libpurple/protocols/jabber/auth_plain.c

   1 /*
   2  * purple - Jabber Protocol Plugin
   3  *
   4  * Purple is the legal property of its developers, whose names are too numerous
   5  * to list here.  Please refer to the COPYRIGHT file distributed with this
   6  * source distribution.
   7  *
   8  * This program is free software; you can redistribute it and/or modify
   9  * it under the terms of the GNU General Public License as published by
  10  * the Free Software Foundation; either version 2 of the License, or
  11  * (at your option) any later version.
  12  *
  13  * This program is distributed in the hope that it will be useful,
  14  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16  * GNU General Public License for more details.
  17  *
  18  * You should have received a copy of the GNU General Public License
  19  * along with this program; if not, write to the Free Software
  20  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02111-1301  USA
  21  *
  22  */
  23 #include "internal.h"
  24
  25 #include "account.h"
  26 #include "debug.h"
  27 #include "request.h"
  28 #include "util.h"
  29 #include "xmlnode.h"
  30
  31 #include "jabber.h"
  32 #include "auth.h"
  33
  34 static PurpleXmlNode *finish_plaintext_authentication(JabberStream *js)
  35 {
  36         PurpleXmlNode *auth;
  37         GString *response;
  38         gchar *enc_out;
  39
  40         auth = purple_xmlnode_new("auth");
  41         purple_xmlnode_set_namespace(auth, NS_XMPP_SASL);
  42
  43         purple_xmlnode_set_attrib(auth, "xmlns:ga", "http://www.google.com/talk/protocol/auth");
  44         purple_xmlnode_set_attrib(auth, "ga:client-uses-full-bind-result", "true");
  45
  46         response = g_string_new("");
  47         response = g_string_append_c(response, '\0');
  48         response = g_string_append(response, js->user->node);
  49         response = g_string_append_c(response, '\0');
  50         response = g_string_append(response,
  51                         purple_connection_get_password(js->gc));
  52
  53         enc_out = purple_base64_encode((guchar *)response->str, response->len);
  54
  55         purple_xmlnode_set_attrib(auth, "mechanism", "PLAIN");
  56         purple_xmlnode_insert_data(auth, enc_out, -1);
  57         g_free(enc_out);
  58         g_string_free(response, TRUE);
  59
  60         return auth;
  61 }
  62
  63 static void allow_plaintext_auth(PurpleAccount *account)
  64 {
  65         PurpleConnection *gc = purple_account_get_connection(account);
  66         JabberStream *js = purple_connection_get_protocol_data(gc);
  67         PurpleXmlNode *response;
  68
  69         purple_account_set_bool(account, "auth_plain_in_clear", TRUE);
  70
  71         response = finish_plaintext_authentication(js);
  72         jabber_send(js, response);
  73         purple_xmlnode_free(response);
  74 }
  75
  76 static void disallow_plaintext_auth(PurpleAccount *account)
  77 {
  78         purple_connection_error(purple_account_get_connection(account),
  79                 PURPLE_CONNECTION_ERROR_ENCRYPTION_ERROR,
  80                 _("Server requires plaintext authentication over an unencrypted stream"));
  81 }
  82
  83 static JabberSaslState
  84 jabber_plain_start(JabberStream *js, PurpleXmlNode *packet, PurpleXmlNode **response, char **error)
  85 {
  86         PurpleAccount *account = purple_connection_get_account(js->gc);
  87         char *msg;
  88
  89         if (jabber_stream_is_ssl(js) || purple_account_get_bool(account, "auth_plain_in_clear", FALSE)) {
  90                 *response = finish_plaintext_authentication(js);
  91                 return JABBER_SASL_STATE_OK;
  92         }
  93
  94         msg = g_strdup_printf(_("%s requires plaintext authentication over an unencrypted connection.  Allow this and continue authentication?"),
  95                         purple_account_get_username(account));
  96         purple_request_yes_no(js->gc, _("Plaintext Authentication"),
  97                         _("Plaintext Authentication"),
  98                         msg,
  99                         1,
 100                         purple_request_cpar_from_account(account),
 101                         account, allow_plaintext_auth, disallow_plaintext_auth);
 102         g_free(msg);
 103         return JABBER_SASL_STATE_CONTINUE;
 104 }
 105
 106 static JabberSaslMech plain_mech = {
 107         0, /* priority */
 108         "PLAIN", /* name */
 109         jabber_plain_start,
 110         NULL, /* handle_challenge */
 111         NULL, /* handle_success */
 112         NULL, /* handle_failure */
 113         NULL  /* dispose */
 114 };
 115
 116 JabberSaslMech *jabber_auth_get_plain_mech(void)
 117 {
 118         return &plain_mech;
 119 }