Swift
summaryrefslogtreecommitdiffstats
path: root/Swiften/Client
diff options
context:
space:
mode:
Diffstat (limited to 'Swiften/Client')
-rw-r--r--Swiften/Client/ClientSession.cpp7
-rw-r--r--Swiften/Client/UnitTest/ClientSessionTest.cpp4
2 files changed, 9 insertions, 2 deletions
diff --git a/Swiften/Client/ClientSession.cpp b/Swiften/Client/ClientSession.cpp
index 0398012..d4cf065 100644
--- a/Swiften/Client/ClientSession.cpp
+++ b/Swiften/Client/ClientSession.cpp
@@ -191,10 +191,13 @@ void ClientSession::handleElement(boost::shared_ptr<Element> element) {
state = Authenticating;
stream->writeElement(boost::shared_ptr<Element>(new AuthRequest("EXTERNAL", "")));
}
- else if (streamFeatures->hasAuthenticationMechanism("SCRAM-SHA-1")) {
+ else if (streamFeatures->hasAuthenticationMechanism("SCRAM-SHA-1") || streamFeatures->hasAuthenticationMechanism("SCRAM-SHA-1-PLUS")) {
std::ostringstream s;
s << boost::uuids::random_generator()();
- SCRAMSHA1ClientAuthenticator* scramAuthenticator = new SCRAMSHA1ClientAuthenticator(s.str(), false);
+ SCRAMSHA1ClientAuthenticator* scramAuthenticator = new SCRAMSHA1ClientAuthenticator(s.str(), streamFeatures->hasAuthenticationMechanism("SCRAM-SHA-1-PLUS"));
+ if (stream->isTLSEncrypted()) {
+ scramAuthenticator->setTLSChannelBindingData(stream->getTLSFinishMessage());
+ }
authenticator = scramAuthenticator;
state = WaitingForCredentials;
onNeedCredentials();
diff --git a/Swiften/Client/UnitTest/ClientSessionTest.cpp b/Swiften/Client/UnitTest/ClientSessionTest.cpp
index dbed9aa..358e308 100644
--- a/Swiften/Client/UnitTest/ClientSessionTest.cpp
+++ b/Swiften/Client/UnitTest/ClientSessionTest.cpp
@@ -324,6 +324,10 @@ class ClientSessionTest : public CppUnit::TestFixture {
return tlsEncrypted;
}
+ virtual ByteArray getTLSFinishMessage() const {
+ return ByteArray();
+ }
+
virtual Certificate::ref getPeerCertificate() const {
return Certificate::ref(new SimpleCertificate());
}