summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRemko Tronçon <git@el-tramo.be>2009-11-20 22:53:40 (GMT)
committerRemko Tronçon <git@el-tramo.be>2009-11-20 22:53:40 (GMT)
commit4417a63a1acdf5f6e78655e8ae377bc24d5d8f02 (patch)
tree0c682fcc582a9f1181f436d5e5d98180fdf5387a
parent4e944a225d91ff4622e50186120ef0bbbb3a1d69 (diff)
downloadswift-4417a63a1acdf5f6e78655e8ae377bc24d5d8f02.zip
swift-4417a63a1acdf5f6e78655e8ae377bc24d5d8f02.tar.bz2
Implement SCRAM-SHA1.
Actually found out that I implemented the old RFC. Need to reimplement SCRAM-SHA1 from scratch based on http://tools.ietf.org/html/draft-ietf-sasl-scram-10 Disabling for now.
-rw-r--r--Swiften/Client/ClientSession.cpp19
-rw-r--r--Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp2
2 files changed, 20 insertions, 1 deletions
diff --git a/Swiften/Client/ClientSession.cpp b/Swiften/Client/ClientSession.cpp
index 06a7617..f4c4a22 100644
--- a/Swiften/Client/ClientSession.cpp
+++ b/Swiften/Client/ClientSession.cpp
@@ -10,10 +10,13 @@
#include "Swiften/Elements/AuthRequest.h"
#include "Swiften/Elements/AuthSuccess.h"
#include "Swiften/Elements/AuthFailure.h"
+#include "Swiften/Elements/AuthChallenge.h"
+#include "Swiften/Elements/AuthResponse.h"
#include "Swiften/Elements/StartSession.h"
#include "Swiften/Elements/IQ.h"
#include "Swiften/Elements/ResourceBind.h"
#include "Swiften/SASL/PLAINClientAuthenticator.h"
+#include "Swiften/SASL/SCRAMSHA1ClientAuthenticator.h"
#include "Swiften/Session/SessionStream.h"
namespace Swift {
@@ -77,6 +80,12 @@ void ClientSession::handleElement(boost::shared_ptr<Element> element) {
finishSession(Error::TLSClientCertificateError);
}
}
+ /*else if (streamFeatures->hasAuthenticationMechanism("SCRAM-SHA-1")) {
+ // FIXME: Use a real nonce
+ authenticator = new SCRAMSHA1ClientAuthenticator(ByteArray("\x01\x02\x03\x04\x05\x06\x07\x08", 8));
+ state = WaitingForCredentials;
+ onNeedCredentials();
+ }*/
else if (streamFeatures->hasAuthenticationMechanism("PLAIN")) {
authenticator = new PLAINClientAuthenticator();
state = WaitingForCredentials;
@@ -111,6 +120,16 @@ void ClientSession::handleElement(boost::shared_ptr<Element> element) {
}
}
}
+ else if (AuthChallenge* challenge = dynamic_cast<AuthChallenge*>(element.get())) {
+ checkState(Authenticating);
+ assert(authenticator);
+ if (authenticator->setChallenge(challenge->getValue())) {
+ stream->writeElement(boost::shared_ptr<AuthResponse>(new AuthResponse(authenticator->getResponse())));
+ }
+ else {
+ finishSession(Error::AuthenticationFailedError);
+ }
+ }
else if (dynamic_cast<AuthSuccess*>(element.get())) {
checkState(Authenticating);
state = WaitingForStreamStart;
diff --git a/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp b/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp
index 3109f56..f5c55c0 100644
--- a/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp
+++ b/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp
@@ -7,7 +7,7 @@
namespace Swift {
-SCRAMSHA1ClientAuthenticator::SCRAMSHA1ClientAuthenticator(const ByteArray& nonce) : ClientAuthenticator("SCRAM-SHA1"), step(Initial), clientnonce(nonce) {
+SCRAMSHA1ClientAuthenticator::SCRAMSHA1ClientAuthenticator(const ByteArray& nonce) : ClientAuthenticator("SCRAM-SHA-1"), step(Initial), clientnonce(nonce) {
}
ByteArray SCRAMSHA1ClientAuthenticator::getResponse() const {