From 91cc491173e7ba73b695628b3390c2ba21a978d7 Mon Sep 17 00:00:00 2001
From: Yann Leboulanger <asterix@lagaule.org>
Date: Fri, 28 Nov 2008 07:27:42 +0000
Subject: [PATCH] [Simo Sorce] fix GSSAPI to use FQDN. See #2465

---
 src/common/xmpp/auth_nb.py       | 9 +++++----
 src/common/xmpp/transports_nb.py | 2 ++
 2 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/src/common/xmpp/auth_nb.py b/src/common/xmpp/auth_nb.py
index 2c5ed138b..be262fb73 100644
--- a/src/common/xmpp/auth_nb.py
+++ b/src/common/xmpp/auth_nb.py
@@ -146,8 +146,9 @@ class SASL(PlugIn):
 	def MechanismHandler(self):
 		if "GSSAPI" in self.mecs and have_kerberos:
 			self.mecs.remove("GSSAPI")
-			rc, self.gss_vc = kerberos.authGSSClientInit('xmpp@' + 
-														self._owner.Server)
+			rc, self.gss_vc = kerberos.authGSSClientInit('xmpp@' +
+				self._owner.socket._hostfqdn)
+			rc = kerberos.authGSSClientStep(self.gss_vc, '')
 			response = kerberos.authGSSClientResponse(self.gss_vc)
 			node=Node('auth',attrs={'xmlns': NS_SASL, 'mechanism': 'GSSAPI'},
                    payload=(response or ""))
@@ -205,7 +206,7 @@ class SASL(PlugIn):
 		incoming_data = challenge.getData()
 		data=base64.decodestring(incoming_data)
 		self.DEBUG('Got challenge:'+data,'ok')
-		if self.mechanism == "GSSAPI":
+		if self.mechanism == 'GSSAPI':
 			if self.gss_step == GSS_STATE_STEP:
 				rc = kerberos.authGSSClientStep(self.gss_vc, incoming_data)
 				if rc != kerberos.AUTH_GSS_CONTINUE:
@@ -214,7 +215,7 @@ class SASL(PlugIn):
 				rc = kerberos.authGSSClientUnwrap(self.gss_vc, incoming_data)
 				response = kerberos.authGSSClientResponse(self.gss_vc)
 				rc = kerberos.authGSSClientWrap(self.gss_vc, response,
-												self.username)
+					kerberos.authGSSClientUserName(self.gss_vc))
 			response = kerberos.authGSSClientResponse(self.gss_vc)
 			if not response:
 				response = ''
diff --git a/src/common/xmpp/transports_nb.py b/src/common/xmpp/transports_nb.py
index 55273f499..e886fc638 100644
--- a/src/common/xmpp/transports_nb.py
+++ b/src/common/xmpp/transports_nb.py
@@ -246,6 +246,7 @@ class NonBlockingTcp(PlugIn, IdleObject):
 		self._exported_methods=[self.send, self.disconnect, self.onreceive, self.set_send_timeout, 
 			self.start_disconnect, self.set_timeout, self.remove_timeout]
 		self._server = server
+		self._hostfqdn = server[0]
 		self.on_connect  = on_connect
 		self.on_connect_failure = on_connect_failure
 		self.on_receive = None
@@ -304,6 +305,7 @@ class NonBlockingTcp(PlugIn, IdleObject):
 			server=self._server
 		else: 
 			self._server = server
+		self._hostfqdn = self._server[0]
 		self.printed_error = False
 		self.state = 0
 		try: