From 4417a63a1acdf5f6e78655e8ae377bc24d5d8f02 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Remko=20Tron=C3=A7on?= <git@el-tramo.be>
Date: Fri, 20 Nov 2009 23:53:40 +0100
Subject: Implement SCRAM-SHA1.

Actually found out that I implemented the old RFC. Need to reimplement
SCRAM-SHA1 from scratch based on
	http://tools.ietf.org/html/draft-ietf-sasl-scram-10
Disabling for now.

diff --git a/Swiften/Client/ClientSession.cpp b/Swiften/Client/ClientSession.cpp
index 06a7617..f4c4a22 100644
--- a/Swiften/Client/ClientSession.cpp
+++ b/Swiften/Client/ClientSession.cpp
@@ -10,10 +10,13 @@
 #include "Swiften/Elements/AuthRequest.h"
 #include "Swiften/Elements/AuthSuccess.h"
 #include "Swiften/Elements/AuthFailure.h"
+#include "Swiften/Elements/AuthChallenge.h"
+#include "Swiften/Elements/AuthResponse.h"
 #include "Swiften/Elements/StartSession.h"
 #include "Swiften/Elements/IQ.h"
 #include "Swiften/Elements/ResourceBind.h"
 #include "Swiften/SASL/PLAINClientAuthenticator.h"
+#include "Swiften/SASL/SCRAMSHA1ClientAuthenticator.h"
 #include "Swiften/Session/SessionStream.h"
 
 namespace Swift {
@@ -77,6 +80,12 @@ void ClientSession::handleElement(boost::shared_ptr<Element> element) {
 					finishSession(Error::TLSClientCertificateError);
 				}
 			}
+			/*else if (streamFeatures->hasAuthenticationMechanism("SCRAM-SHA-1")) {
+				// FIXME: Use a real nonce
+				authenticator = new SCRAMSHA1ClientAuthenticator(ByteArray("\x01\x02\x03\x04\x05\x06\x07\x08", 8));
+				state = WaitingForCredentials;
+				onNeedCredentials();
+			}*/
 			else if (streamFeatures->hasAuthenticationMechanism("PLAIN")) {
 				authenticator = new PLAINClientAuthenticator();
 				state = WaitingForCredentials;
@@ -111,6 +120,16 @@ void ClientSession::handleElement(boost::shared_ptr<Element> element) {
 			}
 		}
 	}
+	else if (AuthChallenge* challenge = dynamic_cast<AuthChallenge*>(element.get())) {
+		checkState(Authenticating);
+		assert(authenticator);
+		if (authenticator->setChallenge(challenge->getValue())) {
+			stream->writeElement(boost::shared_ptr<AuthResponse>(new AuthResponse(authenticator->getResponse())));
+		}
+		else {
+			finishSession(Error::AuthenticationFailedError);
+		}
+	}
 	else if (dynamic_cast<AuthSuccess*>(element.get())) {
 		checkState(Authenticating);
 		state = WaitingForStreamStart;
diff --git a/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp b/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp
index 3109f56..f5c55c0 100644
--- a/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp
+++ b/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp
@@ -7,7 +7,7 @@
 
 namespace Swift {
 
-SCRAMSHA1ClientAuthenticator::SCRAMSHA1ClientAuthenticator(const ByteArray& nonce) : ClientAuthenticator("SCRAM-SHA1"), step(Initial), clientnonce(nonce) {
+SCRAMSHA1ClientAuthenticator::SCRAMSHA1ClientAuthenticator(const ByteArray& nonce) : ClientAuthenticator("SCRAM-SHA-1"), step(Initial), clientnonce(nonce) {
 }
 
 ByteArray SCRAMSHA1ClientAuthenticator::getResponse() const {
-- 
cgit v0.10.2-6-g49f6