Swift
summaryrefslogtreecommitdiffstats
path: root/Swiften/SASL
diff options
context:
space:
mode:
Diffstat (limited to 'Swiften/SASL')
-rw-r--r--Swiften/SASL/EXTERNALClientAuthenticator.cpp8
-rw-r--r--Swiften/SASL/SConscript1
-rw-r--r--Swiften/SASL/UnitTest/EXTERNALClientAuthenticatorTest.cpp47
-rw-r--r--Swiften/SASL/UnitTest/WindowsServicePrincipalNameTest.cpp10
-rw-r--r--Swiften/SASL/WindowsAuthentication.cpp34
-rw-r--r--Swiften/SASL/WindowsGSSAPIClientAuthenticator.cpp24
-rw-r--r--Swiften/SASL/WindowsServicePrincipalName.cpp20
-rw-r--r--Swiften/SASL/WindowsServicePrincipalName.h4
8 files changed, 101 insertions, 47 deletions
diff --git a/Swiften/SASL/EXTERNALClientAuthenticator.cpp b/Swiften/SASL/EXTERNALClientAuthenticator.cpp
index 546140f..027bc89 100644
--- a/Swiften/SASL/EXTERNALClientAuthenticator.cpp
+++ b/Swiften/SASL/EXTERNALClientAuthenticator.cpp
@@ -12,7 +12,13 @@ EXTERNALClientAuthenticator::EXTERNALClientAuthenticator() : ClientAuthenticator
}
boost::optional<SafeByteArray> EXTERNALClientAuthenticator::getResponse() const {
- return boost::optional<SafeByteArray>();
+ const std::string& authorizationID = getAuthorizationID();
+
+ if (authorizationID.empty()) {
+ return boost::optional<SafeByteArray>();
+ } else {
+ return createSafeByteArray(authorizationID);
+ }
}
bool EXTERNALClientAuthenticator::setChallenge(const boost::optional<ByteArray>&) {
diff --git a/Swiften/SASL/SConscript b/Swiften/SASL/SConscript
index 6aa3e72..8a248cc 100644
--- a/Swiften/SASL/SConscript
+++ b/Swiften/SASL/SConscript
@@ -23,6 +23,7 @@ swiften_env.Append(SWIFTEN_OBJECTS = [objects])
env.Append(UNITTEST_SOURCES = [
File("UnitTest/PLAINMessageTest.cpp"),
File("UnitTest/PLAINClientAuthenticatorTest.cpp"),
+ File("UnitTest/EXTERNALClientAuthenticatorTest.cpp"),
File("UnitTest/SCRAMSHA1ClientAuthenticatorTest.cpp"),
File("UnitTest/DIGESTMD5PropertiesTest.cpp"),
File("UnitTest/DIGESTMD5ClientAuthenticatorTest.cpp"),
diff --git a/Swiften/SASL/UnitTest/EXTERNALClientAuthenticatorTest.cpp b/Swiften/SASL/UnitTest/EXTERNALClientAuthenticatorTest.cpp
new file mode 100644
index 0000000..728eed6
--- /dev/null
+++ b/Swiften/SASL/UnitTest/EXTERNALClientAuthenticatorTest.cpp
@@ -0,0 +1,47 @@
+/*
+ * Copyright (c) 2017 Isode Limited.
+ * All rights reserved.
+ * See the COPYING file for more information.
+ */
+
+#include <QA/Checker/IO.h>
+
+#include <cppunit/extensions/HelperMacros.h>
+#include <cppunit/extensions/TestFactoryRegistry.h>
+
+#include <Swiften/SASL/EXTERNALClientAuthenticator.h>
+
+using namespace Swift;
+
+class EXTERNALClientAuthenticatorTest : public CppUnit::TestFixture {
+ CPPUNIT_TEST_SUITE(EXTERNALClientAuthenticatorTest);
+ CPPUNIT_TEST(testGetResponse_WithoutAuthzID);
+ CPPUNIT_TEST(testGetResponse_WithAuthzID);
+ CPPUNIT_TEST_SUITE_END();
+
+ public:
+ void testGetResponse_WithoutAuthzID() {
+ EXTERNALClientAuthenticator testling;
+
+ // Authcid and password are not used (ignored)
+ testling.setCredentials("user", createSafeByteArray("pass"));
+
+ boost::optional<SafeByteArray> response = testling.getResponse();
+
+ // No data should have been returned
+ bool result = !response;
+
+ CPPUNIT_ASSERT(result);
+ }
+
+ void testGetResponse_WithAuthzID() {
+ EXTERNALClientAuthenticator testling;
+
+ // Authcid and password are not used (ignored)
+ testling.setCredentials("user", createSafeByteArray("pass"), "authz");
+
+ CPPUNIT_ASSERT_EQUAL(*testling.getResponse(), createSafeByteArray("authz", 5));
+ }
+};
+
+CPPUNIT_TEST_SUITE_REGISTRATION(EXTERNALClientAuthenticatorTest);
diff --git a/Swiften/SASL/UnitTest/WindowsServicePrincipalNameTest.cpp b/Swiften/SASL/UnitTest/WindowsServicePrincipalNameTest.cpp
index fa07052..ef3a9b3 100644
--- a/Swiften/SASL/UnitTest/WindowsServicePrincipalNameTest.cpp
+++ b/Swiften/SASL/UnitTest/WindowsServicePrincipalNameTest.cpp
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015 Isode Limited.
+ * Copyright (c) 2015-2018 Isode Limited.
* All rights reserved.
* See the COPYING file for more information.
*/
@@ -97,16 +97,16 @@ class WindowsServicePrincipalNameTest : public CppUnit::TestFixture {
WindowsServicePrincipalName spn("adlon.isode.net");
spn.setInstanceName("mlink.adlon.isode.net");
- spn.setInstancePort(6222);
- CPPUNIT_ASSERT_EQUAL(spn.toString(), std::string("xmpp/mlink.adlon.isode.net:6222/adlon.isode.net"));
+ spn.setInstancePort(55222);
+ CPPUNIT_ASSERT_EQUAL(spn.toString(), std::string("xmpp/mlink.adlon.isode.net:55222/adlon.isode.net"));
spn.setInstancePort(0);
CPPUNIT_ASSERT_EQUAL(spn.toString(), std::string("xmpp/mlink.adlon.isode.net/adlon.isode.net"));
WindowsServicePrincipalName spn2("mlink.adlon.isode.net");
- spn2.setInstancePort(6222);
- CPPUNIT_ASSERT_EQUAL(spn2.toString(), std::string("xmpp/mlink.adlon.isode.net:6222"));
+ spn2.setInstancePort(55222);
+ CPPUNIT_ASSERT_EQUAL(spn2.toString(), std::string("xmpp/mlink.adlon.isode.net:55222"));
spn2.setInstancePort(0);
CPPUNIT_ASSERT_EQUAL(spn2.toString(), std::string("xmpp/mlink.adlon.isode.net"));
diff --git a/Swiften/SASL/WindowsAuthentication.cpp b/Swiften/SASL/WindowsAuthentication.cpp
index b86381b..f951fac 100644
--- a/Swiften/SASL/WindowsAuthentication.cpp
+++ b/Swiften/SASL/WindowsAuthentication.cpp
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2016 Isode Limited.
+ * Copyright (c) 2015-2019 Isode Limited.
* All rights reserved.
* See the COPYING file for more information.
*/
@@ -16,14 +16,14 @@
#define ASSIGN_ERROR(status, errorCode) \
{ \
errorCode = std::make_shared<boost::system::error_code>(status, boost::system::system_category()); \
- SWIFT_LOG(debug) << std::hex << "status: 0x" << status << ": " << errorCode->message() << std::endl; \
+ SWIFT_LOG(debug) << std::hex << "status: 0x" << status << ": " << errorCode->message(); \
}
#define ASSIGN_SEC_ERROR(status, errorCode) \
{ \
if (status == SEC_E_OK) \
{ \
- SWIFT_LOG(debug) << "success" << std::endl; \
+ SWIFT_LOG(debug) << "success"; \
} \
else { \
ASSIGN_ERROR(status, errorCode); \
@@ -46,14 +46,14 @@ std::shared_ptr<boost::system::error_code> getUserNameEx(std::string& userName,
std::size_t position;
userName = convertWStringToString(std::wstring(vecptr(value), length));
- SWIFT_LOG(debug) << "User Name: " << userName << std::endl;
+ SWIFT_LOG(debug) << "User Name: " << userName;
position = userName.find("\\");
clientName = userName.substr(position + 1);
- SWIFT_LOG(debug) << "Client name: " << clientName << std::endl;
+ SWIFT_LOG(debug) << "Client name: " << clientName;
serverName = userName.substr(0, position);
- SWIFT_LOG(debug) << "Server name: " << serverName << std::endl;
+ SWIFT_LOG(debug) << "Server name: " << serverName;
break;
}
@@ -161,7 +161,7 @@ std::shared_ptr<boost::system::error_code> initializeSecurityContext(const boost
}
if ((status == SEC_E_OK) || (status == SEC_I_COMPLETE_AND_CONTINUE) || (status == SEC_I_COMPLETE_NEEDED) || (status == SEC_I_CONTINUE_NEEDED)) {
outputToken = createSafeByteArray (static_cast<unsigned char *>(outputTokenBuffer.pvBuffer), outputTokenBuffer.cbBuffer);
- SWIFT_LOG(debug) << "outputToken.size(): " << outputToken.size() << std::endl;
+ SWIFT_LOG(debug) << "outputToken.size(): " << outputToken.size();
freeContextBuffer(outputTokenBuffer.pvBuffer);
return std::shared_ptr<boost::system::error_code>(); /* success */
@@ -229,7 +229,7 @@ std::shared_ptr<boost::system::error_code> decryptMessage(const PCtxtHandle cont
messageBuffer[1].cbBuffer = 0;
messageBuffer[1].pvBuffer = NULL;
- SWIFT_LOG(debug) << "inputMessage.size(): " << inputMessage.size() << std::endl;
+ SWIFT_LOG(debug) << "inputMessage.size(): " << inputMessage.size();
status = DecryptMessage(
contextHandle,
@@ -239,13 +239,13 @@ std::shared_ptr<boost::system::error_code> decryptMessage(const PCtxtHandle cont
ASSIGN_SEC_ERROR(status, errorCode);
if (status == SEC_E_OK) {
if (qualityOfProtection == SECQOP_WRAP_NO_ENCRYPT) {
- SWIFT_LOG(debug) << "Message was signed only" << std::endl;
+ SWIFT_LOG(debug) << "Message was signed only";
}
else {
- SWIFT_LOG(debug) << "Message was encrypted" << std::endl;
+ SWIFT_LOG(debug) << "Message was encrypted";
}
- SWIFT_LOG(debug) << "messageBuffer[1].cbBuffer: " << messageBuffer[1].cbBuffer << std::endl;
+ SWIFT_LOG(debug) << "messageBuffer[1].cbBuffer: " << messageBuffer[1].cbBuffer;
decrypted = createSafeByteArray (static_cast<unsigned char *>(messageBuffer[1].pvBuffer), messageBuffer[1].cbBuffer);
}
@@ -281,9 +281,9 @@ std::shared_ptr<boost::system::error_code> encryptMessage(const PCtxtHandle cont
messageBuffer[2].cbBuffer = sizes.cbBlockSize;
messageBuffer[2].pvBuffer = vecptr(blockSize);
- SWIFT_LOG(debug) << "sizes.cbSecurityTrailer: " << sizes.cbSecurityTrailer << std::endl;
- SWIFT_LOG(debug) << "inputMessage.size(): " << inputMessage.size() << std::endl;
- SWIFT_LOG(debug) << "sizes.cbBlockSize: " << sizes.cbBlockSize << std::endl;
+ SWIFT_LOG(debug) << "sizes.cbSecurityTrailer: " << sizes.cbSecurityTrailer;
+ SWIFT_LOG(debug) << "inputMessage.size(): " << inputMessage.size();
+ SWIFT_LOG(debug) << "sizes.cbBlockSize: " << sizes.cbBlockSize;
status = EncryptMessage(
contextHandle,
@@ -294,9 +294,9 @@ std::shared_ptr<boost::system::error_code> encryptMessage(const PCtxtHandle cont
if (status == SEC_E_OK) {
unsigned char* pointer;
- SWIFT_LOG(debug) << "messageBuffer[0].cbBuffer: " << messageBuffer[0].cbBuffer << std::endl;
- SWIFT_LOG(debug) << "messageBuffer[1].cbBuffer: " << messageBuffer[1].cbBuffer << std::endl;
- SWIFT_LOG(debug) << "messageBuffer[2].cbBuffer: " << messageBuffer[2].cbBuffer << std::endl;
+ SWIFT_LOG(debug) << "messageBuffer[0].cbBuffer: " << messageBuffer[0].cbBuffer;
+ SWIFT_LOG(debug) << "messageBuffer[1].cbBuffer: " << messageBuffer[1].cbBuffer;
+ SWIFT_LOG(debug) << "messageBuffer[2].cbBuffer: " << messageBuffer[2].cbBuffer;
output.resize(messageBuffer[0].cbBuffer + messageBuffer[1].cbBuffer + messageBuffer[2].cbBuffer);
pointer = vecptr(output);
diff --git a/Swiften/SASL/WindowsGSSAPIClientAuthenticator.cpp b/Swiften/SASL/WindowsGSSAPIClientAuthenticator.cpp
index aae437f..10e8c89 100644
--- a/Swiften/SASL/WindowsGSSAPIClientAuthenticator.cpp
+++ b/Swiften/SASL/WindowsGSSAPIClientAuthenticator.cpp
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2016 Isode Limited.
+ * Copyright (c) 2015-2019 Isode Limited.
* All rights reserved.
* See the COPYING file for more information.
*/
@@ -44,7 +44,7 @@ WindowsGSSAPIClientAuthenticator::~WindowsGSSAPIClientAuthenticator() {
}
boost::optional<SafeByteArray> WindowsGSSAPIClientAuthenticator::getResponse() const {
- SWIFT_LOG(debug) << "response_.size(): " << response_.size() << std::endl;
+ SWIFT_LOG(debug) << "response_.size(): " << response_.size();
return response_;
}
@@ -56,7 +56,7 @@ bool WindowsGSSAPIClientAuthenticator::setChallenge(const boost::optional<ByteAr
}
else if (step_ == SecurityLayerNegotiation) {
if (!challengeData) {
- SWIFT_LOG(debug) << "Empty message received from the server" << std::endl;
+ SWIFT_LOG(debug) << "Empty message received from the server";
error_ = true;
return false;
}
@@ -68,7 +68,7 @@ bool WindowsGSSAPIClientAuthenticator::setChallenge(const boost::optional<ByteAr
}
if (challenge.size() != 4) {
- SWIFT_LOG(debug) << "Token received from the server of incorrect length: " << challenge.size() << std::endl;
+ SWIFT_LOG(debug) << "Token received from the server of incorrect length: " << challenge.size();
error_ = true;
return false;
}
@@ -77,14 +77,14 @@ bool WindowsGSSAPIClientAuthenticator::setChallenge(const boost::optional<ByteAr
unsigned char serverSecurityLayer = challengePointer[0];
if (serverSecurityLayer == 0) {
- SWIFT_LOG(debug) << "Server supports unknown security layer, assuming no security layer" << std::endl;
+ SWIFT_LOG(debug) << "Server supports unknown security layer, assuming no security layer";
serverSecurityLayer = SECURITY_LAYER_NONE;
}
else if (serverSecurityLayer == SECURITY_LAYER_NONE) {
- SWIFT_LOG(debug) << "Server supports no security layer" << std::endl;
+ SWIFT_LOG(debug) << "Server supports no security layer";
}
else {
- SWIFT_LOG(debug) << "Server supports security layer" << std::endl;
+ SWIFT_LOG(debug) << "Server supports security layer";
}
unsigned int serverMaximumBuffer = (challengePointer[1] << 16) |
@@ -92,7 +92,7 @@ bool WindowsGSSAPIClientAuthenticator::setChallenge(const boost::optional<ByteAr
(challengePointer[3] << 0);
if ((serverSecurityLayer == SECURITY_LAYER_NONE) && (serverMaximumBuffer != 0)) {
- SWIFT_LOG(debug) << "Server supports no security layer but has maximum buffer size" << serverMaximumBuffer << std::endl;
+ SWIFT_LOG(debug) << "Server supports no security layer but has maximum buffer size" << serverMaximumBuffer;
error_ = true;
return false;
}
@@ -158,7 +158,7 @@ void WindowsGSSAPIClientAuthenticator::buildSecurityContext(const boost::optiona
}
if (contextSupported & ISC_REQ_MUTUAL_AUTH == 0) {
- SWIFT_LOG(debug) << "Mutual authentication not supported" << std::endl;
+ SWIFT_LOG(debug) << "Mutual authentication not supported";
error_ = true;
return;
}
@@ -181,14 +181,14 @@ void WindowsGSSAPIClientAuthenticator::buildSecurityContext(const boost::optiona
}
userName_ = names.sUserName;
- SWIFT_LOG(debug) << "User name: " << userName_ << std::endl;
+ SWIFT_LOG(debug) << "User name: " << userName_;
std::size_t position = userName_.find("\\");
clientName_ = userName_.substr(position + 1);
- SWIFT_LOG(debug) << "Client name: " << clientName_ << std::endl;
+ SWIFT_LOG(debug) << "Client name: " << clientName_;
serverName_ = userName_.substr(0, position);
- SWIFT_LOG(debug) << "Server name: " << serverName_ << std::endl;
+ SWIFT_LOG(debug) << "Server name: " << serverName_;
freeContextBuffer(names.sUserName);
step_ = SecurityLayerNegotiation;
diff --git a/Swiften/SASL/WindowsServicePrincipalName.cpp b/Swiften/SASL/WindowsServicePrincipalName.cpp
index 419395c..6c87925 100644
--- a/Swiften/SASL/WindowsServicePrincipalName.cpp
+++ b/Swiften/SASL/WindowsServicePrincipalName.cpp
@@ -64,7 +64,7 @@ std::string WindowsServicePrincipalName::toString() {
firstCall = false;
}
- SWIFT_LOG(debug) << "SPN: " << str << std::endl;
+ SWIFT_LOG(debug) << "SPN: " << str;
return str;
}
@@ -72,17 +72,17 @@ DWORD WindowsServicePrincipalName::dsMakeSpn(DWORD* length, wchar_t* value) {
DWORD status;
#ifdef UNICODE
- SWIFT_LOG(debug) << "UNICODE is defined" << std::endl;
+ SWIFT_LOG(debug) << "UNICODE is defined";
#else
- SWIFT_LOG(debug) << "UNICODE is not defined" << std::endl;
+ SWIFT_LOG(debug) << "UNICODE is not defined";
#endif
- SWIFT_LOG(debug) << "serviceClass_: " << convertWStringToString(serviceClass_.c_str()) << std::endl;
- SWIFT_LOG(debug) << "serviceName_: " << convertWStringToString(serviceName_.c_str()) << std::endl;
- SWIFT_LOG(debug) << "instanceName_: " << convertWStringToString(instanceName_.c_str()) << std::endl;
- SWIFT_LOG(debug) << "referrer_: " << convertWStringToString(referrer_.c_str()) << std::endl;
- SWIFT_LOG(debug) << "instancePort_: " << instancePort_ << std::endl;
- SWIFT_LOG(debug) << "length: " << *length << std::endl;
+ SWIFT_LOG(debug) << "serviceClass_: " << convertWStringToString(serviceClass_.c_str());
+ SWIFT_LOG(debug) << "serviceName_: " << convertWStringToString(serviceName_.c_str());
+ SWIFT_LOG(debug) << "instanceName_: " << convertWStringToString(instanceName_.c_str());
+ SWIFT_LOG(debug) << "referrer_: " << convertWStringToString(referrer_.c_str());
+ SWIFT_LOG(debug) << "instancePort_: " << instancePort_;
+ SWIFT_LOG(debug) << "length: " << *length;
/* Call the Unicode function because that is recommended:
https://msdn.microsoft.com/en-us/library/windows/desktop/ff381407%28v=vs.85%29.aspx */
@@ -97,7 +97,7 @@ https://msdn.microsoft.com/en-us/library/windows/desktop/ff381407%28v=vs.85%29.a
if (status != ERROR_SUCCESS) {
boost::system::error_code errorCode(status, boost::system::system_category());
- SWIFT_LOG(debug) << std::hex << "status: 0x" << status << ": " << errorCode.message() << std::endl;
+ SWIFT_LOG(debug) << std::hex << "status: 0x" << status << ": " << errorCode.message();
}
return status;
diff --git a/Swiften/SASL/WindowsServicePrincipalName.h b/Swiften/SASL/WindowsServicePrincipalName.h
index 4c9f557..2e4e5c4 100644
--- a/Swiften/SASL/WindowsServicePrincipalName.h
+++ b/Swiften/SASL/WindowsServicePrincipalName.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015 Isode Limited.
+ * Copyright (c) 2015-2018 Isode Limited.
* All rights reserved.
* See the COPYING file for more information.
*/
@@ -49,7 +49,7 @@ namespace Swift {
* it remain 0 to indicate that the default port is
* used.
*/
- void setInstancePort(short int instancePort) { instancePort_ = instancePort; }
+ void setInstancePort(unsigned short instancePort) { instancePort_ = instancePort; }
/*
* This follows the rules of SPN creation on Windows and