Differences From Artifact [8f383aeac0]:
- File src/XMPPConnection.m — part of check-in [5027cc014a] at 2011-02-19 22:39:11 on branch trunk — Fix mechanisms parsing (user: florob@babelmonkeys.de, size: 8303) [annotate] [blame] [check-ins using]
To Artifact [b8bdaffc4b]:
- File
src/XMPPConnection.m
— part of check-in
[6a3b0a9988]
at
2011-02-21 03:09:39
on branch trunk
— Add SCRAM-SHA-1 support
This adds the new base class XMPPAuthenticator and the derived
classes XMPPSCRAMAuth and XMPPPLAINAuth.
They are now used for authentication from within XMPPConnection.Also adds XMPPAuthFailedException which is thrown in appropriate places. (user: florob@babelmonkeys.de, size: 9140) [annotate] [blame] [check-ins using]
| ︙ | ︙ | |||
23 24 25 26 27 28 29 30 31 32 33 34 35 36 | #include <assert.h> #include <stringprep.h> #include <idna.h> #import "XMPPConnection.h" #import "XMPPStanza.h" #import "XMPPJID.h" #import "XMPPIQ.h" #import "XMPPExceptions.h" #define NS_BIND @"urn:ietf:params:xml:ns:xmpp-bind" #define NS_CLIENT @"jabber:client" | > > | 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 | #include <assert.h> #include <stringprep.h> #include <idna.h> #import "XMPPConnection.h" #import "XMPPSCRAMAuth.h" #import "XMPPPLAINAuth.h" #import "XMPPStanza.h" #import "XMPPJID.h" #import "XMPPIQ.h" #import "XMPPExceptions.h" #define NS_BIND @"urn:ietf:params:xml:ns:xmpp-bind" #define NS_CLIENT @"jabber:client" |
| ︙ | ︙ | |||
60 61 62 63 64 65 66 67 68 69 70 71 72 73 |
}
- (void)dealloc
{
[sock release];
[parser release];
[elementBuilder release];
[super dealloc];
}
- (void)setUsername: (OFString*)username_
{
OFString *old = username;
| > | 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 |
}
- (void)dealloc
{
[sock release];
[parser release];
[elementBuilder release];
[authModule release];
[super dealloc];
}
- (void)setUsername: (OFString*)username_
{
OFString *old = username;
|
| ︙ | ︙ | |||
219 220 221 222 223 224 225 | assert(0); } } parser.delegate = elementBuilder; } | | < < < < < < < < < < < < < < < | | | 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 |
assert(0);
}
}
parser.delegate = elementBuilder;
}
- (void)_sendAuth: (OFString*)name
{
OFXMLElement *authTag;
authTag = [OFXMLElement elementWithName: @"auth"
namespace: NS_SASL];
[authTag addAttributeWithName: @"mechanism"
stringValue: name];
[authTag addChild: [OFXMLElement elementWithCharacters:
[[authModule getClientFirstMessage] stringByBase64Encoding]]];
[self sendStanza: authTag];
}
- (void)_sendResourceBind
{
XMPPIQ *iq = [XMPPIQ IQWithType: @"set"
|
| ︙ | ︙ | |||
285 286 287 288 289 290 291 | namespace: NS_SASL]; OFXMLElement *bind = [elem elementsForName: @"bind" namespace: NS_BIND].firstObject; for (OFXMLElement *mech in [mechs.firstObject children]) [mechanisms addObject: [mech.children.firstObject stringValue]]; | | > > > > > > > > > | > | > > > > > > > > > > > > > > > > > > < < < | | > > > > > | 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 |
namespace: NS_SASL];
OFXMLElement *bind = [elem elementsForName: @"bind"
namespace: NS_BIND].firstObject;
for (OFXMLElement *mech in [mechs.firstObject children])
[mechanisms addObject: [mech.children.firstObject stringValue]];
if ([mechanisms containsObject: @"SCRAM-SHA-1"]) {
authModule = [[XMPPSCRAMAuth alloc]
initWithAuthcid: username
password: password
hash: [OFSHA1Hash class]];
[self _sendAuth: @"SCRAM-SHA-1"];
} else if ([mechanisms containsObject: @"PLAIN"]) {
authModule = [[XMPPPLAINAuth alloc]
initWithAuthcid: username
password: password];
[self _sendAuth: @"PLAIN"];
}
if (bind != nil)
[self _sendResourceBind];
}
- (void)elementBuilder: (OFXMLElementBuilder*)b
didBuildElement: (OFXMLElement*)elem
{
elem.defaultNamespace = NS_CLIENT;
[elem setPrefix: @"stream"
forNamespace: NS_STREAM];
if ([elem.name isEqual: @"features"] &&
[elem.namespace isEqual: NS_STREAM]) {
[self _handleFeatures: elem];
return;
}
if ([elem.namespace isEqual: NS_SASL]) {
if ([elem.name isEqual: @"challenge"]) {
OFXMLElement *responseTag;
OFDataArray *challenge =
[OFDataArray dataArrayWithBase64EncodedString:
[elem.children.firstObject stringValue]];
OFDataArray *response =
[authModule getResponseWithChallenge: challenge];
responseTag = [OFXMLElement elementWithName: @"response"
namespace: NS_SASL];
[responseTag
addChild: [OFXMLElement elementWithCharacters:
[response stringByBase64Encoding]]];
[self sendStanza: responseTag];
} else if ([elem.name isEqual: @"success"]) {
[authModule parseServerFinalMessage:
[OFDataArray dataArrayWithBase64EncodedString:
[elem.children.firstObject stringValue]]];
of_log(@"Auth successful");
/* Stream restart */
[mechanisms release];
mechanisms = [[OFMutableArray alloc] init];
parser.delegate = self;
[self _startStream];
} else if ([elem.name isEqual: @"failure"]) {
of_log(@"Auth failed!");
// FIXME: Do more parsing/handling
@throw [XMPPAuthFailedException
newWithClass: isa
connection: self
reason: [elem stringValue]];
}
}
if ([elem.name isEqual: @"iq"] &&
[elem.namespace isEqual: NS_CLIENT]) {
XMPPIQ *iq = [XMPPIQ stanzaWithElement: elem];
// FIXME: More checking!
|
| ︙ | ︙ |