diff options
author | Remko Tronçon <git@el-tramo.be> | 2009-11-20 22:53:40 (GMT) |
---|---|---|
committer | Remko Tronçon <git@el-tramo.be> | 2009-11-20 22:53:40 (GMT) |
commit | 4417a63a1acdf5f6e78655e8ae377bc24d5d8f02 (patch) | |
tree | 0c682fcc582a9f1181f436d5e5d98180fdf5387a | |
parent | 4e944a225d91ff4622e50186120ef0bbbb3a1d69 (diff) | |
download | swift-4417a63a1acdf5f6e78655e8ae377bc24d5d8f02.zip swift-4417a63a1acdf5f6e78655e8ae377bc24d5d8f02.tar.bz2 |
Implement SCRAM-SHA1.
Actually found out that I implemented the old RFC. Need to reimplement
SCRAM-SHA1 from scratch based on
http://tools.ietf.org/html/draft-ietf-sasl-scram-10
Disabling for now.
-rw-r--r-- | Swiften/Client/ClientSession.cpp | 19 | ||||
-rw-r--r-- | Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp | 2 |
2 files changed, 20 insertions, 1 deletions
diff --git a/Swiften/Client/ClientSession.cpp b/Swiften/Client/ClientSession.cpp index 06a7617..f4c4a22 100644 --- a/Swiften/Client/ClientSession.cpp +++ b/Swiften/Client/ClientSession.cpp @@ -10,10 +10,13 @@ #include "Swiften/Elements/AuthRequest.h" #include "Swiften/Elements/AuthSuccess.h" #include "Swiften/Elements/AuthFailure.h" +#include "Swiften/Elements/AuthChallenge.h" +#include "Swiften/Elements/AuthResponse.h" #include "Swiften/Elements/StartSession.h" #include "Swiften/Elements/IQ.h" #include "Swiften/Elements/ResourceBind.h" #include "Swiften/SASL/PLAINClientAuthenticator.h" +#include "Swiften/SASL/SCRAMSHA1ClientAuthenticator.h" #include "Swiften/Session/SessionStream.h" namespace Swift { @@ -77,6 +80,12 @@ void ClientSession::handleElement(boost::shared_ptr<Element> element) { finishSession(Error::TLSClientCertificateError); } } + /*else if (streamFeatures->hasAuthenticationMechanism("SCRAM-SHA-1")) { + // FIXME: Use a real nonce + authenticator = new SCRAMSHA1ClientAuthenticator(ByteArray("\x01\x02\x03\x04\x05\x06\x07\x08", 8)); + state = WaitingForCredentials; + onNeedCredentials(); + }*/ else if (streamFeatures->hasAuthenticationMechanism("PLAIN")) { authenticator = new PLAINClientAuthenticator(); state = WaitingForCredentials; @@ -111,6 +120,16 @@ void ClientSession::handleElement(boost::shared_ptr<Element> element) { } } } + else if (AuthChallenge* challenge = dynamic_cast<AuthChallenge*>(element.get())) { + checkState(Authenticating); + assert(authenticator); + if (authenticator->setChallenge(challenge->getValue())) { + stream->writeElement(boost::shared_ptr<AuthResponse>(new AuthResponse(authenticator->getResponse()))); + } + else { + finishSession(Error::AuthenticationFailedError); + } + } else if (dynamic_cast<AuthSuccess*>(element.get())) { checkState(Authenticating); state = WaitingForStreamStart; diff --git a/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp b/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp index 3109f56..f5c55c0 100644 --- a/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp +++ b/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp @@ -7,7 +7,7 @@ namespace Swift { -SCRAMSHA1ClientAuthenticator::SCRAMSHA1ClientAuthenticator(const ByteArray& nonce) : ClientAuthenticator("SCRAM-SHA1"), step(Initial), clientnonce(nonce) { +SCRAMSHA1ClientAuthenticator::SCRAMSHA1ClientAuthenticator(const ByteArray& nonce) : ClientAuthenticator("SCRAM-SHA-1"), step(Initial), clientnonce(nonce) { } ByteArray SCRAMSHA1ClientAuthenticator::getResponse() const { |