static int mech_step(sasl_session_t *p, char *message, int len, char **out, int *out_len) { char auth[256]; char cookie[256]; myuser_t *mu; /* Skip the authzid entirely */ len -= strlen(message) + 1; if(len <= 0) return ASASL_FAIL; message += strlen(message) + 1; /* Copy the authcid */ if(strlen(message) > 255) return ASASL_FAIL; len -= strlen(message) + 1; if(len <= 0) return ASASL_FAIL; strcpy(auth, message); message += strlen(message) + 1; /* Copy the authcookie */ if(strlen(message) > 255) return ASASL_FAIL; mowgli_strlcpy(cookie, message, len + 1); /* Done dissecting, now check. */ if(!(mu = myuser_find_by_nick(auth))) return ASASL_FAIL; p->username = strdup(auth); return authcookie_find(cookie, mu) != NULL ? ASASL_DONE : ASASL_FAIL; }
/* * atheme.logout * * XML inputs: * authcookie, and account name. * * XML outputs: * fault 1 - insufficient parameters * fault 3 - unknown user * fault 15 - validation failed * default - success message * * Side Effects: * an authcookie ticket is destroyed. */ static int xmlrpcmethod_logout(void *conn, int parc, char *parv[]) { authcookie_t *ac; myuser_t *mu; if (parc < 2) { xmlrpc_generic_error(fault_needmoreparams, "Insufficient parameters."); return 0; } if ((mu = myuser_find(parv[1])) == NULL) { xmlrpc_generic_error(fault_nosuch_source, "Unknown user."); return 0; } if (authcookie_validate(parv[0], mu) == false) { xmlrpc_generic_error(fault_badauthcookie, "Invalid authcookie for this account."); return 0; } logcommand_external(nicksvs.me, "xmlrpc", conn, NULL, mu, CMDLOG_LOGIN, "LOGOUT"); ac = authcookie_find(parv[0], mu); authcookie_destroy(ac); xmlrpc_send_string("You are now logged out."); return 0; }