IMAPS::IMAPS( int s )
: IMAP( s )
{
EString * tmp = writeBuffer()->removeLine();
startTls();
enqueue( *tmp + "\r\n" );
}
SMTPS::SMTPS( int s )
: SMTPSubmit( s ), d( new SMTPSData )
{
EString * tmp = writeBuffer()->removeLine();
if ( tmp )
d->banner = *tmp;
startTls();
enqueue( d->banner + "\r\n" );
}
void LoginHandler::expectStartTls(const protocol::ServerReply &msg)
{
Q_ASSERT(m_tls);
if(msg.reply["startTls"].toBool()) {
startTls();
} else {
qWarning() << "Login error. Expected startTls, got:" << msg.reply;
failLogin(tr("Incompatible server"));
}
}
bool Client::handleNormalNode( Tag* tag )
{
if( tag->name() == "features" && tag->xmlns() == XMLNS_STREAM )
{
m_streamFeatures = getStreamFeatures( tag );
if( m_tls == TLSRequired && !m_encryptionActive
&& ( !m_encryption || !( m_streamFeatures & StreamFeatureStartTls ) ) )
{
logInstance().err( LogAreaClassClient, "Client is configured to require"
" TLS but either the server didn't offer TLS or"
" TLS support is not compiled in." );
disconnect( ConnTlsNotAvailable );
}
else if( m_tls > TLSDisabled && m_encryption && !m_encryptionActive
&& ( m_streamFeatures & StreamFeatureStartTls ) )
{
notifyStreamEvent( StreamEventEncryption );
startTls();
}
else if( m_compress && m_compression && !m_compressionActive
&& ( m_streamFeatures & StreamFeatureCompressZlib ) )
{
notifyStreamEvent( StreamEventCompression );
logInstance().warn( LogAreaClassClient, "The server offers compression, but negotiating Compression at this stage is not recommended. See XEP-0170 for details. We'll continue anyway." );
negotiateCompression( StreamFeatureCompressZlib );
}
else if( m_sasl )
{
if( m_authed )
{
if( m_streamFeatures & StreamFeatureBind )
{
notifyStreamEvent( StreamEventResourceBinding );
bindResource( resource() );
}
}
else if( m_doAuth && !username().empty() && !password().empty() )
{
if( m_streamFeatures & SaslMechDigestMd5 && m_availableSaslMechs & SaslMechDigestMd5
&& !m_forceNonSasl )
{
notifyStreamEvent( StreamEventAuthentication );
startSASL( SaslMechDigestMd5 );
}
else if( m_streamFeatures & SaslMechPlain && m_availableSaslMechs & SaslMechPlain
&& !m_forceNonSasl )
{
notifyStreamEvent( StreamEventAuthentication );
startSASL( SaslMechPlain );
}
else if( m_streamFeatures & StreamFeatureIqAuth || m_forceNonSasl )
{
notifyStreamEvent( StreamEventAuthentication );
nonSaslLogin();
}
else
{
logInstance().err( LogAreaClassClient, "the server doesn't support"
" any auth mechanisms we know about" );
disconnect( ConnNoSupportedAuth );
}
}
else if( m_doAuth && !m_clientCerts.empty() && !m_clientKey.empty()
&& m_streamFeatures & SaslMechExternal && m_availableSaslMechs & SaslMechExternal )
{
notifyStreamEvent( StreamEventAuthentication );
startSASL( SaslMechExternal );
}
#ifdef _WIN32
else if( m_doAuth && m_streamFeatures & SaslMechGssapi && m_availableSaslMechs & SaslMechGssapi )
{
notifyStreamEvent( StreamEventAuthentication );
startSASL( SaslMechGssapi );
}
#endif
else if( m_doAuth && m_streamFeatures & SaslMechAnonymous
&& m_availableSaslMechs & SaslMechAnonymous )
{
notifyStreamEvent( StreamEventAuthentication );
startSASL( SaslMechAnonymous );
}
else
{
notifyStreamEvent( StreamEventFinished );
connected();
}
}
else if( m_compress && m_compression && !m_compressionActive
&& ( m_streamFeatures & StreamFeatureCompressZlib ) )
{
notifyStreamEvent( StreamEventCompression );
negotiateCompression( StreamFeatureCompressZlib );
}
// else if( ( m_streamFeatures & StreamFeatureCompressDclz )
// && m_connection->initCompression( StreamFeatureCompressDclz ) )
// {
// negotiateCompression( StreamFeatureCompressDclz );
// }
else if( m_streamFeatures & StreamFeatureIqAuth )
{
notifyStreamEvent( StreamEventAuthentication );
nonSaslLogin();
}
else
{
logInstance().err( LogAreaClassClient, "fallback: the server doesn't "
"support any auth mechanisms we know about" );
disconnect( ConnNoSupportedAuth );
}
}
else
{
const std::string& name = tag->name(),
xmlns = tag->findAttribute( XMLNS );
if( name == "proceed" && xmlns == XMLNS_STREAM_TLS )
{
logInstance().dbg( LogAreaClassClient, "starting TLS handshake..." );
if( m_encryption )
{
m_encryptionActive = true;
m_encryption->handshake();
}
}
else if( name == "failure" )
{
if( xmlns == XMLNS_STREAM_TLS )
{
logInstance().err( LogAreaClassClient, "TLS handshake failed (server-side)!" );
disconnect( ConnTlsFailed );
}
else if( xmlns == XMLNS_COMPRESSION )
{
logInstance().err( LogAreaClassClient, "stream compression init failed!" );
disconnect( ConnCompressionFailed );
}
else if( xmlns == XMLNS_STREAM_SASL )
{
logInstance().err( LogAreaClassClient, "SASL authentication failed!" );
processSASLError( tag );
disconnect( ConnAuthenticationFailed );
}
}
else if( name == "compressed" && xmlns == XMLNS_COMPRESSION )
{
logInstance().dbg( LogAreaClassClient, "stream compression inited" );
m_compressionActive = true;
header();
}
else if( name == "challenge" && xmlns == XMLNS_STREAM_SASL )
{
logInstance().dbg( LogAreaClassClient, "processing SASL challenge" );
processSASLChallenge( tag->cdata() );
}
else if( name == "success" && xmlns == XMLNS_STREAM_SASL )
{
logInstance().dbg( LogAreaClassClient, "SASL authentication successful" );
setAuthed( true );
header();
}
else
return false;
}
return true;
}
void PopCommand::execute()
{
if ( d->done )
return;
switch ( d->cmd ) {
case Quit:
log( "Closing connection due to QUIT command", Log::Debug );
d->pop->setState( POP::Update );
d->pop->ok( "Goodbye" );
break;
case Capa:
{
EString c( "TOP\r\n"
"UIDL\r\n"
"SASL\r\n"
"USER\r\n"
"RESP-CODES\r\n"
"PIPELINING\r\n"
"IMPLEMENTATION Archiveopteryx POP3 Server, "
"http://archiveopteryx.org.\r\n" );
if ( Configuration::toggle( Configuration::UseTls ) )
c.append( "STLS\r\n" );
c.append( ".\r\n" );
d->pop->ok( "Capabilities:" );
d->pop->enqueue( c );
}
break;
case Stls:
if ( !startTls() )
return;
break;
case Auth:
if ( !auth() )
return;
break;
case User:
if ( !user() )
return;
break;
case Pass:
if ( !pass() )
return;
break;
case Apop:
if ( !apop() )
return;
break;
case Session:
if ( !session() )
return;
break;
case Stat:
if ( !stat() )
return;
break;
case List:
if ( !list() )
return;
break;
case Top:
if ( !retr( true ) )
return;
break;
case Retr:
if ( !retr( false ) )
return;
break;
case Dele:
if ( !dele() )
return;
break;
case Noop:
d->pop->ok( "Done" );
break;
case Rset:
d->pop->ok( "Done" );
break;
case Uidl:
if ( !uidl() )
return;
break;
}
finish();
}
bool Client::handleNormalNode( Stanza *stanza )
{
if( stanza->name() == "stream:features" )
{
m_streamFeatures = getStreamFeatures( stanza );
if( m_tls == TLSRequired && !m_encryptionActive
&& ( !m_encryption || !( m_streamFeatures & StreamFeatureStartTls ) ) )
{
logInstance().log( LogLevelError, LogAreaClassClient,
"Client is configured to require TLS but either the server didn't offer TLS or "
"TLS support is not compiled in." );
disconnect( ConnTlsNotAvailable );
}
else if( m_tls > TLSDisabled && m_encryption && !m_encryptionActive
&& ( m_streamFeatures & StreamFeatureStartTls ) )
{
notifyStreamEvent( StreamEventEncryption );
startTls();
}
else if( m_sasl )
{
if( m_authed )
{
if( m_streamFeatures & StreamFeatureBind )
{
notifyStreamEvent( StreamEventResourceBinding );
bindResource();
}
}
else if( m_doAuth && !username().empty() && !password().empty() )
{
if( !login() )
{
logInstance().log( LogLevelError, LogAreaClassClient,
"the server doesn't support any auth mechanisms we know about" );
disconnect( ConnNoSupportedAuth );
}
}
else if( m_doAuth && !m_clientCerts.empty() && !m_clientKey.empty()
&& m_streamFeatures & SaslMechExternal && m_availableSaslMechs & SaslMechExternal )
{
notifyStreamEvent( StreamEventAuthentication );
startSASL( SaslMechExternal );
}
#ifdef _WIN32
else if( m_doAuth && m_streamFeatures & SaslMechGssapi && m_availableSaslMechs & SaslMechGssapi )
{
notifyStreamEvent( StreamEventAuthentication );
startSASL( SaslMechGssapi );
}
#endif
else if( m_doAuth && m_streamFeatures & SaslMechAnonymous
&& m_availableSaslMechs & SaslMechAnonymous )
{
notifyStreamEvent( StreamEventAuthentication );
startSASL( SaslMechAnonymous );
}
else
{
notifyStreamEvent( StreamEventFinished );
connected();
}
}
else if( m_compress && m_compression && !m_compressionActive
&& ( m_streamFeatures & StreamFeatureCompressZlib ) )
{
notifyStreamEvent( StreamEventCompression );
negotiateCompression( StreamFeatureCompressZlib );
}
// else if( ( m_streamFeatures & StreamFeatureCompressDclz )
// && m_connection->initCompression( StreamFeatureCompressDclz ) )
// {
// negotiateCompression( StreamFeatureCompressDclz );
// }
else if( m_streamFeatures & StreamFeatureIqAuth )
{
notifyStreamEvent( StreamEventAuthentication );
nonSaslLogin();
}
else
{
logInstance().log( LogLevelError, LogAreaClassClient,
"fallback: the server doesn't support any auth mechanisms we know about" );
disconnect( ConnNoSupportedAuth );
}
}
else if( ( stanza->name() == "proceed" ) && stanza->hasAttribute( "xmlns", XMLNS_STREAM_TLS ) )
{
logInstance().log( LogLevelDebug, LogAreaClassClient, "starting TLS handshake..." );
if( m_encryption )
{
m_encryptionActive = true;
m_encryption->handshake();
}
}
else if( ( stanza->name() == "failure" ) && stanza->hasAttribute( "xmlns", XMLNS_STREAM_TLS ) )
{
logInstance().log( LogLevelError, LogAreaClassClient, "TLS handshake failed (server-side)!" );
disconnect( ConnTlsFailed );
}
else if( ( stanza->name() == "failure" ) && stanza->hasAttribute( "xmlns", XMLNS_COMPRESSION ) )
{
logInstance().log( LogLevelError, LogAreaClassClient, "stream compression init failed!" );
disconnect( ConnCompressionFailed );
}
else if( ( stanza->name() == "compressed" ) && stanza->hasAttribute( "xmlns", XMLNS_COMPRESSION ) )
{
logInstance().log( LogLevelDebug, LogAreaClassClient, "stream compression inited" );
m_compressionActive = true;
header();
}
else if( ( stanza->name() == "challenge" ) && stanza->hasAttribute( "xmlns", XMLNS_STREAM_SASL ) )
{
logInstance().log( LogLevelDebug, LogAreaClassClient, "processing SASL challenge" );
processSASLChallenge( stanza->cdata() );
}
else if( ( stanza->name() == "failure" ) && stanza->hasAttribute( "xmlns", XMLNS_STREAM_SASL ) )
{
logInstance().log( LogLevelError, LogAreaClassClient, "SASL authentication failed!" );
processSASLError( stanza );
disconnect( ConnAuthenticationFailed );
}
else if( ( stanza->name() == "success" ) && stanza->hasAttribute( "xmlns", XMLNS_STREAM_SASL ) )
{
logInstance().log( LogLevelDebug, LogAreaClassClient, "SASL authentication successful" );
setAuthed( true );
header();
}
else
{
if( ( stanza->name() == "iq" ) && stanza->hasAttribute( "id", "bind" ) )
{
processResourceBind( stanza );
}
else if( ( stanza->name() == "iq" ) && stanza->hasAttribute( "id", "session" ) )
{
processCreateSession( stanza );
}
else
return false;
}
return true;
}
void ManageSieveCommand::execute()
{
if ( d->done )
return;
bool ok = true;
switch ( d->cmd ) {
case Logout:
log( "Received LOGOUT command", Log::Debug );
d->sieve->Connection::setState( Connection::Closing );
break;
case Capability:
end();
if ( d->no.isEmpty() )
d->sieve->capabilities();
break;
case StartTls:
ok = startTls();
break;
case Authenticate:
ok = authenticate();
break;
case HaveSpace:
ok = haveSpace();
break;
case PutScript:
ok = putScript();
break;
case ListScripts:
ok = listScripts();
break;
case SetActive:
ok = setActive();
break;
case GetScript:
ok = getScript();
break;
case DeleteScript:
ok = deleteScript();
break;
case RenameScript:
ok = renameScript();
break;
case Noop:
ok = noop();
break;
case XAoxExplain:
ok = explain();
break;
case Unknown:
no( "Unknown command" );
break;
}
if ( d->query && d->query->failed() && d->no.isEmpty() )
no( "Database failed: " + d->query->error() );
else if ( d->t && d->t->failed() && d->no.isEmpty() )
no( "Database failed: " + d->t->error() ); // XXX need to rollback?
if ( !d->no.isEmpty() )
ok = true;
if ( !ok )
return;
d->done = true;
if ( d->no.isEmpty() ) {
d->sieve->enqueue( "OK" );
if ( !d->ok.isEmpty() ) {
d->sieve->enqueue( " " );
d->sieve->enqueue( encoded( d->ok ) );
}
d->sieve->enqueue( "\r\n" );
}
else {
d->sieve->enqueue( "NO" );
if ( !d->no.isEmpty() ) {
d->sieve->enqueue( " " );
d->sieve->enqueue( encoded( d->no ) );
}
d->sieve->enqueue( "\r\n" );
};
d->sieve->runCommands();
}
