# HG changeset patch # User Nathan Walp # Date 1073952207 0 # Node ID 55431e80a783972edba3aed651a6534eb81242eb # Parent 6ed314f47f4b9e43f804ed5266cb4b25888975ea [gaim-migrate @ 8785] let people enable plain authentication over unencrypted channels if they really want to. and plug a memory leak in said authentication scheme. committer: Tailor Script diff -r 6ed314f47f4b -r 55431e80a783 src/protocols/jabber/auth.c --- a/src/protocols/jabber/auth.c Tue Jan 13 00:02:34 2004 +0000 +++ b/src/protocols/jabber/auth.c Tue Jan 13 00:03:27 2004 +0000 @@ -84,10 +84,19 @@ if(digest_md5) { xmlnode_set_attrib(auth, "mechanism", "DIGEST-MD5"); js->auth_type = JABBER_AUTH_DIGEST_MD5; - } else if(plain && js->gsc != NULL) { /* only do plain if we're encrypted */ - GString *response = g_string_new(""); + } else if(plain) { + GString *response; char *enc_out; + if(js->gsc == NULL && !gaim_account_get_bool(js->gc->account, "auth_plain_in_clear", FALSE)) { + /* XXX: later, make this yes/no so they can just click to enable it */ + gaim_connection_error(js->gc, + _("Server requires plaintext authentication over an unencrypted stream")); + xmlnode_free(auth); + return; + } + + response = g_string_new(""); response = g_string_append_len(response, "\0", 1); response = g_string_append(response, js->user->node); response = g_string_append_len(response, "\0", 1); @@ -99,6 +108,7 @@ xmlnode_set_attrib(auth, "mechanism", "PLAIN"); xmlnode_insert_data(auth, enc_out, -1); g_free(enc_out); + g_string_free(response, TRUE); js->auth_type = JABBER_AUTH_PLAIN; } else { @@ -176,7 +186,15 @@ query = xmlnode_get_child(packet, "query"); if(js->stream_id && xmlnode_get_child(query, "digest")) { digest = TRUE; - } else if(!xmlnode_get_child(query, "password")) { + } else if(xmlnode_get_child(query, "password")) { + if(js->gsc == NULL && !gaim_account_get_bool(js->gc->account, + "auth_plain_in_clear", FALSE)) { + /* XXX: later, make this yes/no so they can just click to enable it */ + gaim_connection_error(js->gc, + _("Server requires plaintext authentication over an unencrypted stream")); + return; + } + } else { gaim_connection_error(js->gc, _("Server does not use any supported authentication method")); return; diff -r 6ed314f47f4b -r 55431e80a783 src/protocols/jabber/jabber.c --- a/src/protocols/jabber/jabber.c Tue Jan 13 00:02:34 2004 +0000 +++ b/src/protocols/jabber/jabber.c Tue Jan 13 00:03:27 2004 +0000 @@ -1221,6 +1221,12 @@ prpl_info.protocol_options = g_list_append(prpl_info.protocol_options, option); + option = gaim_account_option_bool_new( + _("Allow plaintext auth over unencrypted streams"), + "auth_plain_in_clear", FALSE); + prpl_info.protocol_options = g_list_append(prpl_info.protocol_options, + option); + option = gaim_account_option_int_new(_("Port"), "port", 5222); prpl_info.protocol_options = g_list_append(prpl_info.protocol_options, option);