Swift
summaryrefslogtreecommitdiffstats
path: root/Swiften/Client/ClientSession.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'Swiften/Client/ClientSession.cpp')
-rw-r--r--Swiften/Client/ClientSession.cpp13
1 files changed, 12 insertions, 1 deletions
diff --git a/Swiften/Client/ClientSession.cpp b/Swiften/Client/ClientSession.cpp
index bfc9313..81fcf57 100644
--- a/Swiften/Client/ClientSession.cpp
+++ b/Swiften/Client/ClientSession.cpp
@@ -6,18 +6,20 @@
#include <Swiften/Client/ClientSession.h>
#include <boost/bind.hpp>
#include <boost/uuid/uuid.hpp>
#include <boost/uuid/uuid_io.hpp>
#include <boost/uuid/uuid_generators.hpp>
#include <boost/smart_ptr/make_shared.hpp>
+#include <Swiften/Base/Platform.h>
+#include <Swiften/Base/Log.h>
#include <Swiften/Elements/ProtocolHeader.h>
#include <Swiften/Elements/StreamFeatures.h>
#include <Swiften/Elements/StreamError.h>
#include <Swiften/Elements/StartTLSRequest.h>
#include <Swiften/Elements/StartTLSFailure.h>
#include <Swiften/Elements/TLSProceed.h>
#include <Swiften/Elements/AuthRequest.h>
#include <Swiften/Elements/AuthSuccess.h>
#include <Swiften/Elements/AuthFailure.h>
@@ -35,36 +37,45 @@
#include <Swiften/Elements/IQ.h>
#include <Swiften/Elements/ResourceBind.h>
#include <Swiften/SASL/PLAINClientAuthenticator.h>
#include <Swiften/SASL/SCRAMSHA1ClientAuthenticator.h>
#include <Swiften/SASL/DIGESTMD5ClientAuthenticator.h>
#include <Swiften/Session/SessionStream.h>
#include <Swiften/TLS/CertificateTrustChecker.h>
#include <Swiften/TLS/ServerIdentityVerifier.h>
+#ifdef SWIFTEN_PLATFORM_WIN32
+#include <Swiften/Base/WindowsRegistry.h>
+#endif
+
namespace Swift {
ClientSession::ClientSession(
const JID& jid,
boost::shared_ptr<SessionStream> stream) :
localJID(jid),
state(Initial),
stream(stream),
allowPLAINOverNonTLS(false),
useStreamCompression(true),
useTLS(UseTLSWhenAvailable),
useAcks(true),
needSessionStart(false),
needResourceBind(false),
needAcking(false),
rosterVersioningSupported(false),
authenticator(NULL),
certificateTrustChecker(NULL) {
+#ifdef SWIFTEN_PLATFORM_WIN32
+if (WindowsRegistry::isFIPSEnabled()) {
+ SWIFT_LOG("info") << "Windows is running in FIPS-140 mode. Some authentication methods will be unavailable." << std::endl;
+}
+#endif
}
ClientSession::~ClientSession() {
}
void ClientSession::start() {
stream->onStreamStartReceived.connect(boost::bind(&ClientSession::handleStreamStart, shared_from_this(), _1));
stream->onElementReceived.connect(boost::bind(&ClientSession::handleElement, shared_from_this(), _1));
stream->onClosed.connect(boost::bind(&ClientSession::handleStreamClosed, shared_from_this(), _1));
@@ -215,19 +226,19 @@ void ClientSession::handleElement(boost::shared_ptr<Element> element) {
authenticator = scramAuthenticator;
state = WaitingForCredentials;
onNeedCredentials();
}
else if ((stream->isTLSEncrypted() || allowPLAINOverNonTLS) && streamFeatures->hasAuthenticationMechanism("PLAIN")) {
authenticator = new PLAINClientAuthenticator();
state = WaitingForCredentials;
onNeedCredentials();
}
- else if (streamFeatures->hasAuthenticationMechanism("DIGEST-MD5")) {
+ else if (streamFeatures->hasAuthenticationMechanism("DIGEST-MD5") && DIGESTMD5ClientAuthenticator::canBeUsed()) {
std::ostringstream s;
s << boost::uuids::random_generator()();
// FIXME: Host should probably be the actual host
authenticator = new DIGESTMD5ClientAuthenticator(localJID.getDomain(), s.str());
state = WaitingForCredentials;
onNeedCredentials();
}
else {
finishSession(Error::NoSupportedAuthMechanismsError);