diff options
| author | Gary Kramlich <grim@reaperworld.com> | 2023-02-08 06:17:57 -0600 |
|---|---|---|
| committer | Gary Kramlich <grim@reaperworld.com> | 2023-02-08 06:17:57 -0600 |
| commit | 83fd4fc0496d46312b4fc2b2d908a771d2703ce4 (patch) | |
| tree | 0359fa1355860e1db9ecccc9944358a199e0c68c /libpurple/protocols | |
| parent | 2f81137ac584458ad52b9163b8749a725c436133 (diff) | |
| download | pidgin-83fd4fc0496d46312b4fc2b2d908a771d2703ce4.tar.gz | |
IRCv3: Add an account option to specify the SASL mechanisms
This allows the user to only try the SASL mechanism they want to use instead of
potentially trying a few that won't work based on what the server advertised.
This also allows us to use SASL mechanisms that the server supports but doesn't
advertise for some reason.
Testing Done:
Set the field to `SCRAM-SHA-256` and connected to my local ergo. I verified that ONLY `SCRAM-SHA-256` was attempted (and failed see [PIDGIN-17744](https://issues.imfreedom.org/issue/PIDGIN-17744).
I deleted the value from the entry as well as from accounts.xml and verified that the server advertised values were what were used.
Bugs closed: PIDGIN-17740
Reviewed at https://reviews.imfreedom.org/r/2222/
Diffstat (limited to 'libpurple/protocols')
| -rw-r--r-- | libpurple/protocols/ircv3/purpleircv3protocol.c | 4 | ||||
| -rw-r--r-- | libpurple/protocols/ircv3/purpleircv3sasl.c | 16 |
2 files changed, 15 insertions, 5 deletions
diff --git a/libpurple/protocols/ircv3/purpleircv3protocol.c b/libpurple/protocols/ircv3/purpleircv3protocol.c index c7b710a300..31c06828b5 100644 --- a/libpurple/protocols/ircv3/purpleircv3protocol.c +++ b/libpurple/protocols/ircv3/purpleircv3protocol.c @@ -67,6 +67,10 @@ purple_ircv3_protocol_get_account_options(G_GNUC_UNUSED PurpleProtocol *protocol "sasl-login-name", ""); options = g_list_append(options, option); + option = purple_account_option_string_new(_("SASL mechanisms"), + "sasl-mechanisms", ""); + options = g_list_append(options, option); + option = purple_account_option_bool_new(_("Allow plaintext SASL auth over " "unencrypted connection"), "plain-sasl-in-clear", FALSE); diff --git a/libpurple/protocols/ircv3/purpleircv3sasl.c b/libpurple/protocols/ircv3/purpleircv3sasl.c index d4c34c01c8..dfb5d79bfd 100644 --- a/libpurple/protocols/ircv3/purpleircv3sasl.c +++ b/libpurple/protocols/ircv3/purpleircv3sasl.c @@ -262,13 +262,15 @@ purple_ircv3_sasl_attempt(PurpleIRCv3Connection *connection) { static void purple_ircv3_sasl_start(PurpleIRCv3Capabilities *caps) { PurpleIRCv3Connection *connection = NULL; + PurpleAccount *account = NULL; PurpleConnection *purple_connection = NULL; Gsasl *ctx = NULL; - const char *advertised = NULL; + const char *mechanisms = NULL; gint res; connection = purple_ircv3_capabilities_get_connection(caps); purple_connection = PURPLE_CONNECTION(connection); + account = purple_connection_get_account(purple_connection); res = gsasl_init(&ctx); if(res != GSASL_OK) { @@ -284,12 +286,16 @@ purple_ircv3_sasl_start(PurpleIRCv3Capabilities *caps) { */ purple_ircv3_capabilities_add_wait(caps); - /* Grab the mechanisms that the server advertised and save them on the - * connection. */ - advertised = purple_ircv3_capabilities_lookup(caps, "sasl", NULL); + mechanisms = purple_account_get_string(account, "sasl-mechanisms", ""); + if(purple_strempty(mechanisms)) { + /* If the user didn't specify any mechanisms, grab the mechanisms that + * the server advertised. + */ + mechanisms = purple_ircv3_capabilities_lookup(caps, "sasl", NULL); + } /* Create our SASLData object, add it to the connection. */ - purple_ircv3_sasl_data_add(purple_connection, ctx, advertised); + purple_ircv3_sasl_data_add(purple_connection, ctx, mechanisms); /* Make it go! */ purple_ircv3_sasl_attempt(connection); |