | 737 jabber_send(js, response); |
738 xmlnode_free(response); | 738 xmlnode_free(response); |
747 #ifdef HAVE_CYRUS_SASL | 747 #ifdef HAVE_CYRUS_SASL |
748 const int *x; | 748 const int *x; |
749 #endif | 749 #endif |
750 | 750 |
751 if(!ns || strcmp(ns, "urn:ietf:params:xml:ns:xmpp-sasl")) { | 751 if(!ns || strcmp(ns, "urn:ietf:params:xml:ns:xmpp-sasl")) { |
752 gaim_connection_error(js->gc, _("Invalid response from server.")); | 752 purple_connection_error(js->gc, _("Invalid response from server.")); |
753 return; | 753 return; |
754 } | 754 } |
755 | 755 |
756 #ifdef HAVE_CYRUS_SASL | 756 #ifdef HAVE_CYRUS_SASL |
757 /* The SASL docs say that if the client hasn't returned OK yet, we | 757 /* The SASL docs say that if the client hasn't returned OK yet, we |
763 const char *c_out; | 763 const char *c_out; |
764 unsigned int clen; | 764 unsigned int clen; |
765 gsize declen = 0; | 765 gsize declen = 0; |
766 | 766 |
767 if(enc_in != NULL) | 767 if(enc_in != NULL) |
768 dec_in = gaim_base64_decode(enc_in, &declen); | 768 dec_in = purple_base64_decode(enc_in, &declen); |
769 | 769 |
770 js->sasl_state = sasl_client_step(js->sasl, (char*)dec_in, declen, NULL, &c_out, &clen); | 770 js->sasl_state = sasl_client_step(js->sasl, (char*)dec_in, declen, NULL, &c_out, &clen); |
771 | 771 |
772 g_free(enc_in); | 772 g_free(enc_in); |
773 g_free(dec_in); | 773 g_free(dec_in); |
774 | 774 |
775 if (js->sasl_state != SASL_OK) { | 775 if (js->sasl_state != SASL_OK) { |
776 /* This should never happen! */ | 776 /* This should never happen! */ |
777 gaim_connection_error(js->gc, _("Invalid response from server.")); | 777 purple_connection_error(js->gc, _("Invalid response from server.")); |
778 } | 778 } |
779 } | 779 } |
780 /* If we've negotiated a security layer, we need to enable it */ | 780 /* If we've negotiated a security layer, we need to enable it */ |
781 sasl_getprop(js->sasl, SASL_SSF, &x); | 781 sasl_getprop(js->sasl, SASL_SSF, &x); |
782 if (*x > 0) { | 782 if (*x > 0) { |
791 void jabber_auth_handle_failure(JabberStream *js, xmlnode *packet) | 791 void jabber_auth_handle_failure(JabberStream *js, xmlnode *packet) |
792 { | 792 { |
793 char *msg = jabber_parse_error(js, packet); | 793 char *msg = jabber_parse_error(js, packet); |
794 | 794 |
795 if(!msg) { | 795 if(!msg) { |
796 gaim_connection_error(js->gc, _("Invalid response from server.")); | 796 purple_connection_error(js->gc, _("Invalid response from server.")); |
797 } else { | 797 } else { |
798 gaim_connection_error(js->gc, msg); | 798 purple_connection_error(js->gc, msg); |
799 g_free(msg); | 799 g_free(msg); |
800 } | 800 } |
801 } | 801 } |