1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
|
/*
* purple - Jabber Protocol Plugin
*
* Purple is the legal property of its developers, whose names are too numerous
* to list here. Please refer to the COPYRIGHT file distributed with this
* source distribution.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02111-1301 USA
*
*/
#include "internal.h"
#include "account.h"
#include "debug.h"
#include "request.h"
#include "util.h"
#include "xmlnode.h"
#include "jabber.h"
#include "auth.h"
static xmlnode *finish_plaintext_authentication(JabberStream *js)
{
xmlnode *auth;
GString *response;
gchar *enc_out;
auth = xmlnode_new("auth");
xmlnode_set_namespace(auth, NS_XMPP_SASL);
if (g_str_equal(js->user->domain, "gmail.com") ||
g_str_equal(js->user->domain, "googlemail.com")) {
xmlnode_set_attrib(auth, "xmlns:ga", "http://www.google.com/talk/protocol/auth");
xmlnode_set_attrib(auth, "ga:client-uses-full-bind-result", "true");
}
response = g_string_new("");
response = g_string_append_c(response, '\0');
response = g_string_append(response, js->user->node);
response = g_string_append_c(response, '\0');
response = g_string_append(response,
purple_connection_get_password(js->gc));
enc_out = purple_base64_encode((guchar *)response->str, response->len);
xmlnode_set_attrib(auth, "mechanism", "PLAIN");
xmlnode_insert_data(auth, enc_out, -1);
g_free(enc_out);
g_string_free(response, TRUE);
return auth;
}
static void allow_plaintext_auth(PurpleAccount *account)
{
PurpleConnection *gc = purple_account_get_connection(account);
JabberStream *js = purple_connection_get_protocol_data(gc);
xmlnode *response;
purple_account_set_bool(account, "auth_plain_in_clear", TRUE);
response = finish_plaintext_authentication(js);
jabber_send(js, response);
xmlnode_free(response);
}
static void disallow_plaintext_auth(PurpleAccount *account)
{
purple_connection_error_reason(purple_account_get_connection(account),
PURPLE_CONNECTION_ERROR_ENCRYPTION_ERROR,
_("Server requires plaintext authentication over an unencrypted stream"));
}
static JabberSaslState
jabber_plain_start(JabberStream *js, xmlnode *packet, xmlnode **response, char **error)
{
PurpleAccount *account = purple_connection_get_account(js->gc);
char *msg;
if (jabber_stream_is_ssl(js) || purple_account_get_bool(account, "auth_plain_in_clear", FALSE)) {
*response = finish_plaintext_authentication(js);
return JABBER_SASL_STATE_OK;
}
msg = g_strdup_printf(_("%s requires plaintext authentication over an unencrypted connection. Allow this and continue authentication?"),
purple_account_get_username(account));
purple_request_yes_no(js->gc, _("Plaintext Authentication"),
_("Plaintext Authentication"),
msg,
1,
account, NULL, NULL,
account, allow_plaintext_auth, disallow_plaintext_auth);
g_free(msg);
return JABBER_SASL_STATE_CONTINUE;
}
static JabberSaslMech plain_mech = {
0, /* priority */
"PLAIN", /* name */
jabber_plain_start,
NULL, /* handle_challenge */
NULL, /* handle_success */
NULL, /* handle_failure */
NULL /* dispose */
};
JabberSaslMech *jabber_auth_get_plain_mech(void)
{
return &plain_mech;
}
|
