HGKeeper

pidgin/pidgin

Implement XEP-0233: XMPP Server Registration for use with Kerberos V5.

2019-10-27, Elliott Sales de Andrade

0d8e52078bc7

Parents 3cd0ba8ff140
Children 59ea07d727db

Implement XEP-0233: XMPP Server Registration for use with Kerberos V5.

This specifies how the client determines the hostname of the server for
SASL purposes. There is no specification for mechanisms other than
Kerberos, and while Cyrus SASL requires a non-NULL server FQDN, it
doesn't seem to be important what is passed for the other mechanisms. To
simplify things, use the original domainpart and not the SRV hostname.

4 files changed, 15 insertions(+), 18 deletions(-)

+12 -1

libpurple/protocols/jabber/auth_cyrus.c

+0 -6

libpurple/protocols/jabber/bosh.c

+0 -11

libpurple/protocols/jabber/jabber.c

+3 -0

libpurple/protocols/jabber/namespaces.h

~~--- a/libpurple/protocols/jabber/auth_cyrus.c Mon Oct 28 22:41:37 2019 -0400~~

+++ b/libpurple/protocols/jabber/auth_cyrus.c Sun Oct 27 14:28:20 2019 -0400

@@ -402,11 +402,22 @@

jabber_cyrus_start(JabberStream *js, PurpleXmlNode *mechanisms,

PurpleXmlNode **reply, char **error)

{

~~- PurpleXmlNode *mechnode;~~

+ PurpleXmlNode *mechnode, *hostname;

JabberSaslState ret;

js->sasl_mechs = g_string_new("");

js->sasl_password = g_strdup(purple_connection_get_password(js->gc));

+ /* XEP-0233 says we should grab the hostname for Kerberos v5, but there

+ * is no claim about other SASL mechanisms. Fortunately, most don't

+ * care what we use, so just use the domainpart. */

+ hostname = purple_xmlnode_get_child_with_namespace(

+ mechanisms, "hostname", NS_XMPP_SERVER_REGISTRATION);

+ if (hostname) {

+ js->serverFQDN = purple_xmlnode_get_data(hostname);

+ }

+ if (js->serverFQDN == NULL) {

+ js->serverFQDN = g_strdup(js->user->domain);

+ }

for(mechnode = purple_xmlnode_get_child(mechanisms, "mechanism"); mechnode;

mechnode = purple_xmlnode_get_next_twin(mechnode))

~~--- a/libpurple/protocols/jabber/bosh.c Mon Oct 28 22:41:37 2019 -0400~~

+++ b/libpurple/protocols/jabber/bosh.c Sun Oct 27 14:28:20 2019 -0400

@@ -135,12 +135,6 @@

conn->rid = (((guint64)g_random_int() << 32) | g_random_int());

conn->rid &= 0xFFFFFFFFFFFFFLL;

~~- if (g_hostname_is_ip_address(url_p->host)) {~~

~~- js->serverFQDN = g_strdup(js->user->domain);~~

~~- } else {~~

~~- js->serverFQDN = g_strdup(url_p->host);~~

~~- }~~

soup_uri_free(url_p);

g_object_unref(resolver);

~~--- a/libpurple/protocols/jabber/jabber.c Mon Oct 28 22:41:37 2019 -0400~~

+++ b/libpurple/protocols/jabber/jabber.c Sun Oct 27 14:28:20 2019 -0400

@@ -883,17 +883,6 @@

static gboolean jabber_login_connect(JabberStream *js, const char *domain, const char *host, int port,

gboolean fatal_failure)

{

~~- /* host should be used in preference to domain to~~

~~- * allow SASL authentication to work with FQDN of the server,~~

~~- * but we use domain as fallback for when users enter IP address~~

~~- * in connect server */~~

~~- g_free(js->serverFQDN);~~

~~- if (g_hostname_is_ip_address(host)) {~~

~~- js->serverFQDN = g_strdup(domain);~~

~~- } else {~~

~~- js->serverFQDN = g_strdup(host);~~

~~- }~~

if (purple_proxy_connect(js->gc, purple_connection_get_account(js->gc),

host, port, jabber_login_callback, js->gc) == NULL) {

if (fatal_failure) {

~~--- a/libpurple/protocols/jabber/namespaces.h Mon Oct 28 22:41:37 2019 -0400~~

+++ b/libpurple/protocols/jabber/namespaces.h Sun Oct 27 14:28:20 2019 -0400

@@ -89,6 +89,9 @@

/* XEP-0231 BoB (Bits of Binary) */

#define NS_BOB "urn:xmpp:bob"

+/* XEP-0233 XMPP Server Registration for use with Kerberos V5 */

+#define NS_XMPP_SERVER_REGISTRATION "urn:xmpp:domain-based-name:1"

/* XEP-0237 Roster Versioning */

#define NS_ROSTER_VERSIONING "urn:xmpp:features:rosterver"