IMAPS::IMAPS( int s ) : IMAP( s ) { EString * tmp = writeBuffer()->removeLine(); startTls(); enqueue( *tmp + "\r\n" ); }
SMTPS::SMTPS( int s ) : SMTPSubmit( s ), d( new SMTPSData ) { EString * tmp = writeBuffer()->removeLine(); if ( tmp ) d->banner = *tmp; startTls(); enqueue( d->banner + "\r\n" ); }
void LoginHandler::expectStartTls(const protocol::ServerReply &msg) { Q_ASSERT(m_tls); if(msg.reply["startTls"].toBool()) { startTls(); } else { qWarning() << "Login error. Expected startTls, got:" << msg.reply; failLogin(tr("Incompatible server")); } }
bool Client::handleNormalNode( Tag* tag ) { if( tag->name() == "features" && tag->xmlns() == XMLNS_STREAM ) { m_streamFeatures = getStreamFeatures( tag ); if( m_tls == TLSRequired && !m_encryptionActive && ( !m_encryption || !( m_streamFeatures & StreamFeatureStartTls ) ) ) { logInstance().err( LogAreaClassClient, "Client is configured to require" " TLS but either the server didn't offer TLS or" " TLS support is not compiled in." ); disconnect( ConnTlsNotAvailable ); } else if( m_tls > TLSDisabled && m_encryption && !m_encryptionActive && ( m_streamFeatures & StreamFeatureStartTls ) ) { notifyStreamEvent( StreamEventEncryption ); startTls(); } else if( m_compress && m_compression && !m_compressionActive && ( m_streamFeatures & StreamFeatureCompressZlib ) ) { notifyStreamEvent( StreamEventCompression ); logInstance().warn( LogAreaClassClient, "The server offers compression, but negotiating Compression at this stage is not recommended. See XEP-0170 for details. We'll continue anyway." ); negotiateCompression( StreamFeatureCompressZlib ); } else if( m_sasl ) { if( m_authed ) { if( m_streamFeatures & StreamFeatureBind ) { notifyStreamEvent( StreamEventResourceBinding ); bindResource( resource() ); } } else if( m_doAuth && !username().empty() && !password().empty() ) { if( m_streamFeatures & SaslMechDigestMd5 && m_availableSaslMechs & SaslMechDigestMd5 && !m_forceNonSasl ) { notifyStreamEvent( StreamEventAuthentication ); startSASL( SaslMechDigestMd5 ); } else if( m_streamFeatures & SaslMechPlain && m_availableSaslMechs & SaslMechPlain && !m_forceNonSasl ) { notifyStreamEvent( StreamEventAuthentication ); startSASL( SaslMechPlain ); } else if( m_streamFeatures & StreamFeatureIqAuth || m_forceNonSasl ) { notifyStreamEvent( StreamEventAuthentication ); nonSaslLogin(); } else { logInstance().err( LogAreaClassClient, "the server doesn't support" " any auth mechanisms we know about" ); disconnect( ConnNoSupportedAuth ); } } else if( m_doAuth && !m_clientCerts.empty() && !m_clientKey.empty() && m_streamFeatures & SaslMechExternal && m_availableSaslMechs & SaslMechExternal ) { notifyStreamEvent( StreamEventAuthentication ); startSASL( SaslMechExternal ); } #ifdef _WIN32 else if( m_doAuth && m_streamFeatures & SaslMechGssapi && m_availableSaslMechs & SaslMechGssapi ) { notifyStreamEvent( StreamEventAuthentication ); startSASL( SaslMechGssapi ); } #endif else if( m_doAuth && m_streamFeatures & SaslMechAnonymous && m_availableSaslMechs & SaslMechAnonymous ) { notifyStreamEvent( StreamEventAuthentication ); startSASL( SaslMechAnonymous ); } else { notifyStreamEvent( StreamEventFinished ); connected(); } } else if( m_compress && m_compression && !m_compressionActive && ( m_streamFeatures & StreamFeatureCompressZlib ) ) { notifyStreamEvent( StreamEventCompression ); negotiateCompression( StreamFeatureCompressZlib ); } // else if( ( m_streamFeatures & StreamFeatureCompressDclz ) // && m_connection->initCompression( StreamFeatureCompressDclz ) ) // { // negotiateCompression( StreamFeatureCompressDclz ); // } else if( m_streamFeatures & StreamFeatureIqAuth ) { notifyStreamEvent( StreamEventAuthentication ); nonSaslLogin(); } else { logInstance().err( LogAreaClassClient, "fallback: the server doesn't " "support any auth mechanisms we know about" ); disconnect( ConnNoSupportedAuth ); } } else { const std::string& name = tag->name(), xmlns = tag->findAttribute( XMLNS ); if( name == "proceed" && xmlns == XMLNS_STREAM_TLS ) { logInstance().dbg( LogAreaClassClient, "starting TLS handshake..." ); if( m_encryption ) { m_encryptionActive = true; m_encryption->handshake(); } } else if( name == "failure" ) { if( xmlns == XMLNS_STREAM_TLS ) { logInstance().err( LogAreaClassClient, "TLS handshake failed (server-side)!" ); disconnect( ConnTlsFailed ); } else if( xmlns == XMLNS_COMPRESSION ) { logInstance().err( LogAreaClassClient, "stream compression init failed!" ); disconnect( ConnCompressionFailed ); } else if( xmlns == XMLNS_STREAM_SASL ) { logInstance().err( LogAreaClassClient, "SASL authentication failed!" ); processSASLError( tag ); disconnect( ConnAuthenticationFailed ); } } else if( name == "compressed" && xmlns == XMLNS_COMPRESSION ) { logInstance().dbg( LogAreaClassClient, "stream compression inited" ); m_compressionActive = true; header(); } else if( name == "challenge" && xmlns == XMLNS_STREAM_SASL ) { logInstance().dbg( LogAreaClassClient, "processing SASL challenge" ); processSASLChallenge( tag->cdata() ); } else if( name == "success" && xmlns == XMLNS_STREAM_SASL ) { logInstance().dbg( LogAreaClassClient, "SASL authentication successful" ); setAuthed( true ); header(); } else return false; } return true; }
void PopCommand::execute() { if ( d->done ) return; switch ( d->cmd ) { case Quit: log( "Closing connection due to QUIT command", Log::Debug ); d->pop->setState( POP::Update ); d->pop->ok( "Goodbye" ); break; case Capa: { EString c( "TOP\r\n" "UIDL\r\n" "SASL\r\n" "USER\r\n" "RESP-CODES\r\n" "PIPELINING\r\n" "IMPLEMENTATION Archiveopteryx POP3 Server, " "http://archiveopteryx.org.\r\n" ); if ( Configuration::toggle( Configuration::UseTls ) ) c.append( "STLS\r\n" ); c.append( ".\r\n" ); d->pop->ok( "Capabilities:" ); d->pop->enqueue( c ); } break; case Stls: if ( !startTls() ) return; break; case Auth: if ( !auth() ) return; break; case User: if ( !user() ) return; break; case Pass: if ( !pass() ) return; break; case Apop: if ( !apop() ) return; break; case Session: if ( !session() ) return; break; case Stat: if ( !stat() ) return; break; case List: if ( !list() ) return; break; case Top: if ( !retr( true ) ) return; break; case Retr: if ( !retr( false ) ) return; break; case Dele: if ( !dele() ) return; break; case Noop: d->pop->ok( "Done" ); break; case Rset: d->pop->ok( "Done" ); break; case Uidl: if ( !uidl() ) return; break; } finish(); }
bool Client::handleNormalNode( Stanza *stanza ) { if( stanza->name() == "stream:features" ) { m_streamFeatures = getStreamFeatures( stanza ); if( m_tls == TLSRequired && !m_encryptionActive && ( !m_encryption || !( m_streamFeatures & StreamFeatureStartTls ) ) ) { logInstance().log( LogLevelError, LogAreaClassClient, "Client is configured to require TLS but either the server didn't offer TLS or " "TLS support is not compiled in." ); disconnect( ConnTlsNotAvailable ); } else if( m_tls > TLSDisabled && m_encryption && !m_encryptionActive && ( m_streamFeatures & StreamFeatureStartTls ) ) { notifyStreamEvent( StreamEventEncryption ); startTls(); } else if( m_sasl ) { if( m_authed ) { if( m_streamFeatures & StreamFeatureBind ) { notifyStreamEvent( StreamEventResourceBinding ); bindResource(); } } else if( m_doAuth && !username().empty() && !password().empty() ) { if( !login() ) { logInstance().log( LogLevelError, LogAreaClassClient, "the server doesn't support any auth mechanisms we know about" ); disconnect( ConnNoSupportedAuth ); } } else if( m_doAuth && !m_clientCerts.empty() && !m_clientKey.empty() && m_streamFeatures & SaslMechExternal && m_availableSaslMechs & SaslMechExternal ) { notifyStreamEvent( StreamEventAuthentication ); startSASL( SaslMechExternal ); } #ifdef _WIN32 else if( m_doAuth && m_streamFeatures & SaslMechGssapi && m_availableSaslMechs & SaslMechGssapi ) { notifyStreamEvent( StreamEventAuthentication ); startSASL( SaslMechGssapi ); } #endif else if( m_doAuth && m_streamFeatures & SaslMechAnonymous && m_availableSaslMechs & SaslMechAnonymous ) { notifyStreamEvent( StreamEventAuthentication ); startSASL( SaslMechAnonymous ); } else { notifyStreamEvent( StreamEventFinished ); connected(); } } else if( m_compress && m_compression && !m_compressionActive && ( m_streamFeatures & StreamFeatureCompressZlib ) ) { notifyStreamEvent( StreamEventCompression ); negotiateCompression( StreamFeatureCompressZlib ); } // else if( ( m_streamFeatures & StreamFeatureCompressDclz ) // && m_connection->initCompression( StreamFeatureCompressDclz ) ) // { // negotiateCompression( StreamFeatureCompressDclz ); // } else if( m_streamFeatures & StreamFeatureIqAuth ) { notifyStreamEvent( StreamEventAuthentication ); nonSaslLogin(); } else { logInstance().log( LogLevelError, LogAreaClassClient, "fallback: the server doesn't support any auth mechanisms we know about" ); disconnect( ConnNoSupportedAuth ); } } else if( ( stanza->name() == "proceed" ) && stanza->hasAttribute( "xmlns", XMLNS_STREAM_TLS ) ) { logInstance().log( LogLevelDebug, LogAreaClassClient, "starting TLS handshake..." ); if( m_encryption ) { m_encryptionActive = true; m_encryption->handshake(); } } else if( ( stanza->name() == "failure" ) && stanza->hasAttribute( "xmlns", XMLNS_STREAM_TLS ) ) { logInstance().log( LogLevelError, LogAreaClassClient, "TLS handshake failed (server-side)!" ); disconnect( ConnTlsFailed ); } else if( ( stanza->name() == "failure" ) && stanza->hasAttribute( "xmlns", XMLNS_COMPRESSION ) ) { logInstance().log( LogLevelError, LogAreaClassClient, "stream compression init failed!" ); disconnect( ConnCompressionFailed ); } else if( ( stanza->name() == "compressed" ) && stanza->hasAttribute( "xmlns", XMLNS_COMPRESSION ) ) { logInstance().log( LogLevelDebug, LogAreaClassClient, "stream compression inited" ); m_compressionActive = true; header(); } else if( ( stanza->name() == "challenge" ) && stanza->hasAttribute( "xmlns", XMLNS_STREAM_SASL ) ) { logInstance().log( LogLevelDebug, LogAreaClassClient, "processing SASL challenge" ); processSASLChallenge( stanza->cdata() ); } else if( ( stanza->name() == "failure" ) && stanza->hasAttribute( "xmlns", XMLNS_STREAM_SASL ) ) { logInstance().log( LogLevelError, LogAreaClassClient, "SASL authentication failed!" ); processSASLError( stanza ); disconnect( ConnAuthenticationFailed ); } else if( ( stanza->name() == "success" ) && stanza->hasAttribute( "xmlns", XMLNS_STREAM_SASL ) ) { logInstance().log( LogLevelDebug, LogAreaClassClient, "SASL authentication successful" ); setAuthed( true ); header(); } else { if( ( stanza->name() == "iq" ) && stanza->hasAttribute( "id", "bind" ) ) { processResourceBind( stanza ); } else if( ( stanza->name() == "iq" ) && stanza->hasAttribute( "id", "session" ) ) { processCreateSession( stanza ); } else return false; } return true; }
void ManageSieveCommand::execute() { if ( d->done ) return; bool ok = true; switch ( d->cmd ) { case Logout: log( "Received LOGOUT command", Log::Debug ); d->sieve->Connection::setState( Connection::Closing ); break; case Capability: end(); if ( d->no.isEmpty() ) d->sieve->capabilities(); break; case StartTls: ok = startTls(); break; case Authenticate: ok = authenticate(); break; case HaveSpace: ok = haveSpace(); break; case PutScript: ok = putScript(); break; case ListScripts: ok = listScripts(); break; case SetActive: ok = setActive(); break; case GetScript: ok = getScript(); break; case DeleteScript: ok = deleteScript(); break; case RenameScript: ok = renameScript(); break; case Noop: ok = noop(); break; case XAoxExplain: ok = explain(); break; case Unknown: no( "Unknown command" ); break; } if ( d->query && d->query->failed() && d->no.isEmpty() ) no( "Database failed: " + d->query->error() ); else if ( d->t && d->t->failed() && d->no.isEmpty() ) no( "Database failed: " + d->t->error() ); // XXX need to rollback? if ( !d->no.isEmpty() ) ok = true; if ( !ok ) return; d->done = true; if ( d->no.isEmpty() ) { d->sieve->enqueue( "OK" ); if ( !d->ok.isEmpty() ) { d->sieve->enqueue( " " ); d->sieve->enqueue( encoded( d->ok ) ); } d->sieve->enqueue( "\r\n" ); } else { d->sieve->enqueue( "NO" ); if ( !d->no.isEmpty() ) { d->sieve->enqueue( " " ); d->sieve->enqueue( encoded( d->no ) ); } d->sieve->enqueue( "\r\n" ); }; d->sieve->runCommands(); }