static xt_status jabber_finish_iq_auth( struct im_connection *ic, struct xt_node *node, struct xt_node *orig )
{
struct jabber_data *jd = ic->proto_data;
char *type;
if( !( type = xt_find_attr( node, "type" ) ) )
{
imcb_log( ic, "Warning: Received incomplete IQ packet while authenticating" );
imc_logout( ic, FALSE );
return XT_HANDLED;
}
if( strcmp( type, "error" ) == 0 )
{
imcb_error( ic, "Authentication failure" );
imc_logout( ic, FALSE );
return XT_ABORT;
}
else if( strcmp( type, "result" ) == 0 )
{
/* This happens when we just successfully authenticated the
old (non-SASL) way. */
jd->flags |= JFLAG_AUTHENTICATED;
if( !jabber_get_roster( ic ) )
return XT_ABORT;
if( !jabber_iq_disco_server( ic ) )
return XT_ABORT;
}
return XT_HANDLED;
}
static xt_status jabber_pkt_features( struct xt_node *node, gpointer data )
{
struct im_connection *ic = data;
struct jabber_data *jd = ic->proto_data;
struct xt_node *c, *reply;
int trytls;
trytls = g_strcasecmp( set_getstr( &ic->acc->set, "tls" ), "try" ) == 0;
c = xt_find_node( node->children, "starttls" );
if( c && !jd->ssl )
{
/* If the server advertises the STARTTLS feature and if we're
not in a secure connection already: */
c = xt_find_node( c->children, "required" );
if( c && ( !trytls && !set_getbool( &ic->acc->set, "tls" ) ) )
{
imcb_error( ic, "Server requires TLS connections, but TLS is turned off for this account" );
imc_logout( ic, FALSE );
return XT_ABORT;
}
/* Only run this if the tls setting is set to true or try: */
if( ( trytls || set_getbool( &ic->acc->set, "tls" ) ) )
{
reply = xt_new_node( "starttls", NULL, NULL );
xt_add_attr( reply, "xmlns", XMLNS_TLS );
if( !jabber_write_packet( ic, reply ) )
{
xt_free_node( reply );
return XT_ABORT;
}
xt_free_node( reply );
return XT_HANDLED;
}
}
else if( !c && !jd->ssl )
{
/* If the server does not advertise the STARTTLS feature and
we're not in a secure connection already: (Servers have a
habit of not advertising <starttls/> anymore when already
using SSL/TLS. */
if( !trytls && set_getbool( &ic->acc->set, "tls" ) )
{
imcb_error( ic, "TLS is turned on for this account, but is not supported by this server" );
imc_logout( ic, FALSE );
return XT_ABORT;
}
}
/* This one used to be in jabber_handlers[], but it has to be done
from here to make sure the TLS session will be initialized
properly before we attempt SASL authentication. */
if( ( c = xt_find_node( node->children, "mechanisms" ) ) )
{
if( sasl_pkt_mechanisms( c, data ) == XT_ABORT )
return XT_ABORT;
}
/* If the server *SEEMS* to support SASL authentication but doesn't
support it after all, we should try to do authentication the
other way. jabber.com doesn't seem to do SASL while it pretends
to be XMPP 1.0 compliant! */
else if( !( jd->flags & JFLAG_AUTHENTICATED ) && sasl_supported( ic ) )
{
if( !jabber_init_iq_auth( ic ) )
return XT_ABORT;
}
if( ( c = xt_find_node( node->children, "bind" ) ) )
{
reply = xt_new_node( "bind", NULL, xt_new_node( "resource", set_getstr( &ic->acc->set, "resource" ), NULL ) );
xt_add_attr( reply, "xmlns", XMLNS_BIND );
reply = jabber_make_packet( "iq", "set", NULL, reply );
jabber_cache_add( ic, reply, jabber_pkt_bind_sess );
if( !jabber_write_packet( ic, reply ) )
return XT_ABORT;
jd->flags |= JFLAG_WAIT_BIND;
}
if( ( c = xt_find_node( node->children, "session" ) ) )
{
reply = xt_new_node( "session", NULL, NULL );
xt_add_attr( reply, "xmlns", XMLNS_SESSION );
reply = jabber_make_packet( "iq", "set", NULL, reply );
jabber_cache_add( ic, reply, jabber_pkt_bind_sess );
if( !jabber_write_packet( ic, reply ) )
return XT_ABORT;
jd->flags |= JFLAG_WAIT_SESSION;
}
/* This flag is already set if we authenticated via SASL, so now
we can resume the session in the new stream, if we don't have
to bind/initialize the session. */
if( jd->flags & JFLAG_AUTHENTICATED && ( jd->flags & ( JFLAG_WAIT_BIND | JFLAG_WAIT_SESSION ) ) == 0 )
{
if( !jabber_get_roster( ic ) )
return XT_ABORT;
}
return XT_HANDLED;
}
xt_status jabber_pkt_bind_sess( struct im_connection *ic, struct xt_node *node, struct xt_node *orig )
{
struct jabber_data *jd = ic->proto_data;
struct xt_node *c, *reply = NULL;
char *s;
if( node && ( c = xt_find_node( node->children, "bind" ) ) )
{
c = xt_find_node( c->children, "jid" );
if( !c || !c->text )
{
/* Server is crap, but this is no disaster. */
}
else if( strncmp( jd->me, c->text, strlen( jd->me ) ) != 0 )
{
s = strchr( c->text, '/' );
if( s )
*s = '\0';
jabber_set_me( ic, c->text );
imcb_log( ic, "Server claims your JID is `%s' instead of `%s'. "
"This mismatch may cause problems with groupchats "
"and possibly other things.",
c->text, ic->acc->user );
if( s )
*s = '/';
}
else if( c && c->text_len && ( s = strchr( c->text, '/' ) ) &&
strcmp( s + 1, set_getstr( &ic->acc->set, "resource" ) ) != 0 )
imcb_log( ic, "Server changed session resource string to `%s'", s + 1 );
}
if( jd->flags & JFLAG_WANT_BIND )
{
reply = xt_new_node( "bind", NULL, xt_new_node( "resource", set_getstr( &ic->acc->set, "resource" ), NULL ) );
xt_add_attr( reply, "xmlns", XMLNS_BIND );
jd->flags &= ~JFLAG_WANT_BIND;
}
else if( jd->flags & JFLAG_WANT_SESSION )
{
reply = xt_new_node( "session", NULL, NULL );
xt_add_attr( reply, "xmlns", XMLNS_SESSION );
jd->flags &= ~JFLAG_WANT_SESSION;
}
if( reply != NULL )
{
reply = jabber_make_packet( "iq", "set", NULL, reply );
jabber_cache_add( ic, reply, jabber_pkt_bind_sess );
if( !jabber_write_packet( ic, reply ) )
return XT_ABORT;
}
else if( ( jd->flags & ( JFLAG_WANT_BIND | JFLAG_WANT_SESSION ) ) == 0 )
{
if( !jabber_get_roster( ic ) )
return XT_ABORT;
if( !jabber_iq_disco_server( ic ) )
return XT_ABORT;
}
return XT_HANDLED;
}
