copyleftie/gajim-plural
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

merging

Browse source
This commit is contained in:
Jefry Lagrange 2011-05-31 18:05:04 -04:00
commit e53f95c87e
1 changed files with 60 additions and 51 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

47
src/common/xmpp/auth_nb.py
View file

@ -21,9 +21,11 @@ Can be used both for client and transport authentication
See client_nb.py See client_nb.py
""" """
from protocol import NS_SASL, NS_SESSION, NS_STREAMS, NS_BIND, NS_AUTH, NS_STREAM_MGMT from protocol import NS_SASL, NS_SESSION, NS_STREAMS, NS_BIND, NS_AUTH
from protocol import NS_STREAM_MGMT
from protocol import Node, NodeProcessed, isResultNode, Iq, Protocol, JID from protocol import Node, NodeProcessed, isResultNode, Iq, Protocol, JID
from plugin import PlugIn from plugin import PlugIn
from smacks import Smacks
import base64 import base64
import random import random
import itertools import itertools
@ -31,7 +33,7 @@ import dispatcher_nb
import hashlib import hashlib
import hmac import hmac
import hashlib import hashlib
from smacks import Smacks
import logging import logging
log = logging.getLogger('gajim.c.x.auth_nb') log = logging.getLogger('gajim.c.x.auth_nb')
@ -198,7 +200,8 @@ class SASL(PlugIn):
'mechanism'): 'mechanism'):
self.mecs.append(mec.getData()) self.mecs.append(mec.getData())
self._owner.RegisterHandler('challenge', self.SASLHandler, xmlns=NS_SASL) self._owner.RegisterHandler('challenge', self.SASLHandler,
xmlns=NS_SASL)
self._owner.RegisterHandler('failure', self.SASLHandler, xmlns=NS_SASL) self._owner.RegisterHandler('failure', self.SASLHandler, xmlns=NS_SASL)
self._owner.RegisterHandler('success', self.SASLHandler, xmlns=NS_SASL) self._owner.RegisterHandler('success', self.SASLHandler, xmlns=NS_SASL)
self.MechanismHandler() self.MechanismHandler()
@ -206,7 +209,8 @@ class SASL(PlugIn):
def MechanismHandler(self): def MechanismHandler(self):
if 'ANONYMOUS' in self.mecs and self.username is None: if 'ANONYMOUS' in self.mecs and self.username is None:
self.mecs.remove('ANONYMOUS') self.mecs.remove('ANONYMOUS')
node = Node('auth', attrs={'xmlns': NS_SASL, 'mechanism': 'ANONYMOUS'}) node = Node('auth', attrs={'xmlns': NS_SASL,
'mechanism': 'ANONYMOUS'})
self.mechanism = 'ANONYMOUS' self.mechanism = 'ANONYMOUS'
self.startsasl = SASL_IN_PROCESS self.startsasl = SASL_IN_PROCESS
self._owner.send(str(node)) self._owner.send(str(node))
@ -229,8 +233,8 @@ class SASL(PlugIn):
self._owner.xmpp_hostname)[1] self._owner.xmpp_hostname)[1]
kerberos.authGSSClientStep(self.gss_vc, '') kerberos.authGSSClientStep(self.gss_vc, '')
response = kerberos.authGSSClientResponse(self.gss_vc) response = kerberos.authGSSClientResponse(self.gss_vc)
node=Node('auth', attrs={'xmlns': NS_SASL, 'mechanism': 'GSSAPI'}, node=Node('auth', attrs={'xmlns': NS_SASL,
payload=(response or '')) 'mechanism': 'GSSAPI'}, payload=(response or ''))
self.mechanism = 'GSSAPI' self.mechanism = 'GSSAPI'
self.gss_step = GSS_STATE_STEP self.gss_step = GSS_STATE_STEP
self.startsasl = SASL_IN_PROCESS self.startsasl = SASL_IN_PROCESS
@ -247,7 +251,8 @@ class SASL(PlugIn):
raise NodeProcessed raise NodeProcessed
if 'DIGEST-MD5' in self.mecs: if 'DIGEST-MD5' in self.mecs:
self.mecs.remove('DIGEST-MD5') self.mecs.remove('DIGEST-MD5')
node = Node('auth', attrs={'xmlns': NS_SASL, 'mechanism': 'DIGEST-MD5'}) node = Node('auth', attrs={'xmlns': NS_SASL,
'mechanism': 'DIGEST-MD5'})
self.mechanism = 'DIGEST-MD5' self.mechanism = 'DIGEST-MD5'
self.startsasl = SASL_IN_PROCESS self.startsasl = SASL_IN_PROCESS
self._owner.send(str(node)) self._owner.send(str(node))
@ -294,9 +299,9 @@ class SASL(PlugIn):
handlers = self._owner.Dispatcher.dumpHandlers() handlers = self._owner.Dispatcher.dumpHandlers()
# Bosh specific dispatcher replugging # Bosh specific dispatcher replugging
# save old features. They will be used in case we won't get response on # save old features. They will be used in case we won't get response
# stream restart after SASL auth (happens with XMPP over BOSH with # on stream restart after SASL auth (happens with XMPP over BOSH
# Openfire) # with Openfire)
old_features = self._owner.Dispatcher.Stream.features old_features = self._owner.Dispatcher.Stream.features
self._owner.Dispatcher.PlugOut() self._owner.Dispatcher.PlugOut()
dispatcher_nb.Dispatcher.get_instance().PlugIn(self._owner, dispatcher_nb.Dispatcher.get_instance().PlugIn(self._owner,
@ -408,8 +413,8 @@ class SASL(PlugIn):
else: else:
self.resp['realm'] = self._owner.Server self.resp['realm'] = self._owner.Server
self.resp['nonce'] = chal['nonce'] self.resp['nonce'] = chal['nonce']
self.resp['cnonce'] = ''.join("%x" % randint(0, 2**28) for randint in self.resp['cnonce'] = ''.join("%x" % randint(0, 2**28) for randint \
itertools.repeat(random.randint, 7)) in itertools.repeat(random.randint, 7))
self.resp['nc'] = ('00000001') self.resp['nc'] = ('00000001')
self.resp['qop'] = 'auth' self.resp['qop'] = 'auth'
self.resp['digest-uri'] = 'xmpp/' + self._owner.Server self.resp['digest-uri'] = 'xmpp/' + self._owner.Server
@ -463,7 +468,8 @@ class SASL(PlugIn):
sasl_data += u'%s="%s",' % (key, self.resp[key]) sasl_data += u'%s="%s",' % (key, self.resp[key])
sasl_data = sasl_data[:-1].encode('utf-8').encode('base64').replace( sasl_data = sasl_data[:-1].encode('utf-8').encode('base64').replace(
'\r', '').replace('\n', '') '\r', '').replace('\n', '')
node = Node('response', attrs={'xmlns':NS_SASL}, payload=[sasl_data]) node = Node('response', attrs={'xmlns': NS_SASL},
payload=[sasl_data])
elif self.mechanism == 'PLAIN': elif self.mechanism == 'PLAIN':
sasl_data = u'\x00%s\x00%s' % (self.username, self.password) sasl_data = u'\x00%s\x00%s' % (self.username, self.password)
sasl_data = sasl_data.encode('utf-8').encode('base64').replace( sasl_data = sasl_data.encode('utf-8').encode('base64').replace(
@ -534,7 +540,8 @@ class NonBlockingNonSASL(PlugIn):
def hash_n_times(s, count): def hash_n_times(s, count):
return count and hasher(hash_n_times(s, count-1)) or s return count and hasher(hash_n_times(s, count-1)) or s
hash_ = hash_n_times(hasher(hasher(self.password) + token), int(seq)) hash_ = hash_n_times(hasher(hasher(self.password) + token),
int(seq))
query.setTagData('hash', hash_) query.setTagData('hash', hash_)
self._method='0k' self._method='0k'
else: else:
@ -542,15 +549,16 @@ class NonBlockingNonSASL(PlugIn):
authentication") authentication")
query.setTagData('password', self.password) query.setTagData('password', self.password)
self._method = 'plain' self._method = 'plain'
resp = self.owner.Dispatcher.SendAndWaitForResponse(iq, func=self._on_auth) resp = self.owner.Dispatcher.SendAndWaitForResponse(iq,
func=self._on_auth)
def _on_auth(self, resp): def _on_auth(self, resp):
if isResultNode(resp): if isResultNode(resp):
log.info('Sucessfully authenticated with remote host.') log.info('Sucessfully authenticated with remote host.')
self.owner.User = self.user self.owner.User = self.user
self.owner.Resource = self.resource self.owner.Resource = self.resource
self.owner._registered_name = self.owner.User+'@'+self.owner.Server+\ self.owner._registered_name = self.owner.User + '@' + \
'/'+self.owner.Resource self.owner.Server+ '/' + self.owner.Resource
return self.on_auth(self._method) return self.on_auth(self._method)
log.info('Authentication failed!') log.info('Authentication failed!')
return self.on_auth(None) return self.on_auth(None)
@ -622,8 +630,9 @@ class NonBlockingBind(PlugIn):
self._owner.onreceive(None) self._owner.onreceive(None)
self._owner.Dispatcher.SendAndWaitForResponse( self._owner.Dispatcher.SendAndWaitForResponse(
Protocol('iq', typ='set', payload=[Node('bind', attrs={'xmlns':NS_BIND}, Protocol('iq', typ='set', payload=[Node('bind',
payload=self._resource)]), func=self._on_bound) attrs={'xmlns': NS_BIND}, payload=self._resource)]),
func=self._on_bound)
def _on_bound(self, resp): def _on_bound(self, resp):
if isResultNode(resp): if isResultNode(resp):