Swiftdiff options
| author | Remko Tronçon <git@el-tramo.be> | 2009-11-21 00:59:21 (GMT) |
|---|---|---|
| committer | Remko Tronçon <git@el-tramo.be> | 2009-11-21 01:01:05 (GMT) |
| commit | 2c8bfd7c49bd16bebbf0b89c01fce7817afab74f (patch) | |
| tree | 1a7c73d4aaf81a1e243ee6f50de0385e9e6a081f /Swiften/Client | |
| parent | fe007f1afdaf29c7ce0302da2984b5611503a822 (diff) | |
| download | swift-2c8bfd7c49bd16bebbf0b89c01fce7817afab74f.zip swift-2c8bfd7c49bd16bebbf0b89c01fce7817afab74f.tar.bz2 | |
Implemented SCRAM-SHA-1 for real now.
Still need to do some cleanup and polishing.
Diffstat (limited to 'Swiften/Client')
| -rw-r--r-- | Swiften/Client/ClientSession.cpp | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/Swiften/Client/ClientSession.cpp b/Swiften/Client/ClientSession.cpp index f4c4a22..fb80754 100644 --- a/Swiften/Client/ClientSession.cpp +++ b/Swiften/Client/ClientSession.cpp @@ -35,147 +35,148 @@ void ClientSession::start() { stream->onStreamStartReceived.connect(boost::bind(&ClientSession::handleStreamStart, shared_from_this(), _1)); stream->onElementReceived.connect(boost::bind(&ClientSession::handleElement, shared_from_this(), _1)); stream->onError.connect(boost::bind(&ClientSession::handleStreamError, shared_from_this(), _1)); stream->onTLSEncrypted.connect(boost::bind(&ClientSession::handleTLSEncrypted, shared_from_this())); assert(state == Initial); state = WaitingForStreamStart; sendStreamHeader(); } void ClientSession::sendStreamHeader() { ProtocolHeader header; header.setTo(getRemoteJID()); stream->writeHeader(header); } void ClientSession::sendElement(boost::shared_ptr<Element> element) { stream->writeElement(element); } void ClientSession::handleStreamStart(const ProtocolHeader&) { checkState(WaitingForStreamStart); state = Negotiating; } void ClientSession::handleElement(boost::shared_ptr<Element> element) { if (getState() == Initialized) { onElementReceived(element); } else if (StreamFeatures* streamFeatures = dynamic_cast<StreamFeatures*>(element.get())) { if (!checkState(Negotiating)) { return; } if (streamFeatures->hasStartTLS() && stream->supportsTLSEncryption()) { state = WaitingForEncrypt; stream->writeElement(boost::shared_ptr<StartTLSRequest>(new StartTLSRequest())); } else if (streamFeatures->hasAuthenticationMechanisms()) { if (stream->hasTLSCertificate()) { if (streamFeatures->hasAuthenticationMechanism("EXTERNAL")) { state = Authenticating; stream->writeElement(boost::shared_ptr<Element>(new AuthRequest("EXTERNAL", ""))); } else { finishSession(Error::TLSClientCertificateError); } } - /*else if (streamFeatures->hasAuthenticationMechanism("SCRAM-SHA-1")) { + else if (streamFeatures->hasAuthenticationMechanism("SCRAM-SHA-1")) { // FIXME: Use a real nonce - authenticator = new SCRAMSHA1ClientAuthenticator(ByteArray("\x01\x02\x03\x04\x05\x06\x07\x08", 8)); + authenticator = new SCRAMSHA1ClientAuthenticator("ClientNonce"); state = WaitingForCredentials; onNeedCredentials(); - }*/ + } else if (streamFeatures->hasAuthenticationMechanism("PLAIN")) { authenticator = new PLAINClientAuthenticator(); state = WaitingForCredentials; onNeedCredentials(); } else { finishSession(Error::NoSupportedAuthMechanismsError); } } else { // Start the session stream->setWhitespacePingEnabled(true); if (streamFeatures->hasSession()) { needSessionStart = true; } if (streamFeatures->hasResourceBind()) { state = BindingResource; boost::shared_ptr<ResourceBind> resourceBind(new ResourceBind()); if (!localJID.getResource().isEmpty()) { resourceBind->setResource(localJID.getResource()); } stream->writeElement(IQ::createRequest(IQ::Set, JID(), "session-bind", resourceBind)); } else if (needSessionStart) { sendSessionStart(); } else { state = Initialized; onInitialized(); } } } else if (AuthChallenge* challenge = dynamic_cast<AuthChallenge*>(element.get())) { checkState(Authenticating); assert(authenticator); if (authenticator->setChallenge(challenge->getValue())) { stream->writeElement(boost::shared_ptr<AuthResponse>(new AuthResponse(authenticator->getResponse()))); } else { finishSession(Error::AuthenticationFailedError); } } else if (dynamic_cast<AuthSuccess*>(element.get())) { + // TODO: Check success data with authenticator checkState(Authenticating); state = WaitingForStreamStart; delete authenticator; authenticator = NULL; stream->resetXMPPParser(); sendStreamHeader(); } else if (dynamic_cast<AuthFailure*>(element.get())) { delete authenticator; authenticator = NULL; finishSession(Error::AuthenticationFailedError); } else if (dynamic_cast<TLSProceed*>(element.get())) { checkState(WaitingForEncrypt); state = Encrypting; stream->addTLSEncryption(); } else if (dynamic_cast<StartTLSFailure*>(element.get())) { finishSession(Error::TLSError); } else if (IQ* iq = dynamic_cast<IQ*>(element.get())) { if (state == BindingResource) { boost::shared_ptr<ResourceBind> resourceBind(iq->getPayload<ResourceBind>()); if (iq->getType() == IQ::Error && iq->getID() == "session-bind") { finishSession(Error::ResourceBindError); } else if (!resourceBind) { finishSession(Error::UnexpectedElementError); } else if (iq->getType() == IQ::Result) { localJID = resourceBind->getJID(); if (!localJID.isValid()) { finishSession(Error::ResourceBindError); } if (needSessionStart) { sendSessionStart(); } else { state = Initialized; } } else { finishSession(Error::UnexpectedElementError); } } else if (state == StartingSession) { if (iq->getType() == IQ::Result) { state = Initialized; |