changeset 30430:1518b6b70556

jabber: Blacklist EXTERNAL when using Cyrus. Allows connecting when it's advertised. This fixes what I think is a bug/quirk in Cyrus SASL. The EXTERNAL mech returns SASL_NOMECH to indicate the client hasn't set the necessary data, except SASL_NOMECH is supposed to mean (AFAICT) "None of the mechs given are supported/meet the current security requirements". No other mech does that!
author Paul Aurich <paul@darkrain42.org>
date Fri, 21 May 2010 05:35:33 +0000
parents 1b1fee952341
children 2519dd5b92c5 da8c00c5b4e5
files ChangeLog libpurple/protocols/jabber/auth_cyrus.c
diffstat 2 files changed, 7 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/ChangeLog	Fri May 21 05:28:59 2010 +0000
+++ b/ChangeLog	Fri May 21 05:35:33 2010 +0000
@@ -18,6 +18,10 @@
 	* Fix unnecessary bandwidth consumption for buddy icon requests when
 	  buddies have capital letters in their passport addresses.
 
+	XMPP:
+	* Allow connecting to servers that advertise EXTERNAL (broken in
+	  2.7.0)
+
 version 2.7.0 (05/12/2010):
 	General:
 	* Changed GTK+ minimum version requirement to 2.10.0.
--- a/libpurple/protocols/jabber/auth_cyrus.c	Fri May 21 05:28:59 2010 +0000
+++ b/libpurple/protocols/jabber/auth_cyrus.c	Fri May 21 05:35:33 2010 +0000
@@ -408,7 +408,8 @@
 	{
 		char *mech_name = xmlnode_get_data(mechnode);
 
-		if (!mech_name || !*mech_name) {
+		if (!mech_name || !*mech_name ||
+				g_str_equal(mech_name, "EXTERNAL")) {
 			g_free(mech_name);
 			continue;
 		}
@@ -550,7 +551,7 @@
 
 			return jabber_auth_start_cyrus(js, reply, error);
 
-		} else if ((js->auth_fail_count == 1) && 
+		} else if ((js->auth_fail_count == 1) &&
 				   (js->current_mech && g_str_equal(js->current_mech, "GSSAPI"))) {
 			/* If we tried GSSAPI first, it failed, and it was the only method we had to try, try jabber:iq:auth
 			 * for compatibility with iChat 10.5 Server and other jabberd based servers.